Don’t Fall Victim to Scammers This Tax Season—Helpful Tips for Business Owners

With 2018 coming to a close and the 2019 tax season looming, now is a good time to review your organization’s cybersecurity policies and procedures and ensure that all of your employees are up to speed on current cybercrime tactics.

In recent years, a particularly popular scam involves cyber criminals who use sophisticated social engineering methods to trick business employees into providing W-2 information. In turn, the scammers use the information to file fraudulent tax returns. Other common scams include impersonating the IRS (via email or phone), impersonating state accounting or professional associations, phishing emails, and ransomware schemes.

We strongly recommend that you take the time to review cyber-safety policies and procedures with your employees in order to safeguard your business. Be sure to include the following:

  • Emphasize a “Think Before You Click” policy – Encourage your employees to double-check for suspicious email content before following any embedded links or downloading any attachments.
  • Educate employees about the marks of a typical phishing email – W-2 phishing emails often appear to be sent from a high-level executive and generally ask for tax information to be emailed or uploaded.
  • Encourage the practice of seeking verbal confirmation – Urge your employees to confirm any emails containing requests for sensitive data in person or via phone call in order to verify the authenticity of the requests.

Taking the time to make sure your employees are aware of the critical roles they play in protecting your organization’s data can go a long way in preventing you from falling victim to cyber-crime.

If you receive a suspect email but do not fall victim to the scam, forward the email to [email protected]; in the event of a W-2 theft, be sure to report the loss to [email protected].  For an extensive list of common tax scams, visit