Tax season is not just a busy time for accountants – email scammers are working overtime as well.
One current scam that has been detected from Maine to Alaska is a W-2 email spoof, in which recipients receive a link to access their tax forms online.
“Malicious actors routinely target human resources professionals, certified public accountants, and individual employees with social engineering attacks during tax season in an effort to obtain copies of Internal Revenue Service Form W-2 (Wage and Tax Statement),” says attorney Alyssa Watzman for Constagny Law Firm Cyber Team. “Form W-2 contains the information that allows a malicious actor to file false tax returns and steal the refunds. Those who receive, process, or maintain copies of W-2s should be on the lookout for phishing emails and other types of social engineering attempts. Once the targets are identified, malicious actors ‘phish’ them by emailing them seemingly legitimate requests for information. In the case of a phishing exploit involving W-2s, the target responds as requested by providing copies of W-2 forms, and the malicious actor pulls the information and then electronically files fraudulent tax returns so he or she can steal the tax refunds.”
Your law practice has unique characteristics that identify it to the public and distinguish it from other firms. Are you maximizing those strengths? Are you blending all the disparate elements of your practice – experience, expertise, personnel, website, logo, font type, community involvement – into a clear, consistent and compelling law firm brand? Join us on March 29 at 12 noon CST for our one-hour CLE webinar Law Firm Branding: Practical Tips and Ethical Traps. You’ll learn the basics of branding, the relevant Rules of Professional Conduct on messaging, marketing and advertising, and best practices for compliance with the ADA and other laws. And you’ll learn how to clearly and concisely articulate who you are, what you do, and why you’re the right lawyer for the job. Yet another benefit of the Alta Pro Lawyers Risk Purchasing Group! Click here to register.
Give Your Law Firm a Free Phishing Readiness Test
“Email scammers can’t pass up a tried and true theme that is almost guaranteed to produce results,” says Stu Sjourerman, founder of cybersecurity firm KnowBe4. “And with W-2 forms being sent out, it marks the start of this year’s expected campaigns…. [An] email from ‘forms [at] 2022taxforms [dot] com’ (a spoofed email address) could fool an unsuspecting recipient who is currently in the process of filing taxes. The recipient clicks a link, provides an array of personal information (including their social security number) and becomes the newest victim of a phishing campaign.”
Free Phishing Self-Test
KnowBe4 offers a free phishing security test. Take the test and find out how secure your firm is. See how your office compares to other law firms. And get a “Phish-Prone Percentage” score to see how you stack up.
- Up to 100 users (no need to talk to anyone)
- Select from 20+ languages and customize the phishing test template based on your environment
- Choose the landing page your users see after they click
- Show users which red flags they missed, or a 404 page
- Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
- See how your organization compares to others in your industry
Do you practice in Wisconsin, Texas, Minnesota, Ohio, Illinois, Indiana or Michigan? Is your professional liability coverage managed through Alta Pro? If so, you’re automatically a member of the Alta Pro Risk Purchasing Group (RPG), which offers a wealth of benefits for your practice: free, cutting-edge CLE webinars featuring top experts tackling timely topics; the Pro Practice Playbook; the Pro Practice Blog; Reminger’s ProLink risk management assistance; Reminger’s Claim Repair Hotline; discounts on CLIO practice management software; tax savings on health insurance; and access to the Risk Pro, who can help keep your firm safe and successful. Register here and start enjoying your Alta Pro RPG benefits.