Skip to Main Content
Thought Leadership

Tax Season Is Prime Time for Email ‘Spoofing'



April 15, 2016
Legal Updates

Email “spoofing” involving requests for W-2 forms is running rampant this tax season, and a number of high-profile organizations have fallen victim to the crime. With purloined W-2 information in hand, the bad guys rush to submit fraudulent tax refund requests before the affected individuals can file legitimate tax returns. Undoing the resulting damage can be a financially and emotionally trying experience for all involved.


As the filing deadline of April 18 rapidly approaches, there has been a spike in the number of companies that receive forged emails asking for employee and W-2 information and that experience breaches when well-meaning employees are tricked into disclosing data. To help your organization spot these scams, here is a description of how they typically work:

  • The spoofing emails are masked to look as if they originate from a high-level executive within the organization (such as the CEO or CFO) and are often sent to someone in the human resources or payroll department. These individuals typically are identified from the company’s LinkedIn profile.
  • The text of the email says something such as, “Kindly send me a PDF containing the individual 2015 W-2 and earnings summaries of all employees of our company for a quick review,” or, “Please send me ASAP a copy of our employee wage and tax statements for 2015 in a PDF.”  

What This Means to You

To fend off these cyberattacks, it is key that personnel be educated about what to look for and how to report suspicious emails. For a further description of the spoofing scheme and its scope, see the recent IRS news release.

Contact Us

If you suspect your organization has been “spoofed” or have questions about other data breaches, please contact Jeffrey Jensen, Michael Norton, Peter Enko or another member of the Husch Blackwell Data Security team.


Peter J. Enko


Jeff Jensen