According to HR Tech Outlook magazine review, Phishing scams has become very normal now. Each day, businesses are receiving a lot of mails in which most of the mails will be attached with
According to HR Tech Outlook magazine review, Phishing scams has become very normal now. Each day, businesses are receiving a lot of mails in which most of the mails will be attached with malware which can encrypt or delete your files and backups, and the scammer can have remote access to your system.
In a world where technology is constantly evolving, a number of internet threats are rising parallelly. With hackers continually chasing after consumer information to misuse, protecting customers’ confidential information is as important as protecting employees. Hackers can get access to customers’ private contact information and pictures from a stolen email address and use it to blackmail or fraud. To prevent any kind of data breach, companies should educate their employees about the common threats and how to avoid them since employees are the front line of security. Employees must be made aware of the signs of scams, including emails with spelling errors or with a sense of urgency, any attachment or link they are not expecting, etc. Practices such as locking systems whenever employees leaving the area and keeping complex passwords for their systems. Companies must protect their websites with antivirus and updated firewalls to keep away intrusions.
Why Scammers Target HR Team for Phishing?
Everyday HR teams are handling a lot of activities which mostly includes recruiting, employee benefits, payrolls, and has access to Personally Identifiable Information of contractors, employees and applicants. These data are so confidential that, when a hacker try to do cyber breach, they’ll directly target the HR team.
Even though email scams and phishing are always present, the threat will be abnormally high during the tax season. During this season, the employees and businesses are targeted for their W-2 scams.
Check out: HR Tech Outlook Magazine Review
Here’s how W-2 phishing scams occur:
- The scammer sends an email impersonating the CEO of the company. The email will be sent to HR employee or any staff member with the email subject as “urgent” or “ can you help me with this”.
- The mail is sent sent asking for the access to the employee’s W-2 form. They’ll ask for employee tax information to be sent over via email in a single file.
- Since the information is too confidential, the email tone will be very polite. To make it look real, they might add the reason as “Kindly send me the earning summary of all W-2 of our company staff for a quick review.”
- Since mail is sent from CEO, the HR or staff collects the details and emails them back without thinking further.
- This will be a easy win for the scammer. Generally it’ll take more than a week for a HR to realize that their data has been breached. The staff or HR who handed over the information without proper consent will be in trouble at the end.
What has to be done?
- No matter in what industry you are in, you ( mainly in Human Resources) are you’re entire staff should get trained to recognize a phishing email.
- Raise awareness among employees about W-2 scams and remind them more during the tax seasons.
- Whenever you receive a email asking for W-2 information, let your employer know about it. Never hand over the details without proper consent from your employer. If you receive the mail from CEO, better contact him directly to make sure that it’s legitimate.
- If you receive a scam mail and if you identify it as scam, forward the mail to firstname.lastname@example.org with subject line as “W-2 Scam.