Someone else might file your taxes if you don’t get to it. And they won’t be doing it as a favor; they’ll be doing it to steal your identity.
Here’s how it works:
- Cyber thieves send fraudulent e-mails to a business’s employees.
- The e-mails are designed to look like they came from the big wigs at the company.
- As a result, the targeted employees are tricked into revealing sensitive data about the company’s employees.
- The crooks end up with all this valuable data—enough to file phony tax returns.
- This ploy, called spear phishing, has already occurred to major companies.
Recently, the Mansueto Ventures company was hit by a spear phishing attack that singled out the employee payroll data. The hacker/s got ahold of the following employee information: Social Security number, name, address and income.
Employees have been notified, but how many of those employees have not yet filed their income tax returns? Of those, how many will be victims of identity theft because a hacker filed a tax return in their name as a result of obtaining the payroll data?
Again, get to your tax preparer ASAP, or if you normally file the return yourself, what are you waiting for?
Seagate is another company that got spear phished. The W-2 forms of its employees got into the hands of the thief or thieves. Apparently, the data of several thousand employees was stolen.
All it takes is one employee to get suckered into clicking the wrong e-mail. It’s possible for these e-mails to really, truly look like they came from a major decision maker from inside the company. A skilled hacker will carefully construct an e-mail that mimics company e-mail, complete with logo and company colors, and even the full name of the person he’s pretending to be. The e-mail may even address its recipient by name.
How does the thief get this information? It may all begin with the information he finds on a LinkedIn profile. Other bits and pieces may have been gathered off of Facebook or an online article about the person he’s impersonating, right down to that person’s nickname, making the fake e-mail look even more authentic, signing off with that person’s odd nickname.
Have you filed your tax return yet?