fraud attacks

Warning: These fraud attacks are wreaking havoc on education

Colleges, school districts become latest victims in W-2 fraud attacks—here’s how to stay safe.

On March 14, it was reported in CSO (a leading cybersecurity outlet) that 110 organizations experiences successful phishing attacks targeting their W-2 records. This put more than 120,000 taxpayers at risk for identity fraud.  Despite warnings from the IRS in early February, employees continue to fall victim to the bad guys’ ploys.

This wildly successful phishing scheme works like this: malicious actors spoof (or pretend to be) the CEO or President of a company and email a CFO or similarly positioned employee to request copies of all employees’ W-2 forms. The employee falls victim to the fake email, shares confidential information and the damage is immediately done.

W-2 Fraud attacks are particularly dangerous because of the ongoing fall out. In fact, IRS Commissioner, John Koskinen wrote in a statement, “This is one of the most dangerous email phishing scams we’ve seen in a long time. It can result in the large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns.”

Fraud in Education

So why should education care? While once a problem isolated only in the corporate world, cybercriminals have extended their target base to target a wider range of organizations than ever before. Among the 110 victim organizations, many were schools: Northwestern College, The College of Southern Idaho, Daytona State, Groton School District in Connecticut, Redmond School District in Oregon, Yukon Public Schools in Oklahoma. This is only a sampling, but underscores that no entity is off-limits and that educational institutions need to take precautions to protect themselves.

Regardless of size, geographical region, level of education (secondary and higher ed), we’re seeing school employees across the board fall victim.

(Next page: How institutions and schools can protect against W-2 fraud)

"(Required)" indicates required fields