Snapchat among companies duped in tax-fraud scam

SAN FRANCISCO - Tax-filing season is turning into a nightmare for thousands of employees whose companies have been duped by email fraudsters.

See Full Article

A major phishing scheme has tricked several major companies - among them, the messaging service Snapchat and disk-drive maker Seagate Technology - into relinquishing tax documents that exposed their workers' incomes, addresses and Social Security numbers.

The scam, which involved fake emails purportedly sent by top company officials, convinced the companies involved to send out W-2 tax forms that are ideal for identity theft. For instance, W-2 data can easily be used to file bogus tax returns and claim fraudulent refunds.

The embarrassing breakdowns have prompted employers to apologize and offer free credit monitoring to employees. Such measures, however, won't necessarily shield unwitting victims from the headaches that typically follow identity theft.

"This mistake was caused by human error and lack of vigilance, and could have been prevented," Seagate's chief financial officer, Dave Morton, wrote in a March 4 email to the company's employees about the breach.

The swindlers behind the tax scam are exploiting human gullibility rather than weaknesses in computer or Internet security. They have targeted company payroll and personnel departments, in many instances with emails claiming to be requests from the company CEO asking for copies of worker W-2s.

The schemes are so widespread that the IRS sent a March 1 notice alerting employers' payroll departments of the spoofing emails. The agency said the scheme has so far claimed "several victims," but declined Tuesday to disclose how many other employers had reported releasing W-2s to unauthorized parties. The IRS said it's seen a 400 per cent increase in phishing and computer malware incidents this tax-filing season.

The federal alert didn't come soon enough for Snapchat, which on Feb. 28 revealed that its payroll department had been duped by an email impersonating its CEO, Evan Spiegel. The Los Angeles company didn't specify how many employee W-2s it released. Snapchat didn't respond to requests for comment Tuesday.

"When something like this happens, all you can do is own up to your mistake, take care of the people affected, and learn from what went wrong," Snapchat wrote in a post on its corporate blog .

Seagate acknowledged surrendering the W-2s for all of its current and former employees who worked at the company last year. The Cupertino, California, company said "several thousand" people were affected, but declined to be more precise. As of July last year, Seagate employed about 52,000 workers but all but 10,500 of them were based in Asia.

Both Snapchat and Seagate notified federal authorities about the phishing attacks and are offering affected workers two years of free credit monitoring.

It's unclear how many other employers have been sucked into the tax scam. Hundreds of companies appear to have been targeted, according to Stu Sjouwerman, CEO of KnowBe4, a Florida company that trains employers to detect and avoid such scams.

Phishing attacks commonly occur during holidays and other annual events, such as tax season, to prey upon people's routines, said Farih Orhan, director of technology at security firm Comodo. The attacks are becoming increasingly effective because they rely on powers of persuasion instead of an attachment or link that might raise suspicion, said Ed Jennings, chief operating officer at email security company Mimecast.

"It's just like someone who convinces you to hand over $20 on the street," Jennings said.

Sjouwerman said the W-2 seeking attacks are most likely are being sent by Eastern European hacker groups planning to sell the information or claim fraudulent tax refunds.

The most effective phishing attacks use emails decked in company logos and colours to reduce the chances of detection, Orhan said. It's relatively easy for con artists to pose as a CEO online, since they can quickly fetch convincing details from a Google search or a perusal of professional networking service LinkedIn.

That doesn't excuse payroll or personnel departments who reflexively acquiesce to requests in apparently legitimate email, experts say. For instance, Sjouwerman said his firm's controller received a phishing email that, at first glance, appeared to be sent by him. But the email asked the controller to "kindly prepare" employees' W-2s, a phrase that he never uses. Company employees were alert enough not to send out the W-2s.

Even without a red flag like that, payroll and personnel specialists should be trained well enough to question why a CEO needs to see individual worker W-2s in the first place.

"It's a case of: 'Oh, the boss wants it'," Sjouwerman said. "They stop thinking, 'Why would this be?"'

-----

AP Technology Writer Brandon Bailey contributed to this report.



Advertisements

Latest Economic News

  • Why do you need a pet insurance, right here, right now

    Economic 24news
    Many Canadians would consider their pets as a part of their immediate, granular, family. Although some professionals think it’s not healthy, that’s the way life is in the twenty first century; There is a steep decline in the birth rate globally, with Japan leading the pack, and pets are filling in the void.
  • Rogers sales tactics and the 'Tide pod challenge': CBC's Marketplace consumer cheat sheet

    Economic CBC News
    Miss something this week? Don't panic. CBC's Marketplace rounds up the consumer and health news you need. Want this in your inbox? Get the Marketplace newsletter every Friday. Rogers employees reveal sales pressures A number of Rogers employees have come forward about how they are coached to upsell customers. Source
  • Macron says U.K. can't keep full access to E.U. post-Brexit

    Economic CTV News
    LONDON -- French President Emmanuel Macron has suggested that Britain is likely to negotiate a unique relationship with the European Union before it leaves the bloc next year, while stressing that any agreement must be consistent with EU rules. Source
  • Retrofitting suburbia: Old shopping malls can be saved by their parking lots

    Economic CBC News
    Aging shopping centres, built decades ago as beacons of fashion and free parking on the suburban fringe, are gradually becoming relics on a sea of inner-city asphalt. But rather than tinker at the margins to squeeze the last nickels out of old stores, some retailers are doing something dramatic with their biggest asset: land. Source
  • Want to understand the problems with minimum wage? Talk to people who earn it

    Economic CBC News
    There are more than a million Canadians who work minimum wage jobs — they make up 8 per cent of the country's salaried employees. The hourly rate they earn varies across the country, from a low of $10.85 in Nova Scotia, to Alberta where the minimum wage is set to increase to $15 in October 2018. Source
  • Tahoe Resources denies water contamination near its Peru gold mine

    Economic CTV News
    Vancouver-based Tahoe Resources Inc. says reports that heavy rains caused a leach pond at its Shahuindo gold mine in Peru to overflow and cause rainwater contamination are untrue. Tahoe says central Peru is experiencing exceptionally heavy rains, causing wide-spread flooding and mudslides throughout the region. Source
  • Lawsuit launched against obituary website alleges copyright infringement

    Economic CTV News
    ST. JOHN'S, N.L. - A lawyer in Newfoundland and Labrador is bringing a class-action suit against a website that collects obituaries and reposts them. The statement of claim, which has not been proven in court, alleges that the site managed by Afterlife Network Inc. Source
  • Amazon hikes monthly Prime membership price — but not in Canada

    Economic CBC News
    Amazon is hiking the monthly fee it charges its U.S. customers for Prime membership, but the change won't impact Canadians who all pay by the year. The online retailer announced Friday that starting immediately, new customers would be charged $12.99 US a month, up from $10.99 US previously. Source
  • CLC accuses Unifor of leaving lobby group to raid another union

    Economic CBC News
    The head of the Canadian Labour Congress is accusing Unifor of raiding another union for members after it severed ties with the national lobby group for the country's labour movement. Unite Here Local 75, which represents hundreds of hotel workers in Toronto and Mississauga, Ont. Source
  • SEC letter shows bitcoin funds won't happen soon, if ever

    Economic CTV News
    NEW YORK -- It may be a while, if ever, before investors can buy an exchange-traded fund made up of bitcoin and other digital currencies. Federal regulators have a long list of questions they want answered before they'll approve a digital currency fund for Main Street investors. Source