Snapchat among companies duped in tax-fraud scam

SAN FRANCISCO - Tax-filing season is turning into a nightmare for thousands of employees whose companies have been duped by email fraudsters.

See Full Article

A major phishing scheme has tricked several major companies - among them, the messaging service Snapchat and disk-drive maker Seagate Technology - into relinquishing tax documents that exposed their workers' incomes, addresses and Social Security numbers.

The scam, which involved fake emails purportedly sent by top company officials, convinced the companies involved to send out W-2 tax forms that are ideal for identity theft. For instance, W-2 data can easily be used to file bogus tax returns and claim fraudulent refunds.

The embarrassing breakdowns have prompted employers to apologize and offer free credit monitoring to employees. Such measures, however, won't necessarily shield unwitting victims from the headaches that typically follow identity theft.

"This mistake was caused by human error and lack of vigilance, and could have been prevented," Seagate's chief financial officer, Dave Morton, wrote in a March 4 email to the company's employees about the breach.

The swindlers behind the tax scam are exploiting human gullibility rather than weaknesses in computer or Internet security. They have targeted company payroll and personnel departments, in many instances with emails claiming to be requests from the company CEO asking for copies of worker W-2s.

The schemes are so widespread that the IRS sent a March 1 notice alerting employers' payroll departments of the spoofing emails. The agency said the scheme has so far claimed "several victims," but declined Tuesday to disclose how many other employers had reported releasing W-2s to unauthorized parties. The IRS said it's seen a 400 per cent increase in phishing and computer malware incidents this tax-filing season.

The federal alert didn't come soon enough for Snapchat, which on Feb. 28 revealed that its payroll department had been duped by an email impersonating its CEO, Evan Spiegel. The Los Angeles company didn't specify how many employee W-2s it released. Snapchat didn't respond to requests for comment Tuesday.

"When something like this happens, all you can do is own up to your mistake, take care of the people affected, and learn from what went wrong," Snapchat wrote in a post on its corporate blog .

Seagate acknowledged surrendering the W-2s for all of its current and former employees who worked at the company last year. The Cupertino, California, company said "several thousand" people were affected, but declined to be more precise. As of July last year, Seagate employed about 52,000 workers but all but 10,500 of them were based in Asia.

Both Snapchat and Seagate notified federal authorities about the phishing attacks and are offering affected workers two years of free credit monitoring.

It's unclear how many other employers have been sucked into the tax scam. Hundreds of companies appear to have been targeted, according to Stu Sjouwerman, CEO of KnowBe4, a Florida company that trains employers to detect and avoid such scams.

Phishing attacks commonly occur during holidays and other annual events, such as tax season, to prey upon people's routines, said Farih Orhan, director of technology at security firm Comodo. The attacks are becoming increasingly effective because they rely on powers of persuasion instead of an attachment or link that might raise suspicion, said Ed Jennings, chief operating officer at email security company Mimecast.

"It's just like someone who convinces you to hand over $20 on the street," Jennings said.

Sjouwerman said the W-2 seeking attacks are most likely are being sent by Eastern European hacker groups planning to sell the information or claim fraudulent tax refunds.

The most effective phishing attacks use emails decked in company logos and colours to reduce the chances of detection, Orhan said. It's relatively easy for con artists to pose as a CEO online, since they can quickly fetch convincing details from a Google search or a perusal of professional networking service LinkedIn.

That doesn't excuse payroll or personnel departments who reflexively acquiesce to requests in apparently legitimate email, experts say. For instance, Sjouwerman said his firm's controller received a phishing email that, at first glance, appeared to be sent by him. But the email asked the controller to "kindly prepare" employees' W-2s, a phrase that he never uses. Company employees were alert enough not to send out the W-2s.

Even without a red flag like that, payroll and personnel specialists should be trained well enough to question why a CEO needs to see individual worker W-2s in the first place.

"It's a case of: 'Oh, the boss wants it'," Sjouwerman said. "They stop thinking, 'Why would this be?"'

-----

AP Technology Writer Brandon Bailey contributed to this report.



Advertisements

Latest Economic News

  • Credit agency pushes feds to give it access to list of social insurance numbers

    Economic CTV News
    OTTAWA -- An international credit reporting agency is pushing the federal government to give it access to a monthly list of new social insurance numbers despite years of rejections over privacy concerns. TransUnion made the request anew earlier this year, shortly after Patty Hajdu became labour minister, to access the list that contains the range of social insurance numbers issued each month in various regions of the country. Source
  • Canadians set record with U.S. real estate shopping spree

    Economic CBC News
    New Brunswick's Joel Levesque had no idea he was helping set a record when he bought a home in Fort Myers, Fla., back in April. The 63-year-old semi-retired public affairs professional wanted a place to escape for the winter and didn't feel like waiting around for the loonie to gain ground on the greenback. Source
  • Debt got you down? Start a debt-destruction club

    Economic CBC News
    If you run, hide, or plug your ears every time the topic of money comes up, you're not alone. But as the era of ultra-low interest rates comes to an end, you need to force yourself to face your finances. Source
  • Ontario transit agency won't let Bombardier bid to operate commuter trains

    Economic CTV News
    MONTREAL -- Ontario's transit agency has decided not to appeal a court ruling favouring Bombardier but will exclude the Montreal-based company from bidding to continue operating GO Transit trains as it has done for decades. Source
  • Business groups blast Ontario labour proposals on last day of consultations

    Economic CTV News
    TORONTO -- Unions and advocacy groups made one last effort Friday to sway the Ontario government on its plan for sweeping changes to the province's labour laws, with some sounding the alarm about what they deem drastic measures and others arguing the proposal doesn't go far enough. Source
  • Marijuana companies band together to develop marketing guidelines

    Economic CTV News
    TORONTO -- Sixteen of Canada's licensed marijuana producers have enlisted the help of Advertising Standards Canada to develop guidelines on how the drug should be branded and promoted before its recreational use becomes legal next year. Source
  • Husky Energy set to repair pipeline that spilled crude into river a year ago

    Economic CTV News
    CALGARY -- Husky Energy (TSX:HSE) says it has been granted permission to repair and replace a section of pipeline that leaked 225,000 litres of crude in Saskatchewan just over a year ago. Chief executive Robert Peabody said that it will be applying lessons learned from the spill on the rebuild. Source
  • Ford says it will fight latest Takata recall

    Economic CTV News
    DETROIT -- Ford is fighting the latest expansion of the Takata air bag inflator recall. Earlier this month Takata filed documents with the U.S. government adding 2.7 million vehicles to the recall from Ford, Nissan and Mazda. Source
  • FedEx to close all Office Print and Ship Centres across Canada

    Economic CTV News
    FedEx Canada has announced that it will be closing all of its FedEx Office Print and Ship Centres, across Canada. All 24 centres, the manufacturing plant, and the head office in Toronto will close. Source
  • Car buying pushes retail sales up for third month in a row in May

    Economic CBC News
    Strong auto sector activity helped Canadian retail sales activity rise for a third straight month in May, climbing by 0.6 per cent to $48.9 billion, Statistics Canada said Friday. The monthly increase was double the consensus expectation of economists Source