Tax Phishing Scams Targeting Professional Employer Organizations (PEO)

By Craig Babigian

Professional employer organizations are being targeted by scammers.

If you’re providing employee self service technology, or assisting any business with financial and compliance help, make sure to beware of scammers and fraudulent activity.

According to Bloomberg BNA, although the Internal Revenue Service (IRS) has increased its efforts to prevent fraud and attacks on personal tax information, scammers are staying one step ahead, as they increase their tactics as well.

“As we’ve made progress, criminals have redoubled their efforts,” says Tamara Powell, program manager in the IRS wage and investment group. “They need even more personal information to impersonate the taxpayer.”

Powell recently spoke at the American Payroll Association’s annual Capital Summit where she and other industry leaders stressed the importance of combating fraud and protecting personal information in regards to employee self service.

As she addressed the PEOs attending the annual summit, Powell stated that the reason scammers have stepped up their fraudulent efforts is because taxpayers and the IRS alike have placed a stronger emphasis on security and protection.

“This has made you targets for criminals,” added Powell.

There are currently 1.1 million companies in the U.S. that have between 10 and 99 employees, which represents the target market for the majority of PEOs, and no matter how strong the personal and financial protection becomes, these businesses should remain skeptical of scammers.

HR service providers should be extremely careful around tax season, but just because April 18 has passed, doesn’t mean anyone should let their guard down.

Throughout 2016, the IRS found that 300,000 W-2 Forms were compromised from an email phishing scam.

“Usually the type of scam that we see is some form of email saying ‘You have a tax return waiting, please send up your W-2,’ and then [they] collect the W-2 and resell it in the criminal underground,” said Etay Maor, senior fraud prevention strategist with IBM Security.

CNBC reports that the IRS can usually tell if a group of W-2 forms have been compromised, as long as they are being filed on the same computer that’s being tracked.

If you’re assisting businesses and individuals with employee self service technology, make sure to pay attention to any fraudulent activity going on around tax season and throughout the rest of the year. Contact PrismHR if you want to learn more about software specifically designed for HR service providers.