It appears that the 2017 tax year is going to be exactly like 2016’s, if not worse, with cyberattacks targeting small to medium-size organizations.

Here is how the extremely simple process works:

• An HR department or their Payroll staff receives an email that appears to come from their CEO or CFO, requesting a digital copy of all of employees’ W-2s because they are currently filing their corporate tax return.
• Naturally, the individual replies and attaches the requested information.
• It’s then redirected to the lurking cybercriminal, who takes that information and files fraudulent tax returns for every one of the employees from the information that was conveniently provided to them.

Here is the scary part. These criminals have figured out not only how to steal tax information, but how to match the W-2 information with the tax returns prior to sending refunds — those bad guys can make their fake data match those W-2s.

Before you become a victim of one of these types of attacks, make sure your cyber insurance policies are not only current, but also accurate.

For further information on cyber insurance or if you have questions on this article, please call me, Julie Danna, at Danna-Gracey, at 850.530.3924 or email me at Julie@danna-gracey.com.