Posted 1 year ago - by

Attention HR Departments: Beware of Phishing Scams

The internet can be a powerful but scary tool. With technology constantly advancing, our way of communication has improved over the years. (Ah, gone are the days of carrier pigeons!)

But with the development of this new tech, undoubtedly, new dangers continue to develop as well. The most common danger: hackers and scammers, and the methods they use in order to intercept information from businesses and individuals.

The IRS released several alerts regarding highly sophisticated phishing scams that have been giving rise over the past 5 years. However, a record breaking 60% increase in email related scams occurred in 2018. HR and Tax departments of companies are a prime target, since they are privy to the most confidential information! Although we advise being skeptical of suspicious emails year-round, businesses can be more susceptible during holiday and tax seasons.

Phishing 101

First, what is phishing? As defined, “a cybercrime in which a target or targets are contacted via email, telephone, or text message by someone posing as a legitimate and reputable institution or person in order to persuade individuals to reveal personally identifiable information, banking and credit card details, and passwords.”

In other words, you may receive an email, phone call, or text message from someone that could be posing as a coworker, a boss, a friend, a family member, even the IRS, asking for sensitive information.

When this happens to businesses, it is referred to as a business email compromise/business email spoofing (BEC/BES).

Email Scams to Look Out For

  1. Emails requesting a bank account change for payroll direct deposit
  2. Emails requesting wire transfers into a bank account
  3. Emails requesting copies of W-2s to intercept employee information (names, addresses, and SSNs)

These emails are generally impersonating a real company employee, often an executive, and are sent to payroll or the appropriate HR personnel who would be able to authorize the release of that information. For scenarios 1 and 2 above, the thief posing as the employee/executive will provide the new bank account information making it a seamless crime.

Although HR departments are a prime target due to their access to sensitive data, there is no real target industry or type of employer that hackers/scammers are contacting. This is relevant to all types of businesses whether you manage or own a hotel, restaurant, medical practice, construction company, etc.

How to Detect BEC/BES

You might be questioning how to tell if the email you receive is false. Don’t worry – there are several subtle clues to look out for. Make sure to read the email carefully before following through with the request. Often, email scams contain grammar and spelling mistakes within the body.  

For examples of what BEC/BES may look like when they land in your inbox, check out the IRS alert here.

If a scammer has been able to compromise an executive’s email account, the domain would look almost identical. A spoofed email domain could look like any of the following:

  • … instead of … (rearranged letters)
  • … instead of … (underscore instead of a hyphen)
  • There has been a letter replacement: “m” with an “r” and an “n” – or

You can also hover over links within the body of the email, if any, to verify whether the URLs are safe before clicking. Usually, if the website is unrecognizable or if the “http” lacks an “s” – “http://” vs “https://”, this may be a cause for concern.

If you notice any of these subtle clues, refrain from clicking any links or responding, and notify the sender through different means to confirm whether they sent you the email.

What to do Upon Identifying a BEC/BES Email

  • Forward non-tax related BEC/BES email scams to the Internal Crime Compliant Center (IC3) – monitored by the FBI
  • Forward tax-related phishing emails to – monitored by IRS cybersecurity professionals
  • If you are an employer impacted by the W-2 scam, forward the email to
  • If you are an employer who received a form W-2 scam, but you did not click or respond to the email, for that email to

For other preventative steps to take when it comes to email communication, read our blog on email encryption.

Related Posts

Bay Area Cities enact their own COVID-19 legislation.

Since the enactment of The Families First Coronavirus Response Act (FFCRA), we have seen cities adopt their own ordinances in response to the federal mandate San Jose announced theirs on April 7th,...


Workforce Management during COVID-19: Hiring and Onboarding Best Practices

The reconfigured working arrangements across industries due to the coronavirus has challenged workforce management to adapt, and eventually thrive One area of workforce management that requires a...


California Now on Stage 2 of Resilience Roadmap toward State Reopening

The State of California has updated its Resilience Roadmap page to announce its progress to “early Stage 2” of the 4 stages of reopening STAGE 1 Safety and preparedness STAGE 2 Lower-risk...


Work sharing programs-What it means and what it does.

As shelter-in-place mandates continue to be extended, an increasing amount of people are finding themselves out of a job Unemployment and the effects that it has on both employees and employers has...


How Can Workforce Management Accommodate Workers At Risk of Coronavirus?

Workforce management and HR leaders accommodating workers at risk for severe coronavirus-related illness can now refer to the Equal Employment Opportunity Commission’s updated guidance on COVID-19...


8 Payroll Management Optimization Strategies You Should Be Taking Seriously

Payroll is serious business That’s why you need to take a good, long look at your company’s payroll management to see how you can fine-tune it Here are the steps you can take toward truly...


This article provides general information and shouldn’t be construed as legal or HR advice. Since employment laws may change over time and can vary by location and industry, please consult a lawyer or HR expert for advice specific to your business. You can also contact Payroll Systems to inquire about our HR support services.