Tax season sees rise in W-2 fraud scams, exploiting finance departments' heightened stress and with attacks increasing by over 130%. Scammers pose as executives, requesting W-2s from finance and HR departments using spoofed emails and social engineering. If successful, the hacker sells stolen W-2s or uses for identity theft. Spear-phishing, one form of these attacks, resulted in $2.7 billion losses last year. To protect against these attacks, organizations should refrain from publishing private info online, check for email spoofing, use alternative means to confirm requests' authenticity, adopt email authentication protocols, implement multi-factor authentication, and fortify email security with advanced tools like NLP.
