Tax season is here. That means threat actors, malware and social engineering attacks are too. If you’re looking to file your taxes earlier on, there’s a new phishing scam you need to be aware of.

This latest attack is impersonating ADP, one of the world’s leading payroll and HR firms. The following points summarize essential details regarding the tax-related scheme:

  • Criminals created an email notifying users that their W2 is ready early. 
  • The email mimics the branding and language of ADP and offers a website link to retrieve your tax documents early. DO NOT click on the link.
  • Victims that do fall for this trickery are directed to a spoofed ADP login page, or a fake website, where they can enter their ADP credentials.
  • Unbeknownst to the user, the cybercriminal can then leverage those credentials to log in and switch bank accounts for direct deposit. 
Phishing Scam, W-2 Phishing, ADP Scam

Threat actors can also gain access to personally identifiable information (PII), including birthdate, drivers’ license numbers, address, social security number, bank account details, credit card numbers, phone number, and more. All of this PII is stolen to be nefariously used as part of another identity theft scam. For example, criminals can employ PII to try to file for your taxes on your behalf. 

Every year around this time, cybercriminals ramp up phishing attacks and malicious scams to steal money or sensitive information. Advanced security awareness training can help prevent phishing attacks such as this latest ADP scam.

QuattroOne’s robust Cybersecurity Education offering helps clients eliminate poor security habits and teach cybersecurity best practices company-wide. By educating your team on the risks of social engineering and the current threat landscape, you reduce the probability they will engage with suspicious emails or fraudulent websites, mitigating the risk of a successful attack. 

For more information on QuattroOne’s Cybersecurity Services, visit here, or contact us.

Sourced partially from Sophos Naked Security Blog