Skip to main content

Part of UT Health San Antonio

Information Security - UT Health Science Center San Antonio - UT Health San AntonioInformation Security - UT Health Science Center San Antonio - UT Health Science Center San Antonio

Part of UT Health San Antonio

Quicklinks

Services & Solutions

  • Request E-mail Account
  • Request Voicemail delivery to your email
  • Password Reset
  • VPN (Secure Remote Access)
  • Wireless Support
  • Guest WiFi
  • Telephone Support
  • Forms
  • Policies & Procedures

Information Management Services (IMS)

  • IMS Home
  • Other IMS Services
  • About IMS

 Close Quicklinks

Menu
  • Information Security
  • Policy and Procedure
  • Hardware Security
  • Software Security
  • E-mail and Passwords

You are here

  • Home
  • W-2 Phishing Scams Spread During Tax Season

W-2 Phishing Scams Spread During Tax Season

The IRS and Multi-State Information Sharing and Analysis Center (MS-ISAC) has issued a nationwide alert of W-2 phishing scams now spreading to schools, restaurants, hospitals, tribal groups, and nonprofits during this tax season. The W-2 phishing scam seeks to deceitfully acquire sensitive W-2 information for identity theft and/or filing fraudulent tax returns. Reports of data breaches in the first quarter of 2017 already exceeds 80% of the total number of data breaches reported in 2016 due to the substantial increase in the number of successful W-2 phishing scams.

How the W-2 Phishing Scam works

W-2 phishing emails deceptively appear to be from a member of the organization’s executive leadership team and are sent to departments that include but are not limited to: payroll, finance, or human resources. The email typically requests for W-2 forms and/or a list of employees’ Social Security number, salary, and home address. If the scam is successful, it can result in large-scale theft of sensitive employee information used to commit various crimes like filing fraudulent tax returns.

Best Practices for Email Requesting Financial or Sensitive Data

  • Verify the identity of the email sender by contacting them over the phone or by other non-email channels to confirm that the email is valid.
  • Hover to discover if the email is going to the correct person. The true recipient of an email can often be verified by hovering the mouse over the address in the email header.
  • Reply through a new email, and not by hitting the “reply” button, which helps to prevent successful spoofing attacks.

Next Steps if you Receive a W-2 Phishing Scam

If you suspect that you have received a W-2 email scam, immediately follow these steps:

Outlook for Windows

  1. Go to your inbox.
  2. Click ONCE on the suspicious email and press "Ctrl-Alt-f".
  3. A new blank message will open with the original as an attachment; address it to spam@uthscsa.edu and press "Send".

Outlook for Mac 2016

  1. Go to your inbox.
  2. Click ONCE on the suspicious email.
  3. Make sure the Home tab is selected, then click the Attachment button.
  4. A new blank message will open with the original as an attachment; address it to spam@uthscsa.edu and press "Send".

To learn more about how to identify, prevent, or recover from phishing scams, visit the Phishing Prevention page.

For further information, contact Information Security by email at infosec@uthscsa.edu or by phone at 210-567-0707.

Additional Resources

Phishing Prevention

The Phish Bowl - Anti-Phishing Awareness

Federal Trade Commission Scam Alerts

Information Security Department

7703 Floyd Curl Drive
San Antonio, TX 78229

210-567-0707

  • Contact us
  • Maps & directions
  • Job openings
We make lives better ®

The University of Texas Health Science Center at San Antonio, also called UT Health San Antonio, is a leading academic health center with a mission to make lives better through excellence in advanced academics, life-saving research and comprehensive clinical care including health, dental and cancer services.

Web Privacy | Links from websites affiliated with The University of Texas Health Science Center at San Antonio's website (uthscsa.edu) to other websites do not constitute or imply university endorsement of those sites, their content, or products and services associated with those sites. The content on this website is intended to be used for informational purposes only. Health information on this site is not meant to be used to diagnose or treat conditions. Consult a health care provider if you are in need of treatment.