March 2, 2018

Be wary as tax season may bring phishing attempts

W2 Form
Shutterstock

Shutterstock

Information Technology Services reminds the university community to be wary of phishing attempts, particularly as the tax filing deadline nears.

This is specifically an issue as personally identifiable information is transferred through W-2s and other tax-related business.

The Internet Crime Complaint Center issued an alert Feb. 21 due to an increase in W-2-related phishing campaigns.

Attackers often use tax-related phishing emails to lure victims into providing personally identifiable information, clicking on malicious links or paying a ransom. According to the alert, attackers commonly impersonate an executive through a compromised or spoofed email in an attempt to obtain W-2 information from human resource professionals from the same organization.

While criminals have focused their attacks on mass data thefts, they may still target individual taxpayers.

The alert noted that the Internal Revenue Service does not initiate contact with taxpayers via email, text messages or social media channels to request personal or financial information. Any contact from the IRS will be in response to a contact initiated by a taxpayer. Criminals, when they learn of a new federal tax process, often create false websites and IRS impersonation emails.

Students, faculty and staff should also be aware that the university will never ask for login or passwords or other personal information.

For more information, or to report a security issue, contact the Office of Cybersecurity and Identity at its-sec@nebraska.edu.

For more information, see the official IC3 alert.