Don’t be caught in an identity thief’s net this year…never share tax or payroll information without verbal confirmation.

Who Is It Targeting: Employees at various businesses

What Is It: A scammer pretends to be someone higher up

What Are They After: This was one of the more popular scams last year, with more than fifty major corporate boss phishing attacks in just the first three months of 2016. The Internal Revenue Service has already issued a warning for this year, informing companies about the dangers of releasing their sensitive records due to an email that appeared to come from someone higher up in the company.

Boss phishing happens when an employee receives an email or text message that appears to come from a manager, supervisor, or even the CEO, asking for things like W2 forms on everyone in the company. Another popular scam is to tell someone to change account numbers, move funds from one company account into this “new” account, or to release the passwords on those accounts.

How Can You Avoid It:

  • Never share information from an emailed request without getting a verbal confirmation.
  • W2 forms, payroll records, company account numbers, and even passwords should never be altered or shared just because someone sent an electronic message.

For full details of this scam check out this article from Los Alamos Daily Post.


If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App.

1 reply

Trackbacks & Pingbacks

  1. […] to mimic, then contact someone within the company while posing as that executive. Unfortunately, “boss phishing,” as this is known, is so easy a middle schooler could do it. It simply means making a fake email […]

Comments are closed.