Tax refund rip-off targets your W-2

Email phishing scam just hit Twinsburg
Posted at 9:54 PM, Feb 09, 2017
and last updated 2017-02-11 00:05:21-05

A tax refund rip-off, the IRS has been warning about, just hit hundreds of current and former city of Twinsburg employees.

Mayor Ted Yates told News 5 a city employee, replying to a fraudulent email, exposed W-2 forms for as many as 500 people. It happened last Friday.

Twinsburg reported the scam to the police and The IRS. They’re also offering credit monitoring to those affected.

It’s part of a sophisticated email phishing scam targeting human resources and payroll managers.

Michael Benich, research analyst with the Cleveland security firm Secure State, showed News 5 the software hackers use to create official-looking, but fake email accounts, designed to look like they’re coming from the boss. The email address might have a couple of letters misspelled and the subject will have some sort of demand for immediate action.

"They’re doing their homework. They’re pretending to be someone who is actually a real person,” Benich said. "Click the following link. Download the following program. Send the following files to me and get it done now. And most people are willing to do those things and that’s why it’s effective.”

Benich recommends those affected file their taxes right away.

“The longer that you wait to file your W2, the longer that a potential attacker might have to do that on your behalf,” Benich said.

If your W-2 appears to have been fraudulently filed, you should contact The IRS. The agency is asking those that spot fraudulent emails to contact them at