Skip to main content

Guidance for employers affected by a W-2 phishing scheme

Cybercriminals, posing as company executives, are emailing payroll and HR professionals to request lists of employees and their personal information. These emails may appear legitimate because they contain, for example, the name of the company’s actual chief executive officer.

What actions should I take?

If you are an employer who has been a victim of this scam and, in response, released any payroll data, such as W-2 information and Social Security numbers, please take the following steps:

  1. Notify New York State immediately. Call the Wage Reporting Unit at 518-457-7105 with the following information at hand:
    • your business name;
    • your business EIN;
    • your business address;
    • the tax year for which the information was provided; and
    • the number of employees affected, whether current or prior employees.
  2. Notify the IRS and any other taxing jurisdictions where you report wages and withholding.

What happens next?

If your company has been affected by a scam, your employees’ returns will be subject to additional review to protect their information and stop questionable refunds.