IRS Warns of Tax Information for Sale on the Darknet Through W-2 Fraud

On August 15, the tax industry, including the Internal Revenue Service, warned of an increase of W-2 scans that targeted employees. This, or tax fraud in general, is not a new addition to any of the modernized forms of fraud or identity theft. And as of the past few years, one of the fears of data theft is that the stolen data will end up for sale on darknet markets and forums. The actual identity fraud or tax fraud with the stolen information poses the greatest threat as there is no fear of theft without it.

According to the IRS, a scam called a “business email compromise” (BEC) had increased in frequency since inception, topping the charts in 2017. From a tax management perspective, these emails are potentially the most destructive. “A business email compromise occurs when a cybercriminal is able to “spoof” or impersonate a company or organization executive’s email address and target a payroll, financial or human resources employee with a request,” the IRS said. “For example, fraudsters will try to trick an employee to transfer funds into a specified account or request a list of all employees and their Forms W-2.”


This warning came as “Step 6” of the IRS’s “Don’t Take the Bait” series. The series, in turn, is part of the “Protect Your Clients, Protect Yourself” campaign. It encourages tax professionals to “increase their computer security” and employ caution when checking their email. These professionals, the IRS warned, “must remember that they have not just an obligation but a legal requirement under federal law to protect taxpayer information.”

BEC scams had circulated various financial sectors for years, but the IRS only warned of the W-2 scam in 2016. The BEC scam expanded as rapidly as it did due to the numerous methods of profiting from the stolen information. Scammers often immediately filled taxes on the victim’s behalf, delaying detection for months. The scammers also sold the victim’s information on the darknet, the IRS revealed. This practice is increasing in popularity.


“These are incredibly tricky schemes that can be devastating to a tax professional or business,” IRS Commissioner John Koskinen reported. “Cybercriminals target people with access to sensitive information, and they cleverly disguise their effort through an official-looking email request.”

According to an FBI announcement from early 2017, this type of scam increased 1,300 percent since January 2015. Additionally, it has been connected to more than $3,000,000,000 in fraudulent wire transfers. The Bureau discovered that the majority of the scammers are part of both national and international organized crime groups that stretch across more than 100 countries.


Collecting, translating, producing, and disseminating open source information that meets the needs of policymakers, the military, state and local law enforcement, operations officers, and analysts through-out Governments.
This entry was posted in CYBER CRIME, Uncategorized and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s