They want a copy of your W-2 tax form? Who’s asking?

Tax-fraud season is like the flu. It comes around each year, and you need to take extra precautions when the risk is high.

From now through the tax-filing deadline in April, the risk is high.

“We don’t know what the scams are going to look like this year,” says an advisory from the University of California Systemwide Information Security Office, “but expect attackers will only get craftier.”

UC offers this advice to anyone at UC Davis who receives a W-2 earnings statement from the university:

  • To access your W-2 statement, go directly to UC Davis’ At Your Service Online (AYSO) instead of clicking on a link in an email.
  • Use known contact information to verify any request for W-2 or other tax information, even if it looks like it’s from someone you know.

In 2016, UC was the target of sophisticated scams that “primarily came in two forms”:

  • Extremely authentic looking emails impersonating UC communications about how to access your W-2 statement. They contained a harmful link designed to steal passwords and personal information.
  • Emails directed to financial and payroll employees requesting copies of employee W-2s. These emails looked like they were from executive management, such as the UC president, the campus chancellor or executive vice chancellor, or the head of Financial Affairs, and requested copies of employee W-2s for review purposes. See this IRS alert from last year.

For more information, see UC’s article “Protect Yourself from Tax Fraud.” For an example of how these frauds work, in a case that targeted an Illinois university, see “Chicago Man Pleads Guilty to Fraud Conspiracy; False Tax Returns Filed for Refunds.”