During this tax season, many small business owners may be exposed to an unanticipated risk of employee identity theft. This excerpt from the article below outlines what small businesses can look out for, to protect their employees, leaders, and the business itself.

[Business] Owners need to be sure that anyone with access to employee records including W-2s understands that they shouldn’t send the forms or staffer information to anyone without checking to be sure this isn’t an attempted scam. The IRS also wants companies to report W-2 scam emails to the agency, and it also wants to know if anyone has become a victim. For more information, visit the IRS website, www.irs.gov , and search for “Form W-2/SSN Data Theft: Information for Businesses and Payroll Service Providers.”

The IRS also warns all taxpayers about emails that look like they’re coming from the agency but that are phishing attempts aimed at getting harmful software into a PC or a server. The emails might say that the taxpayer has a refund waiting at the IRS, or that the agency needs more information from the taxpayer. There’s likely to be a link or an attachment that the reader of the email is supposed to click on–and that’s how thieves and hackers gain entry to a computer.

The IRS does not initiate contact with taxpayers by email, text messages or social media; it sends letters by U.S. mail. Company owners and their employees need to be on guard against all kinds of phishing scams, and no one should ever click on a link or attachment until they’re completely sure the email is legitimate. And if an email says it’s from the IRS, it’s not.
Source: Joyce Rosenberg, AP Business, Inc. Magazine online