It's that time of the year again: Texas school district blabs staff tax documents to phishers

One person falls for scam, now everyone's at risk of fraud


A school district in Texas says it lost sensitive tax information from every worker after a single employee was duped by a phishing attack.

Dallas-Fort Worth news station NBC5 reports that the Argyle school district is warning its workers that their W-2 tax forms were lost in a phishing attack. (Workers in America have just started receiving their W-2 forms from their employers so they can complete their tax returns for the year.)

According to the news station, the breach was the result of one employee who received an email claiming to be from the district superintendent. The worker responded to the message and attached the W2-s of all district employees as requested.

The station says that the FBI and IRS have been notified and are investigating the incident, but so far they have not found the suspect. The school district says it will be offering all employees a year of free identity theft protection service.

It is believed that the W-2 forms will be used (or re-sold) for the purpose of filing fraudulent tax returns. Armed with the personal information on those forms (including worker social security numbers and salary information), criminals could potentially file fraudulent tax claims and then pocket the refunds for themselves.

Last year, a wave of fake returns was spotted following the loss of user account info from an IRS help website.

A similar wave of attacks last year was attributed to a break-in at payroll processing company ADP, and in 2015 a loss of accounting data was blamed for the loss of AU$9m from fraudulent returns. ®

Broader topics


Other stories you might like

  • Voicemail phishing emails steal Microsoft credentials
    As always, check that O365 login page is actually O365

    Someone is trying to steal people's Microsoft 365 and Outlook credentials by sending them phishing emails disguised as voicemail notifications.

    This email campaign was detected in May and is ongoing, according to researchers at Zscaler's ThreatLabz, and is similar to phishing messages sent a couple of years ago.

    This latest wave is aimed at US entities in a broad array of sectors, including software security, security solution providers, the military, healthcare and pharmaceuticals, and the manufacturing and shipping supply chain, the researchers wrote this month.

    Continue reading
  • Facebook phishing campaign nets millions in IDs and cash
    Hundreds of millions of stolen credentials and a cool $59 million

    An ongoing phishing campaign targeting Facebook users may have already netted hundreds of millions of credentials and a claimed $59 million, and it's only getting bigger.

    Identified by security researchers at phishing prevention company Pixm in late 2021, the campaign has only been running since the final quarter of last year, but has already proven incredibly successful. Just one landing page - out of around 400 Pixm found - got 2.7 million visitors in 2021, and has already tricked 8.5 million viewers into visiting it in 2022. 

    The flow of this phishing campaign isn't unique: Like many others targeting users on social media, the attack comes as a link sent via DM from a compromised account. That link performs a series of redirects, often through malvertising pages to rack up views and clicks, ultimately landing on a fake Facebook login page. That page, in turn, takes the victim to advert landing pages that generate additional revenue for the campaign's organizers. 

    Continue reading
  • Giant outsourcer keeps work from home, loses tax breaks. Government says 'good riddance'
    Philippines says subsidies inflate profits, not local economy

    The government of the Philippines has welcomed the decision by giant business process outsourcer Concentrix Corporation to forgo tax incentives and instead allow its staff to continue working from home for the foreseeable future. The nation feels that subsidising outsourcers' bottom lines does nothing to boost the local economy.

    The Philippines imposed lengthy and strict COVID-19 lockdowns that saw its substantial business process outsourcing sector quickly adapt to working from home. The nation's government supported that move by continuing to offer the pre-COVID subsidies it offered to outsourcers that run offices located in certain special economic zones.

    Those subsidies have subsequently been removed, and the requirement to operate from special economic zones restored.

    Continue reading
  • Zscaler bulks up AI, cloud, IoT in its zero-trust systems
    Focus emerges on workload security during its Zenith 2022 shindig

    Zscaler is growing the machine-learning capabilities of its zero-trust platform and expanding it into the public cloud and network edge, CEO Jay Chaudhry told devotees at a conference in Las Vegas today.

    Along with the AI advancements, Zscaler at its Zenith 2022 show in Sin City also announced greater integration of its technologies with Amazon Web Services, and a security management offering designed to enable infosec teams and developers to better detect risks in cloud-native applications.

    In addition, the biz also is putting a focus on the Internet of Things (IoT) and operational technology (OT) control systems as it addresses the security side of the network edge. Zscaler, for those not aware, makes products that securely connect devices, networks, and backend systems together, and provides the monitoring, controls, and cloud services an organization might need to manage all that.

    Continue reading
  • There are 24.6 billion pairs of credentials for sale on dark web
    Plus: Citrix ASM has some really bad bugs, and more

    In brief More than half of the 24.6 billion stolen credential pairs available for sale on the dark web were exposed in the past year, the Digital Shadows Research Team has found.

    Data recorded from last year reflected a 64 percent increase over 2020's total (Digital Shadows publishes the data every two years), which is a significant slowdown compared to the two years preceding 2020. Between 2018 and the year the pandemic broke out, the number of credentials for sale shot up by 300 percent, the report said. 

    Of the 24.6 billion credentials for sale, 6.7 billion of the pairs are unique, an increase of 1.7 billion over two years. This represents a 34 percent increase from 2020.

    Continue reading
  • Elasticsearch server with no password or encryption leaks a million records
    POS and online ordering vendor StoreHub offered free Asian info takeaways

    Researchers at security product recommendation service Safety Detectives claim they’ve found almost a million customer records wide open on an Elasticsearch server run by Malaysian point-of-sale software vendor StoreHub.

    Safety Detectives’ report states it found a StoreHub sever that stored unencrypted data and was not password protected. The security company’s researchers were therefore able to waltz in and access 1.7 billion records describing the affairs of nearly a million people, in a trove totalling over a terabyte.

    StoreHub’s wares offer point of sale and online ordering, and the vendor therefore stores data about businesses that run its product and individual buyers’ activities.

    Continue reading
  • Heineken says there’s no free beer, warns of phishing scam
    WhatsApp messages possibly the worst Father's Day present in the world

    There's no such thing as free beer for Father's Day — at least not from Heineken. The brewing giant confirmed that a contest circulating on WhatsApp, which promises a chance to win one of 5,000 coolers full of green-bottled lager, is a frothy fraud.

    "This is a scam. Thank you for highlighting it to us. Please don't click on links or forward any messages. Many thanks," the beermaker said in a tweet.

    The phony WhatsApp giveaway includes an image of a cooler of 18 Heinekens and a link to a website purporting to run the giveaway. That page asks visitors vying to bag free booze for their personal information, such as names, email addresses, and phone numbers, which is all collected by miscreants.

    Continue reading

Biting the hand that feeds IT © 1998–2022