About GTM | Household | Business | Benefits | Insurance

GTM 30 year logo
Login

518-373-4111

About GTM | Household | Business | Benefits | Insurance

phone
  518-373-4111
GTM logo
Login

Employees: Be on the Lookout for Business Email Scams

Mar 26, 2018

lookout for business email scamsEmployees always need to be on the lookout for email scams, but they can be more prevelant during tax season. Even an email from your CEO might be a phishing scam. For example, you received an email purportedly from your CEO requesting copies of employee payroll records. You checked with her, and she did not send this email. This is likely a phishing scam. Inform your IT staff immediately and do not respond to the email. You should also warn employees to be on the lookout for suspicious emails like this and remind them never to email sensitive employee information.

Last year, the IRS issued a warning about an emerging phishing email scheme that targets HR and payroll departments. The scammer purports to be a company executive and requests personal information about employees — often in the form of W-2s or payroll records. In other cases, they ask for a list of names, birth dates, home addresses, salaries, and social security numbers. The scammers then attempt to use the information to file fraudulent tax returns and engage in other criminal activity.

A successful scam can be a costly data breach with legal consequences for employers. For example, if an email account is hacked or accessed by an outside party, everything in the email account might be accessible to them. One of the best ways to protect your company from these sorts of scams is to have a policy and practice of never emailing sensitive employee information.

The language below may be an effective reminder:

“Employees should not under any circumstance email sensitive employee information such as W-2s, benefit enrollment forms, completed census forms, or anything with social security or credit card numbers. Email is inherently insecure, and scammers may pose as company executives or employees to steal information. If you receive a request to email any such sensitive information, do not respond to it. Instead, inform your manager immediately.”

Businesses are generally required to take reasonable precautions to protect personal information in their possession. In the event of a breach, many states require that notice be given to those whose information was compromised. This notice might need to include the cause and nature of the data breach as well as what protections are afforded to those affected.

Learn more about protecting your company data, and how GTM ensures client data stays secure with our audited management controls.

Free Guide to Help Recruit and Retain Employees

Companies of all sizes are experiencing a lot of recruitment and retention challenges in the employment landscape, and a better employee experience is one of the best ways to attract talent and keep workforces happy. Our guide to the Biggest HR Trends shows you the information you need to make smart HR decisions to grow your company and improve your employee experience this year.

Enter your information in the form below to download this free guide.

Subscribe to the Blog

The Weekly Business Payroll and HR Digest delivered to your inbox!

Pin It on Pinterest

Share This