© 2024 Western New York Public Broadcasting Association

140 Lower Terrace
Buffalo, NY 14202

Mailing Address:
Horizons Plaza P.O. Box 1263
Buffalo, NY 14240-1263

Buffalo Toronto Public Media | Phone 716-845-7000
WBFO Newsroom | Phone: 716-845-7040
Your NPR Station
Play Live Radio
Next Up:
0:00 0:00
Available On Air Stations

New "phishing" scam sees hackers pose as CEOs

Harter Secrest & Emery

Tax season can turn into scam season by simply replying to a basic email request.

Picture this scenario: you work in a company's human resources office and receive an e-mail from your CEO or another high-level manager instructing you to forward personal information about employees. What should you do?

The Internal Revenue Service strongly urges you to check it out before sending any confidential information.  That's because tax season is turning into scam season. Cunning hackers have hatched a new scam that sees them pose as company managers in their quest to snare sensitive data, including social security numbers.

WBFO reached out to a data security expert for insights into the latest phishing scheme. Attorney F. Paul Greene of the law firm Harter Secrest & Emery said companies must remain vigilant.

"These hackers and scammers always look for the path of least resistance," Greene said.

The scheme is known as a "spoofing" email and often contains the actual name of the company CEO who appears to be asking for W-2 tax documents, earning summaries, social security numbers or other sensitive data.

Some of the fake emails have used wording such as: "I need them in PDF file type. You can send as an attachment. Kindly prepare the lists and email them to me asap."

While few people have any desire to question their bosses, experts say it's critical that people who have access to confidential data double-check with organization officials before distributing such information.

“One approach that we see that works very well is to instill a culture of security in the organization to empower folks all along the information chain to raise their hands and ask questions, Greene said.

He added that the latest ploy only proves that some cybercriminals are trying to stay one step ahead of their illicit game.

Born in Louisville, Kentucky, Thomas moved to Western New York at the age of 14. A graduate of Buffalo State College, he majored in Communications Studies and was part of the sports staff for WBNY. When not following his beloved University of Kentucky Wildcats and Boston Red Sox, Thomas enjoys coaching youth basketball, reading Tolkien novels and seeing live music.
Related Content
  • The viruses, spam and malware that have plagued desktop computers for years now increasingly threaten mobile smartphones, as well. More text messages now deliver scams and a growing number of malicious apps install spyware, target personal information and attempt to charge users hidden fees.
  • The FBI is hiring hundreds of hackers. It has a rule against hiring anyone who's smoked marijuana recently. But to get the best hacking candidates, it's rethinking its pot policy.
  • Advocates say tools that cloak online identities are needed to protect activists. Prosecutors say they hinder efforts to police all kinds of crime, from child pornography to illegal gun sales.