BLOG

 
W-2 stolen from Snapchat Social Engineering

WHAT SNAPCHAT’S W-2 LEAK MEANS FOR YOUR BUSINESS

21 Jun 2016, by Jennifer Rossi in Cyber Security For Businesses

WHAT HAPPENED?

A Sample Of A Widely Distributed Email That Had Been Received Around The Time Of The Data Leak:

(Target’s Name)

I want you to send me the list of W-2 copy of employees wage and tax statement for 2015, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me asap.

(Signed Your Boss)

On February 28, 2016 an employee in Snapchat’s payroll department received an email that was impersonating its CEO, Evan Spiegel. Approximately 700 W-2 records of current and former employees were released.

The individuals behind the scam are exploiting human gullibility, rather than deficiencies in software or hardware weaknesses. So rather than forcing their way into computer networks, which is difficult and time-consuming, scammers are using social engineering tactics on employees. The information needed to start such a scam is usually easily accessible via websites like LinkedIn, Twitter, Facebook, company websites, personal resume websites, and services.

Other Similar Stories

The Dave Morton, CFO of Seagate a digital device manufacturer, reported to employees in an email on March 4th 2016 that they had been targeted and released the same sensitive information to the scammers.  “This mistake was caused by human error and lack of vigilance, and could have been prevented”, reads the email. 2,500 W-2s were leaked in this phishing attack.

The IRS reported an increase of 400% in phishing and malware incidents this year. They report that there have been several victims, but have not disclosed how many other employers had reported leaking the personal information to unauthorized parties.

CONTINUE READING here: www.ECBM.com

FacebookTwitterGoogle+LinkedInShare