Phishing Alert: Scammers Act as University Presidents to Request W-2 Information

phishing hook

By Dan Heuskin

Published February 14, 2017

The Internal Revenue Service (IRS) has issued a warning about a phishing scheme in which scam artists are requesting W-2 information from payroll and human resources employees by representing themselves as university presidents.



Daniel Heuskin (UB Student, Class of 2017) is originally from Long Island, NY. He is studying English at UB with aspirations to become a teacher or writer. In his free time, he enjoys playing bass guitar, doing nature photography, writing songs and reading.

The Scam

There is an uptick in phishing messages during tax season, when cybercriminals use confusion over tax forms to deceive people into sharing sensitive personal data. Now some of these scam artists are focusing their attacks on payroll and human resource professionals, using phishing emails that look something like this:

[Finance Person’s First Name]

Kindly send me the list of W-2 copy of all employees wage and tax statements for 2016 for a quick review. I need them in PDF file type. You can send it as an attachment.

Thank you,

[President’s First and Last Name]

If you receive a request to email W-2 Forms or other payroll data to someone who appears to be UB President Satish Tripathi, do not respond. Instead follow these steps and alert your supervisor immediately.

Recognizing & Reacting to Phishing Emails

Employees should be wary of any email requesting payroll data, Social Security numbers or other personally identifiable information. Criminals use this stolen information to engage in identity theft and tax refund fraud.

Phishing emails might also ask for information related to filing status, refunds, ordering transcripts, confirming personal information, and verifying PIN information.

No matter who the sender appears to be, you should always consult your supervisor to confirm the legitimacy of a request for sensitive, work-related information—and remember that email is almost never secure, and should rarely be used to transmit this kind of information.

Keep Your UBITName Secure

It’s important to keep in mind that the theft of your UBITName and password could put your social security number at risk.

“If you are a student and someone has your UBITName and password, they can log into your HUB account and see your social security number in clear text,” explains Senior Information Security Analyst Dr. Catherine J. Ullman. “If you’re a faculty or staff member and you set up NYS Payroll Online, your UBITName and password can give someone access to your W2 form.”

That’s why it’s more important than ever to keep your UBITName password secure.