Over on Salted Hash, Steve Ragan has also been compiling data on victims of business email compromise (BEC) W-2 phishing scams. BEC W-2 phishing scams are the scams where someone poses as an executive of your organization and sends you an email from an address that at first glance might appear to be real. Their email directs you to email them employees’ W-2 data.
Steve reports that for the 23 cases reported so far in the media, 29,000 people have been affected. I’m glad he bothered to tally them, as I’ve been unabashedly lazy about keeping a running total of the number affected.
So go read his report, as it also includes helpful information about business email compromise (BEC) phishing scams in general and cautions from the government.
Remember that for this year, DataBreaches.net’s running list of W-2 phishing incidents can be found here. Last year, there were 145 incidents on my list before I somewhat threw up my hands on the project. It’s nice to have Steve on it, too, this year.
And if you come across an incident or report that we don’t know about yet, please either drop me a note, or drop Steve a note, or find either of us on Twitter at @PogoWasRight (that would be) or @SteveD3.