The Internet Crime Complaint Center (IC3) has issued an alert describing a growing number of scams targeting businesses working with foreign suppliers or businesses that regularly perform wire transfer payments. These sophisticated scams are classified as business email compromise (BEC) or email account compromise (EAC) and use social engineering techniques to defraud businesses.
Users and administrators are encouraged to review the IC3 Alert for details and refer to US-CERT Tip ST04-014 for information on social engineering and phishing attacks.
And yes, the W-2 data theft trend is pretty much exactly what I’ve been reporting and describing site for the past year.