There is an active phishing scheme targeting Washington school districts. The scheme targets human resources/payroll staff seeking sensitive W2 and payroll information.
The senders present themselves as the school district’s superintendent, with a message like one the following:
• “I need W-2 copy list of all employees’ wage and tax statement for 2017. Kindly prepare and attach the lists in PDF file type and email them to me for review as soon as possible.”
• “Kindly send me the individual 2017 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.”
• “Can you send me the updated list of employees with full details (name, Social Security number, date of birth, home address, salary).”
If any district staff receive an email from the superintendent requesting a list of employees and other personal information, they should check it out before responding. If someone responds and it is determined the request was not legitimate, the district needs to notify anyone who is at harm from the data release, not more than 45 days after the error was discovered. If the data breach affects more than 500 Washington residents, the state Attorney General’s Office must be notified.