Email Security Blog

Data Breach of Confidential Employee Information – Top Phishing Attacks of 2016

Nikki Tyson June 21, 2016 Email Security
Fallback Featured Image

In this series of blog posts, we examine the most common forms of phishing attacks and appropriate countermeasures to protect both individuals and organizations – in this post we explore the data breach of confidential employee information.

Over the last year, we have seen a trend in spear phishing attacks that aim to steal valuable employee payroll information. Many recent attacks have focused on stealing the US W-2 tax form information.

  • Snapchat – The messaging app hit the headlines when it’s payroll department handed over confidential information on current and former employees to a scammer impersonating the CEO.
  • Seagate Technology – An isolated phishing email also led to Seagate Technology being tricked into handing over the W-2 tax documents on all current and past employees, which contained confidential information on social security numbers and salaries.

The legal and reputational impact of such breaches can be far reaching and have significant financial impact.

“Data breach is the new normal – plan for it”

Unfortunately, the one-two punch of a data breach means that the worst may not yet be over for employees who have had their personal details stolen. Identity theft often follows data breaches as hackers use the confidential information they have accessed in the initial attack to facilitate a variety of frauds.

Steps to Reduce Risk

Here are our top tips on how organizations can better protect themselves to reduce risk:

  • Greater collaboration
  • Remember, it could be you!
  • Know your strongest assets
  • Introduce new controls
  • Restore trust in the digital ecosystem

Download Agari’s executive brief on the Top Phishing Attacks of 2016 to learn more about best practices to stopping phishing attacks.

You can also check out the other posts in the Top Phishing Scams series:

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

May 9, 2019 Patrick Peterson

Current Email Architecture Transformation Raises the Bar for Security

Enterprise email architecture is evolving, which is good new for cybercriminals. Legacy secure email gateways…

Agari Blog Image

May 2, 2019 Armen Najarian

Agari Research Finds 2020 Presidential Campaigns Vulnerable to Next-Gen Phishing Attacks

The type of email attacks that helped derail Hillary Clinton’s presidential bid during the 2016…

Agari Blog Image

April 30, 2019 Patrick Peterson

2020 Presidential Campaigns Susceptible to Nation-State Email Attacks—Agari Can Help

Three years ago, Russian operatives spear phished the email account of Hillary Clinton's campaign chairman…

Agari Blog Image

April 11, 2019 Raymond Lim

Beware of Phishing Attacks as Tax Day Looms Closer

The April 15th deadline to file taxes in the United States is almost here, which…

Agari Blog Image

March 13, 2019 Ernest Yuen

W-2 Scams Likely to Continue as Driver for Phishing Attacks in 2019

With the 2019 tax season reaching full throttle, a volatile mix of conditions could fuel…

mobile image