The IRS issued an alert to companies warning of one of the latest internet scams. This one is more sophisticated than those old emails with convincing logos and mangled English.
Aimed at Payroll and HR Departments, scammers send convincing looking emails impersonating the company’s CEO or other high level person and ask for personal information on specific employees. Sample of the text used are:

• Kindly send me the individual 2015 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review.
• Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary).
• I want you to send me the list of W-2 copy of employees wage and tax statement for 2015, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me asap.

Obviously to pull this off the phishers have been able to capitalize on some serious breeches of corporate security. How easily available are your employee rosters? Do you have procedures in place to validate requests for sensitive information?
This alert comes on the heels of other reports of attacks on payment processes for vendors where scammers attempt to divert payments from vendor bank accounts into their own.
With the advantages of technology come corresponding risks. Doing things the same old way is no longer an option.