Tax Season is Here - Protect Yourself from Tax Fraud

January 15, 2020

You and Your W-2

Every year phishing messages are crafted by tax scammers to trick victims into giving out personal information. Taxpayers should continue to watch out for fake emails and/or websites looking to steal personal information. Be wary of any message asking for W-2 or other tax information. Additionally, because of the UCPath conversion attackers may send emails with fraudulent links. Do not open any attachments or click on any email links.

The UC does not send tax statements to employees by email or text

If you receive an email or text that has an attachment to view your W-2 or other tax statement, it is a phishing scam designed to gain your private information. 

Over the past few years, tax scams were primarily seen in two forms on campus:

  1. Extremely authentic-looking emails impersonating UC communications about how to access your W-2 statement.
    • These emails looked almost exactly like genuine UC emails, but contained a harmful link intended to steal passwords and personal information.

  2. Emails sent to financial and payroll employees requesting copies of employee W-2 forms.
    • These emails looked like they were from executive management, such as the UC President, or the head of Financial Affairs, and requested copies of employee W-2 forms for review purposes.

To protect yourself against harmful links, use these tips:

Blu menu

  • To avoid clicking on a harmful link in a potential phishing message, manually enter the AYSO or UCPath address into your browser's address bar when you are ready to download your W-2 forms:
    • Alternatively, you may access AYSO and UC Path directly from the Blu Self-Service portal (left-hand menu) at:
      (Note: Campus VPN and CalNet ID login are required for off-campus access to Blu)

Report any suspicious emails by forwarding them with full headers to

More Anti-Phishing Tips and FAQs

Tax Fraud Prevention Resources