The Internal Revenue Service has reported a big spike in phishing and malware incidents during the 2016 and 2017 tax seasons. Taxpayers should continue to watch out for fake emails or websites looking to steal personal information during the upcoming 2018 filing season. These "phishing" schemes continue to be at the top of the annual IRS list of "Dirty Dozen" tax scams.
In a "phishing" email scheme, criminals pose as a trusted person or organization, such as a bank or government agency. They will go to great lengths to make the email appear legitimate, and will often contain links to a phony website intended to bait victims into providing financial account information, passwords, and other information that can lead to identity theft.
Be wary of any message asking for W-2 or other tax information. Over the past few years, these scams were primarily seen in two forms on campus:
- Extremely authentic looking emails impersonating UC communications about how to access your W-2 statement.
- These emails looked almost exactly like the genuine UC emails, but contained a harmful link intended to steal passwords and personal information.
- Emails direct to financial and payroll employees requesting copies of employee W-2 forms.
- These emails looked like they were from executive management, such as the UC president, or the head of Financial Affairs, and requested copies of employee W-2 forms for review purposes.
To protect yourself against harmful links, use these tips:
If you have consented to having an electronic copy of your W-2 statement made available online, it will only be available directly on the At Your Service Online (AYSO) website. AYSO is hosted by the University of California, Office of the President and should only be accessed using the following address:https://atyourserviceonline.ucop.edu/ayso/
- To avoid clicking on a harmful link in a potential phishing message, manually enter the AYSO address into your browser's address bar when you are ready to download your W-2 form:
- Alternatively, you may access AYSO directly from the Blu Self-Service portal (left-hand menu) at:
(Note: Campus VPN and CalNet ID login are required for off-campus access to Blu)
- Report any suspicious emails by forwarding them with full headers to email@example.com.
More Anti-Phishing Tips and FAQs
Tax Fraud Prevention Resources