Watch out for W-2 tax document OneDrive email phishing scam

Tax season in the United States is in full swing. That means plenty of tax related documents are being passed around cyberspace. This isn’t something phishing scammers are going to ignore.

In one email phishing scam that has managed to find its way around many email junk filers, an email appears to show a W2 tax document being shared with the recipient via OneDrive, the cloud file storage service from Microsoft.

The email, which will appear similar to the below screenshot, provides a link for the recipient to open the tax document. It is being sent with the subject “Re: Home Loan”.

But it’s a phishing scam and there is no phishing document. The link leads to a webpage hosted on the TypeForm platform, a service that allows people to create forms and surveys.

The page asks for the visitor to login to see the tax document, but any username and password combinations entered into this page will be sent to the scammers, effectively handing them control of your online account (unless you’re sensible enough to have enabled two-factor authentication.)


Sponsored Content. Continued below...




Regardless of what username and password a person enters, the visitor is told that its incorrect, and the page eventually “locks” the document claiming it cannot confirm the visitor’s identity. It’s all a ruse, though. There is no document, and the webpage isn’t really trying to validate the information, rather just transmit it to cyber crooks.

Always watch out for emails asking you to open attachments or click links. These are how phishing scams usually start. If you do click a link, unless you trust the website you’re on, don’t enter any personal information into it. If you’re on a platform that allows anyone to create a website, such as TypeForm or Google Sites, you shouldn’t trust it if it asks for personal information or login details.