Skip to Main Content

Example of a W2 Phish

Example of a W2 Phish

From: W2@sco.idaho <>red flag
Date: Fri, Jan 15, 2016 at 1:27 PM

Dear Account Owner,red flag

Our records indicate that you are enrolled in the State of Idaho paperless W2 Program. As a result, you do not receive a paper W2 but instead receive e-mail notification that your online W2 (i.e. “paperless W2”) is prepared and ready for viewing.

Your 2015 W2 corrected statement is ready for viewing, follow the link below

Click Here to Loginred flag

To opt out of  the Paperless W2 Program, please login to Employee Self Service at the link above and go to the W2 Delivery Choice webpage and follow the instructions.

Office of the State Controller – Idaho.govred flag

Phishing Points to Keep in Mind

1. There is little risk in opening and reading email. However, opening attachments or clicking on links can be dangerous. If an email seems strange or suspicious, simply delete it. If you are not sure if an email is an attack, forward it to the Boise State Help Desk at

2. Notice how the email comes from a account, rather than a government account.

3. The email was extremely generic in nature. Notice how it does not have your name but uses the introduction “Dear Account Owner” instead. The attack is designed to work against anyone. Be suspicious of emails that use generic salutation.

4. Be suspicious of any email that requires “immediate action” or creates a sense of urgency. This is a common technique to rush people into making a mistake.

5. Be careful with email links, and only click on those that you are expecting. Always hover your mouse over the link prior to clicking so you can see the actual website destination. Never enter your credentials through a link in an email. If the website destination looks correct, open up a new window and type in the website address directly.

6. As with generic greetings also be suspicious of generic closings in emails. If you receive an email from a trusted friend or colleague does not mean they sent it. Their computer may have been infected or their account may be compromised. If you get a suspicious email, call them on the phone to confirm they sent the email.

This entry was posted in Uncategorized. Bookmark the permalink.