Always verify your sources to avoid this Email scam
More than once I have gotten calls from clients who got an email that was supposed to be from an owner or executive, but it looked a little off. If you check the from address, the reply to address, or the links, you can usually spot the scam. Unfortunately too many employees just reflexively reply to an email from the boss because they are afraid of being slow.
The rule is simple: If you aren’t expecting a request for data, call the person to confirm. Don’t be like this unnamed employee who is probably now looking for a job.
In an email sent to Milwaukee players on Wednesday night, the franchise termed the issue as a “serious security incident” and took responsibility for an employee distributing 2015 IRS W-2 documents in an email scam in which team president Peter Feigin was impersonated, sources said.
The W-2 information included names, addresses, Social Security numbers, compensation information and dates of birth. An unknown party requested the private documents on April 26, and the Bucks ultimately discovered on May 16 that the financial forms were sent to a spoof hacker.
In the correspondence, the Bucks said they were notifying the IRS and FBI about the incident.
Player representatives with clients on the Bucks during the 2015 fiscal year are working to secure the safety of their players’ finances.
“The communication received on this major security breach is unacceptable,” said one agent with a client on the Bucks. “The players need to know the exact measures being taken by the Bucks and the FBI to ensure each and every player’s identity and financial information will not be compromised. There needs to be accountability for such a mistake, details on the steps taken to rectify it and a process put in place to make sure this never happens again.”
The Bucks have given players two free years of credit monitoring and identity-theft restoration services, according to the email, but there could be severe consequences of the information being compromised. Professional sports teams with millions in equity are supposed to have security measures in place to prevent such incidents.