On February 22, a payroll employee for the city of San Marcos responded to an e-mail.
“It was asking for W-2 files and so employees did send the file, unbeknownst to him it was going to an outside email,” said Heather Hurlbert, finance director for the city of San Marcos.
City officials say the scammer masked his or her e-mail, appearing to come from another employee, making it look to be a trusted source.
“The employee felt they were doing the right thing, providing information,” said Hurlbert.
The e-mail the employee sent to the scammer contained W-2's of 800 city employees.
These include police officers, firefighters, and city council members.
It was brought to the city's attention recently.
“We were made aware because we had a couple of employees who tried to file their taxes. When they filed their taxes with the I.R.S., it was rejected because there had already been a return under their social security number,” said Hurlbert.
Financial expert Matt Schulz says phishing is a common and a big problem.
“It works, that's why the bad guys like it so much and it's relatively easy to do,” said Schulz.
To avoid becoming the prey, take a look at the physical e-mail, and even if it's from a so called trusted source, pay attention to context.
“If they're asking for something that they wouldn't ask you for normally like W-2's or social security numbers that's a red flag,” said Schulz.
“It was a little out of the ordinary, but the employee was just providing the information,” said Hurlbert.
San Marcos says they are working with local law enforcement and the I.R.S. to get to the bottom of things. They will continue to work with their I.T. department to keep the latest firewalls on guard.
The city also has cyber insurance, plus are offering credit monitoring to their employees.