Close X
Attorney Spotlight

After finishing her first year as an associate at Bass, Berry & Sims, find out what advice Margaret Dodson offers to new attorneys. Read more>


Close X


Search our Experience

Experience Spotlight

On December 1, 2016, Parker Hannifin Corporation and CLARCOR Inc. announced that the companies have entered into a definitive agreement under which Parker will acquire CLARCOR for approximately $4.3 billion in cash, including the assumption of net debt. The transaction has been unanimously approved by the board of directors of each company. Upon closing of the transaction, expected to be completed by or during the first quarter of Parker’s fiscal year 2018, CLARCOR will be combined with Parker’s Filtration Group to form a leading and diverse global filtration business. Bass, Berry & Sims has served CLARCOR as primary corporate and securities counsel for 10 years and served as lead counsel on this transaction. Read more here.

Close X

Thought Leadership

Enter your search terms in the relevant box(es) below to search for specific Thought Leadership.
To see a recent listing of Thought Leadership, click the blue Search button below.

Thought Leadership Spotlight

Blueprint for an IPO

Companies go public to raise capital to fuel growth, pay down debt and provide liquidity to shareholders. Although all issuers and offerings are different, the basic process of going public remains relatively constant. Blueprint for an IPO identifies the key players, details the process and identifies the obligations companies will face after going public.

Read now

Active Hacker Scheme Tricks Companies to Release Employees' W-2 Information: What You Should Be Doing

Firm Publication


March 24, 2016

During the past few weeks, many companies have been targeted by an email phishing scheme that has resulted in the disclosure of confidential personal information of numerous employees and other persons. The email is usually the same: a spoofing email from the CEO (or some other high-level executive) asking human resources, accounting or payroll departments for W-2 information. A cybercriminal armed with this information can then file fraudulent tax returns and receive an individual's tax refund. In many cases, fraudulent returns are filed within days of the theft of the information.

While the IRS has circulated an alert highlighting this scam, we continue to see companies fall victim to this scheme, including recent news reports that Snapchat and Seagate Technology have released sensitive payroll data to cybercriminals posing as company executives.

To prevent falling victim to this scheme, we urge you to quickly alert your employees and staff members, especially your human resources, accounting and payroll departments, to closely scrutinize any request for personal information, particularly W-2 or payroll information. At a minimum, inform your employees and staff members to do the following:

  1. call the sender of the email requesting the information and verify that he or she indeed made the request (e.g., if the email appears to come from "Jane Doe, CEO," call Jane Doe to verify before sending any requested information); and
  2. rather than replying to the original email, only send the requested information by composing a new email message to a known email address for the sender (e.g., compose an email to Jane Doe, using her known email address from the company directory).

In addition, you should inform employees that the phishing email is often similar to the format below:



Kindly send me the 2015 W-2 (PDF) of our company staff for a quick review.


CEO Name

Many hackers can obtain the necessary information to perpetrate this scam from a corporate website or individual's LinkedIn profiles. As discussed in a previous update, hackers use spear phishing scams to target individuals or businesses by posing as a friend, colleague or other business that routinely interacts with the individual or business and then requests certain personal or proprietary information. For many businesses, disclosing sensitive and valuable information can cause significant costs and expenses triggered by federal and state data privacy and security laws, including costs associated with complying with data breach notification requirements.

We will continue to monitor and provide updates regarding this latest scheme. If you have questions or any other cybersecurity concerns related to your organization, please contact an attorney on our Data Security & Privacy Team.

Related Professionals

Related Services


Visiting, or interacting with, this website does not constitute an attorney-client relationship. Although we are always interested in hearing from visitors to our website, we cannot accept representation on a new matter from either existing clients or new clients until we know that we do not have a conflict of interest that would prevent us from doing so. Therefore, please do not send us any information about any new matter that may involve a potential legal representation until we have confirmed that a conflict of interest does not exist and we have expressly agreed in writing to the representation. Until there is such an agreement, we will not be deemed to have given you any advice, any information you send may not be deemed privileged and confidential, and we may be able to represent adverse parties.