Monday January 21, 2019
IRS Warns of Scam Targeting Tax Professionals
In recent days, tax professionals have contacted the IRS after receiving fraudulent emails from cyber thieves posing as potential clients. The thief will often send an introductory email followed by a second email containing a phishing link, or an attached document containing a phishing link, claiming his or her tax data is enclosed. If clicked, the link or attachment could install malware on the tax professional's computer and enable the cybercriminal to gain access to the practitioner's client accounts and sensitive data.
After several data breaches last year, the IRS is cautioning tax practitioners to be on high alert this tax filing season. Cybercriminals may attempt to use illegally obtained client data to impersonate taxpayers and file fraudulent returns to obtain tax refunds.
In the past, criminals have been able to collect tax payers' names, Social Security numbers and email addresses in similar data breaches. The IRS says that, if in doubt, tax practitioners should call to confirm a client's identity.
The IRS has also received reports of criminals posing as IRS e-Services representatives in an attempt to obtain tax professionals' e-Services usernames and passwords. The IRS urges all e-Services account holders to upgrade to the IRS's more secure identify-proofing process called "Secure Access."
Tax professionals are urged to forward suspected phishing emails to firstname.lastname@example.org and to remember that the IRS will not send unsolicited emails.