The Internal Revenue Service, state tax agencies and the nation’s tax industry continues to warn tax professionals that they face additional security risks from cybercriminals seeking to use the pandemic and phishing scams to steal sensitive client information.
- “We continue to see scams and security risks during this period targeting tax professionals and the sensitive information they hold,” said IRS Commissioner Chuck Rettig. “Identity thieves continue to evolve with the times and use the pandemic and other tricks to take advantage of tax pros and gain access to their data. Data thefts from tax professionals can provide valuable information to thieves trying to file fraudulent tax returns. We continue to urge tax preparers to remain aware of this changing threat. Taking important security steps can help avoid a security breach that can be devastating to them and their clients.”
Recently, we had a report from a uTax partner who received a communication from “IRS.gov e-Services” (see image below). At first glance, it appears to be legitimate but please take time as this partner did and be extremely cautious. This was a classic phishing scam that could have had serious consequences had they clicked on the URL as instructed. Often, but not always, you may notice spelling errors and/or oddly worded sentences.
The IRS reminds tax professionals and taxpayers that “they do not initiate contact by email, text messages or social media channels to request personal or financial information. This includes requests for PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts”.
The IRS states that if you receive an email (claiming to be from the IRS):
- Don’t reply.
- Don’t open any attachments. They can contain malicious code that may infect your computer or mobile phone.
- Don’t click on any links. Visit our identity protection page if you clicked on links in a suspicious email or website and entered confidential information.
- Forward – preferably with the full email headers – the email as-is to us at email@example.com“>firstname.lastname@example.org. Don’t forward scanned images because this removes valuable information.
- Delete the original email.
Example of Recent Phishing Scam Directed at Tax Professionals:
The IRS adds that tax preparers are critical and valued partners in the tax administration process, and they have an important role to play in helping prevent identity theft. Did you know that by law, tax preparers must have a written data security plan.
To learn more about this campaign and additional security information, go to the IRS Protect Your Clients Protect Yourself | Español and Identity Theft Information for Tax Professionals pages at IRS.gov.
To stay up to date on the latest threats and scams, bookmark and follow these pages listed above. You also should register for e-News for Tax Professionals or, if you are an e-Services user, register for Quick Alerts to stay atop latest news and threats.
Other Helpful IRS Resources on this Important Topic Include:
For questions, contact the IRS e-Services Help Desk at 866-255-0654 and don’t forget to log in to e-Services at IRS.gov to check your EFIN status for this tax season.
The uTax Team