The Internal Revenue Service, state tax agencies and the tax industry are warning tax professionals of early signs that cybercriminals already are at work as the nation’s tax season approaches. Fraudsters are using a new round of emails posing as potential clients or even the IRS in an effort to trick tax practitioners into disclosing sensitive information.
The Security Summit partners encourage tax practitioners to be wary of communicating solely by email with potential or even existing clients, especially if unusual requests are made. Data breach thefts have given thieves millions of identity data points, including names, addresses, social security numbers and email addresses. If in doubt, tax practitioners should call to confirm a client’s identity.
Numerous data breaches last year meant the entire tax preparation community must be on high alert this filing season to any unusual activity. Thieves may try to leverage stolen identities to steal even more data that will allow them to better impersonate taxpayers and file fraudulent tax returns for refunds.
The IRS, state tax agencies and the tax industry, acting as the Security Summit, have made significant strides in combatting identity theft. But cybercriminals continue to evolve, and Summit partners need the help of everyone, including tax professionals and taxpayers, to continue this progress.
In recent days, tax professionals have reported numerous attempts by fraudsters to pierce their security by posing as potential clients. Crooks are using the same tactic they did last year (IR-2017-03), using phishing emails to trick tax practitioners into opening a link or attached document.
The fraudsters, posing as potential clients, send initial emails to tax practitioners In recent days, the IRS has seen these early variations of these email schemes:
- “Happy new year to you and yours. I want you to help us file our tax return this year as our previous CPA/account passed away in October. How much will this cost us?…hope to hear from you soon.”
- “Please kindly look into this issue, A friend of mine introduced you to me, regarding the job you did for him on his 2017 tax. I tried to reach you by phone earlier today but it was not connecting, attach is my information needed for my tax to be filed if you need any more Details please feel free to contact me as soon as possible and also send me your direct Tel-number to rich (sic) you on.”
- “I got your details from the directory. I would like you to help me process my tax. Please get back to me asap so I can forward my details.”
If the tax practitioner responds, the fraudster will send a second email that contains either a phishing URL or an attached document that contains a phishing URL, claiming their tax data is enclosed. In reality, the fraudster wants the tax pro to click on the link or attachment and then enter their credentials. In some cases, the URL or attachment might be malicious and if clicked will download malicious software onto the tax pros’ computer.
Depending on the malware involved, this scheme could give fraudsters access to the tax practitioners’ secure accounts or sensitive data. It may even give the fraudster remote control of the tax professionals computers.
The IRS also has received recent reports of fraudsters again posing as IRS e-Services, asking tax pros to sign into their accounts and providing a disguised link. The link, however, sends tax pros to a fake e-Services site that steals their usernames and passwords.
This type of scam is one of the reasons the IRS has moved e-Services to the more secure identity-proofing process called Secure Access. It is important that all e-Services account holders upgrade their accounts to this more rigorous authentication process. E-Services account holders who have not updated their accounts should do so immediately. See Important Update about Your e-Services Account.
Tax practitioners receiving emails from fraudsters posing as the IRS or even their tax software provider should go directly to the main websites, such as IRS.gov, rather than opening any links or attachments. If you receive a phishing email, forward it to email@example.com. Remember, the IRS does not send unsolicited emails.
IRS Office of Professional Responsibility webinar Jan. 17 – earn two hours CE credits in ethics
Topic: The Office of Professional Responsibility: What you need to Know about Practicing before the IRS (rebroadcast)
Date: Wednesday January 17, 2018
Times: 2:00 p.m. Eastern; 1:00 p.m. Central; Noon Mountain; 11:00 a.m. Pacific
Duration: Two hours
Webinar featuring OPR Director Stephen Whitlock with live Q&A at the end of the presentation
- Regulations governing tax practice before the IRS (Circular 230, Rev. 6/2014)
- Due diligence obligations of tax professionals
- Overview of other key Circular 230 provisions
- Practitioner responsibilities to their clients and to the tax administration system
- Best practices for all tax professionals
- Office of Professional Responsibility policies and procedures
Earn two CE credits in ethics
To receive a certificate of completion and CE credit, you must:
- View the live presentation on 1/17/18 for at least 100 minutes from the start of the program.
- To confirm your attendance and receive your certificate of completion, view the presentation while signed-in using the same email address used to register; you will not receive credit by watching this webinar on someone else’s computer.
- Groups cannot register with one email address and receive separate certificates; each person must register separately.
- Look for your Certificate of Completion by email approximately three weeks after the broadcast.
- If you have met all requirements, you will automatically receive your certificate of completion by email about three weeks after the event.
Enrolled Agents or other tax return preparers attending for education on a voluntary basis must register using your 8-digit PTIN and name as shown on your PTIN card or letter. If you don’t have a PTIN, you will receive a certificate; however, your credit will not be reported to the IRS. Other tax professionals will receive a certificate and may receive credit if the broadcast meets their organizations’ or states’ CPE requirements.