Security Summit Warns of New Phishing Email Targeting Tax Pros

By John Ams posted 06-23-2017 03:09 PM

  

The IRS, state tax agencies and the tax industry today warned tax professionals to beware of phishing emails purporting to be from a tax software education provider and seeking extensive amounts of sensitive preparer data.

The email’s origin is unknown but likely issued by cybercriminals who could be operating from the U.S. or abroad. The email is unusual for the amount of sensitive preparer data that it seeks. This preparer information will enable the thieves to steal client data and file fraudulent tax returns.

The IRS reminds all tax professionals that legitimate businesses and organizations never ask for usernames, passwords or sensitive data via email. Nor should a preparer ever provide such sensitive information via email if asked.

All tax professionals should be aware that their e-Services credentials, the Electronic Filing Information Number (EFIN), the Preparer Tax Identification Number (PTIN) and their Centralized Authorization File (CAF) number are extremely valuable to identity thieves. Anyone handling taxpayer information has a legal obligation to protect that data.

Because the IRS, state tax agencies and the tax industry, acting in partnership as the Security Summit, are making inroads on individual tax-related identity theft, cybercriminals increasingly target tax professionals. Thieves are looking for real client data so they can better impersonate the taxpayer when filing fraudulent returns for refunds.

The fake email uses the name of a real U.S.-based preparer education firm. Here’s the text as it appears in phishing emails being sent to tax professionals:


In our database, there is a failure, we need your information about your account.

In addition, we need a photo of the driver's license, send all the data to the letter. Please do it as soon as possible, this will help us to revive the account.

*Company Name *
*EServices Username *
*EServices Password *
*EServices Pin *
*CAF number*
*Answers to a secret question*
*EIN Number *
*Business Name
*Owner/Principal Name *
*Owner/Principal DOB *
*Owner/Principal SSN *
*Prior Years AGI
Mother's Maiden Name 


If you received or fell victim to the scam email, forward a copy to phishing@irs.gov. If you disclosed any credential information, contact the e-Services Help Desk to reset your password. If you disclosed information and taxpayer data was stolen, contact your local stakeholder liaison

0 comments
383 views

Permalink

Featured Blogs

  • The Senate Finance Committee approved its tax reform plan Thursday night by a party line vote of 14-12. The Committee wrapped up a four-day markup after defeating dozens of Democratic amendments. The ... Read

  • House Republican leaders today formally introduced what they hope will be their signature legislative achievement in the 115th Congress: a sweeping tax reform bill that lowers individual and business ... Read

  • e-Services update from IRS

    This is an update  on critical issues currently affecting e-Services users.    Because the IRS is still reviewing its contract options for an identity-proofing vendor, the move of e-Services to ... Read