Friday, August 4, 2017

IR-2017-126: Security Summit Alert: Tax Pros Warned of New Scam to Steal Their Passwords

Bookmark and Share

IRS.gov Banner
IRS Newswire August 4, 2017

News Essentials

What's Hot

News Releases

IRS - The Basics

IRS Guidance

Media Contacts

Facts & Figures

Around The Nation

e-News Subscriptions

The Newsroom Topics

Multimedia Center

Noticias en Español

Radio PSAs

Tax Scams

The Tax Gap

Fact Sheets

IRS Tax Tips

Armed Forces

Latest News Home

IRS Resources

Compliance & Enforcement

Contact My Local Office

Filing Options

Forms & Pubs

Frequently Asked Questions

News

Taxpayer Advocate

Where to File

IRS Social Media

Issue Number:    IR-2017-126

Inside This Issue

Security Summit Alert: Tax Pros Warned of New Scam to Steal Their Passwords

WASHINGTON – The Internal Revenue Service, state tax agencies and the tax industry today warned tax professionals to be alert to a new phishing email scam impersonating tax software providers and attempting to steal usernames and passwords.

This sophisticated scam yet again displays cybercriminals' tax savvy and underscores the need for tax professionals to take strong security measures to protect their clients and protect their business. This is the time of year when many software providers issue software upgrades and when tax professionals are working to meet the Oct. 15 deadline for extension filers.

These types of phishing scams are why the IRS, state tax agencies and the tax industry, acting as the Security Summit, launched the 10-week Don't Take the Bait campaign currently underway. This awareness effort highlights the many tactics of cybercriminals as well as the steps tax professionals can take to protect their clients and themselves.

This latest scam email variation comes with a subject line of "Software Support Update" and highlights an "Important Software System Upgrade." It thanks recipients for continuing to trust the software provider to serve their tax preparation needs and mimics the software providers' email templates.

The e-mail informs the recipients that due to a recent software upgrade, the preparer must revalidate their login credentials. It provides a link to a fictitious website that mirrors the software provider's actual login page.

Instead of upgrading software, the tax professionals are providing their information to cybercriminals who use the stolen credentials to access the preparers' accounts and to steal client information.

The Security Summit reminds tax professionals that software providers do not embed links into emails asking them to validate passwords. Also, tax professionals and taxpayers should never open a link or an attachment from a suspicious email.

Tax professionals can review additional tips to protect clients and themselves at Protect Your Clients, Protect Yourself on IRS.gov.

Tax professionals who receive emails purportedly from their tax software providers seeking login credentials should send those scam emails to their tax software provider. 

For Windows users, follow this process to help the investigation of these scam emails:

  1. Use "Save As" to save the scam. Under "save as type" in the drop-down menu, select "plain text" and save to the desktop. Do not click on any links.
  2. Open a new email and attach this saved email as a file.
  3. Send a new email containing the attachment to the tax software provider, as well as a copy to Phishing@IRS.gov.

 

Back to Top  

Thank you for subscribing to the IRS Newswire, an IRS e-mail service.

If you know someone who might want to subscribe to this mailing list, please forward this message to them so they can subscribe.

This message was distributed automatically from the mailing list IRS Newswire. Please Do Not Reply To This Message.
This email was sent to business.solutions.ve@gmail.com by: Internal Revenue Service (IRS) · Internal Revenue Service · 1111 Constitution Ave. N.W. · Washington DC 20535 GovDelivery logo
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)