IR-2017-127: Don't Take the Bait, Step 5: Prevent Remote Access Takeover Attacks

IRS Newswire Aug. 8, 2017

News Essentials What's Hot News Releases IRS - The Basics IRS Guidance Media Contacts Facts & Figures Around The Nation e-News Subscriptions The Newsroom Topics Multimedia Center Noticias en Español Radio PSAs Tax Scams The Tax Gap Fact Sheets IRS Tax Tips Armed Forces Latest News Home IRS Resources Compliance & Enforcement Contact My Local Office Filing Options Forms & Pubs Frequently Asked Questions News Taxpayer Advocate Where to File IRS Social Media

Issue Number:  IR-2017-127  Inside This Issue Don't Take the Bait, Step 5: Prevent Remote Access Takeover Attacks IR-2017-127, Aug. 8, 2017   WASHINGTON – The Internal Revenue Service, state tax agencies and the tax industry today reminded tax professionals that their entire digital network could be at risk for remote takeover by cybercriminals. Such a takeover could lead to fraudulent tax filings and damage to their clients.   Multiple incidents have been reported to the IRS in the past year as tax professionals' systems have been secretly infiltrated. The criminals accessed client tax returns, completed those returns, e-filed them and secretly directed refunds to their own accounts.   Increasing awareness about remote takeovers is part of the "Don't Take the Bait" campaign, a 10-part series aimed at tax professionals. The IRS, state tax agencies and the tax industry, working together as the Security Summit, urge practitioners to learn to protect themselves from remote takeovers. This is part of the ongoing Protect Your Clients; Protect Yourself effort.   "This is another emerging threat to tax professionals that the IRS has seen on the rise," IRS Commissioner John Koskinen said. "A remote takeover can be devastating to practitioners' business as well as to the taxpayers they serve. It's critical for people to take steps to understand and prevent these security threats before it's too late."    A remote attack targets an individual computer or network as the cybercriminal exploits weaknesses in security settings to access the devices. Another line of attack uses malware to download malicious code that gives the criminals access to the network. Especially vulnerable are wireless networks, including mobile phones, modems and router devices, printers, fax machines and televisions that retain their factory-issued password settings. Sometimes, these devices have no protection at all.      There are multiple ways that cybercriminals can gain control of computers and other devices. Phishing emails with attachments can easily download malware that, when opened, give the criminal remote control of a computer.   Cybercriminals also can deploy certain tools that allow them to identify the location of and get access to unprotected wireless devices. For example, a printer with a factory-issued password can easily be accessed, and the criminals can see tax return information stored in its memory.   The IRS urges tax professionals to take the following steps to help protect themselves from remote takeovers:   Educate staff members about the dangers of phishing scams, which can be in the form of emails, texts and calls, as well as the threat posed by remote access attacks; Use strong security software, set it to update automatically and run a periodic security "deep scan" to search for viruses and malware; Identify and assess wireless devices connected to the network, including mobile phones, computers, printers, fax machines, routers, modems and televisions. Replace factory password settings with strong passwords. Strengthen passwords for devices and for software access. Make sure passwords are a minimum of eight digits (more is better) with a mix of numbers, letters and special characters; Be alert for phishing scams: do not click on links or open attachments from unknown, unsolicited or suspicious senders; Review any software that employees use to remotely access the network as well as those used by IT support vendors to remotely troubleshoot technical problems. Remote access software is a potential target for bad actors to gain entry and take control of a machine. Disable remote access software until it is needed. Additional IRS Resources: Security Summit Alert: Tax Pros Warned of New Scam to Steal Their Passwords   Thank you for subscribing to the IRS Newswire, an IRS e-mail service. If you know someone who might want to subscribe to this mailing list, please forward this message to them so they can subscribe. This message was distributed automatically from the mailing list IRS Newswire. Please Do Not Reply To This Message.

---

Update your subscriptions, modify your password or email address, or stop subscriptions at any time on your Subscriber Preferences Page. You will need to use your email address to log in. If you have questions or problems with the subscription service, please contact subscriberhelp.govdelivery.com.

This service is provided to you at no charge by the Internal Revenue Service (IRS).

---

This email was sent to business.solutions.ve@gmail.com by: Internal Revenue Service (IRS) · Internal Revenue Service · 1111 Constitution Ave. N.W. · Washington DC 20535