Useful Links: IRS.gov Help For Hurricane Victims News Essentials What's Hot News Releases IRS - The Basics IRS Guidance Media Contacts Facts & Figures Around The Nation e-News Subscriptions The Newsroom Topics Multimedia Center Noticias en Español Radio PSAs Tax Scams/Consumer Alerts The Tax Gap Fact Sheets IRS Tax Tips Armed Forces Latest News IRS Resources Compliance & Enforcement News Contact Your Local IRS Office Filing Your Taxes Forms & Instructions Frequently Asked Questions Taxpayer Advocate Service Where to File IRS Social Media | Issue Number: Tax Tip 2018-137 Tax preparers: Avoid being speared The IRS reminds tax professionals to be on the lookout for spear phishing emails. These differ from general phishing emails in that the thief has researched the target before sending the message. An email may appear to be from a colleague, a client, a cloud storage provider, tax software provider, the IRS, or a state government. Spear phishing emails are one of the most common way data thieves enter preparers' digital networks to steal client information.
Here are some facts about spear phishing emails to help preparers recognize the scam and avoid becoming a victim: - The objective of a spear phishing email is to pose as a trusted source and bait the recipient into opening an embedded link or an attachment.
- The email may make an urgent plea to update an account immediately. This link may seem to go to another trusted website, but it's actually a phishing website controlled by the thief.
- Tax professionals who fall victim to spear phishing tactics often voluntarily disclose sensitive password information. This can also happen when the preparer clicks on a malicious URL or malicious attachment included in the spear phishing email which then installs malicious software.
- An attachment may contain malicious software such as a keylogger. Once installed, the keylogger secretly records every keystroke typed on the computer which is then made available to the thief. With certain malicious software, thieves can lock out users from a computer, steal passwords to accounts, or even take remote control of computers. This allows thieves to steal taxpayer data.
- Once a thief succeeds with their spear phishing scam, it allows them to create additional spear phishing scams. The criminal does this by targeting clients, colleagues and friends of the original recipient.
The IRS and its partners in the Security Summit are alerting preparers to spear phishing emails as part of the Tax Security 101 awareness initiative to provide tax professionals with the basic information they need to better protect taxpayer data and to help prevent the filing of fraudulent tax returns. More Information: Federal Trade Commission Safeguards Rule Publication 4557, Safeguarding Taxpayer Data Small Business Information Security: the Fundamentals Publication 5293, Data Security Resource Guide for Tax Professionals e-News for Tax Professionals Share this tip on social media -- #IRSTaxTip: Tax preparers: Avoid being speared. https://go.usa.gov/xPqkT Back to Top Thank you for subscribing to IRS Tax Tips, an IRS e-mail service. For more information on federal taxes please visit IRS.gov. This message was distributed automatically from the IRS Tax Tips mailing list. Please Do Not Reply To This Message. |
No comments:
Post a Comment