Tuesday, July 28, 2020

IR-2020-170: Working Virtually: Use multi-factor authentication to protect accounts; Part 2 of Security Summit tips for tax professionals

Bookmark and Share

IRS.gov Banner
IRS Newswire July 28, 2020

News Essentials

What's Hot

News Releases

IRS - The Basics

IRS Guidance

Media Contacts

Facts & Figures

Around The Nation

e-News Subscriptions


The Newsroom Topics

Multimedia Center

Noticias en Español

Radio PSAs

Tax Scams

The Tax Gap

Fact Sheets

IRS Tax Tips

Armed Forces

Latest News Home


IRS Resources

Compliance & Enforcement

Contact My Local Office

Filing Options

Forms & Instructions

Frequently Asked Questions

News

Taxpayer Advocate

Where to File

IRS Social Media


Issue Number:    IR-2020-170

Inside This Issue


Working Virtually: Use multi-factor authentication to protect accounts; Part 2 of Security Summit tips for tax professionals

WASHINGTON — With heightened threats during COVID-19, the Internal Revenue Service and Security Summit partners today called on tax professionals to select multi-factor authentication options whenever possible to prevent identity thieves from gaining access to client accounts.

Starting in 2021, all tax software providers will be required to offer multi-factor authentication options on their products that meet higher standards. Many already do so. A multi-factor or two-factor authentication offers an extra layer of protection for the username and password used by the tax professional. It often involves a security code sent via text.

Using multi-factor authentication is the second in a five-part series called Working Virtually: Protecting Tax Data at Home and at Work. The public awareness initiative by the IRS, state tax agencies and the private-sector tax industry – working together as the Security Summit – spotlights basic security steps for all practitioners, but especially those working remotely or social distancing in response to COVID-19.

"Cybercriminals continue to find new ways to try accessing tax professional and taxpayer data. The multi-factor authentication option is an easy, free way to really step up protection of client data," said IRS Commissioner Chuck Rettig. "All tax software products will make it a feature, and it's part of a larger effort to protect taxpayers and the tax community."

Of the numerous data thefts reported to the IRS from tax professional offices this year, most could have been avoided had the practitioner used multi-factor authentication to protect tax software accounts.

Thieves use a variety of scams – but most commonly by a phishing email – will download malicious software, such as keystroke software. This malware will eventually enable them to steal all passwords from a tax pro. Once the thief has accessed the practitioner's networks and tax software account, they will complete pending taxpayer returns, alter refund information and use the practitioner's own e-filing and preparer numbers to file the fraudulent return.

However, with multi-factor authentication, it's unlikely the thief will have stolen the practitioner's cell phone so he would not receive the necessary security code to access the account. This protects the tax pro's account information.

Practitioners can download to their mobile phones readily available authentication apps offered through Google Play or the Apple Store. These apps will generate a security code. Codes also may be sent to practitioner's email or text but those are not as secure as the authentication apps. Use a search engine for "Authentication apps" to learn more.

In additional to tax software accounts, practitioners should use multi-factor authentication wherever it is offered. For example, cloud storage providers and commercial email products offer multi-factor protections as do social media outlets. IRS e-Services is an example of an account using multi-factor authentication.

Additional resources

Tax professionals also can get help with security recommendations by reviewing the recently revised IRS Publication 4557, Safeguarding Taxpayer Data (PDF), and Small Business Information Security: the Fundamentals (PDF) by the National Institute of Standards and Technology.

Publication 5293, Data Security Resource Guide for Tax Professionals (PDF), provides a compilation data theft information available on IRS.gov. Also, tax professionals should stay connected to the IRS through subscriptions to e-News for Tax Professionals and Social Media or visit Identity Theft Central at IRS.gov/IdentityTheft.

Back to Top


FaceBook Logo  YouTube Logo  Instagram Logo  Twitter Logo  LinkedIn Logo


Thank you for subscribing to the IRS Newswire, an IRS e-mail service.

If you know someone who might want to subscribe to this mailing list, please forward this message to them so they can subscribe.

This message was distributed automatically from the mailing list IRS Newswire. Please Do Not Reply To This Message.


This email was sent to business.solutions.ve@gmail.com by: Internal Revenue Service (IRS) · Internal Revenue Service · 1111 Constitution Ave. N.W. · Washington DC 20535 GovDelivery logo

No comments:

Post a Comment