Tuesday, August 11, 2020

IR-2020-178: Working Virtually: Avoid Phishing Scams; Part 4 of Security Summit tips for tax professionals

Bookmark and Share

IRS.gov Banner
IRS Newswire August 11, 2020

News Essentials

What's Hot

News Releases

IRS - The Basics

IRS Guidance

Media Contacts

Facts & Figures

Around The Nation

e-News Subscriptions


The Newsroom Topics

Multimedia Center

Noticias en Español

Radio PSAs

Tax Scams

The Tax Gap

Fact Sheets

IRS Tax Tips

Armed Forces

Latest News Home


IRS Resources

Compliance & Enforcement

Contact My Local Office

Filing Options

Forms & Instructions

Frequently Asked Questions

News

Taxpayer Advocate

Where to File

IRS Social Media


Issue Number:    IR-2020-178

Inside This Issue


Working Virtually: Avoid Phishing Scams; Part 4 of Security Summit tips for tax professionals

WASHINGTON —The Internal Revenue Service and the Security Summit partners today warned tax professionals to be alert to new phishing scams that try to take advantage of COVID-19, Economic Impact Payments and increased teleworking by practitioners.

The IRS, state tax agencies and the nation's tax industry urged tax firms to review and heighten their data protection plans this summer as cybercriminals step up efforts to steal client tax information. Crooks are targeting tax professionals as well as taxpayers.

Avoiding phishing emails is the fourth in a five-part Security Summit series called Working Virtually: Protecting Tax Data at Home and at Work. The Security Summit initiative by the IRS, state tax agencies and private-sector tax industry spotlights basic security steps for all practitioners, but especially those working remotely in response to COVID-19.

"The coronavirus has created new opportunities for cybercriminals to use email to try stealing sensitive information," said IRS Commissioner Chuck Rettig. "The vast majority of data thefts start with a phishing email trick. Identity thieves pose as trusted sources – a client, your software provider or even the IRS – to lure you into clicking on a link or attachment. Remember, don't take the bait. Learn to recognize and avoid phishing scams."

Phishing emails generally have an urgent message, such as your account password expired. They direct you to an official-looking link or attachment. The link may take you to a fake site made to appear like a trusted source and request your username and password. Or, the attachment may contain malware, which secretly downloads malware that tracks keystrokes and allows thieves to eventually steal all the tax pro's passwords.

This year, IRS identified a highly sophisticated attack against tax firms where thieves gained remote access either through phishing or malware and were able to enter the cloud storage accounts that held client files. In one case, thieves spent 18 months quietly downloading and accessing taxpayer information before they were discovered.

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning to all organizations to educate employees, especially those teleworking, about increased activity related to phishing scams.

These scams focused on COVID-19 fears by presenting themselves as providers of face masks or personally protective equipment in short supply. Thieves also used other tactics against taxpayers, impersonating the IRS and calling or emailing requests for bank account information to send the Economic Impact Payments.

Tax professionals should beware of emails from criminals posing as potential clients. As people practice social distancing these days, criminals may exploit this process to try to trick tax practitioners into opening links or attachments. The Security Summit continues to urge tax professionals to create "trusted customer" policies, and contact potential clients by phone or video conference.

Taxpayers and tax preparers can forward suspicious emails posing as the IRS to phishing@irs.gov.

Because phishing emails are so common and successful, Summit partners urge tax professionals to educate all office personnel about the dangers and risks of opening suspicious emails – especially during the COVID-19 period.

Additional resources
Tax professionals also can get help with security recommendations by reviewing the recently revised IRS Publication 4557, Safeguarding Taxpayer Data (PDF), and Small Business Information Security: the Fundamentals (PDF) by the National Institute of Standards and Technology.

Publication 5293, Data Security Resource Guide for Tax Professionals (PDF), provides a compilation of data theft information available on IRS.gov. Also, tax professionals should stay connected to the IRS through subscriptions to e-News for Tax Professionals and Social Media or visit Identity Theft Central at IRS.gov/IdentityTheft.

Back to Top


FaceBook Logo  YouTube Logo  Instagram Logo  Twitter Logo  LinkedIn Logo


Thank you for subscribing to the IRS Newswire, an IRS e-mail service.

If you know someone who might want to subscribe to this mailing list, please forward this message to them so they can subscribe.

This message was distributed automatically from the mailing list IRS Newswire. Please Do Not Reply To This Message.


This email was sent to business.solutions.ve@gmail.com by: Internal Revenue Service (IRS) · Internal Revenue Service · 1111 Constitution Ave. N.W. · Washington DC 20535 GovDelivery logo

No comments:

Post a Comment