| |||
Useful Links:News EssentialsThe Newsroom TopicsIRS Resources
| Issue Number: COVID Tax Tip 2021-126Tax pros: Beware of pandemic-related email schemes
Tax pros, especially those who engage in remote transactions, remain vulnerable to identity thieves posing as potential clients. The criminals then trick practitioners into opening email links or attachments that infect computer systems. The warning about these phishing scams comes as part of the IRS and its Security Summit partners annual summer campaign. This year's theme, Boost Security Immunity: Fight Against Identity Theft, urges tax pros to step up their efforts to protect client data. Scams may differ in themes, but they generally have two traits:
Fraudsters continue to impersonate pandemic-related government benefit programs to launch phishing campaigns. Pandemic-related scams may be delivered by email, social media, phone, or text, and may reference legitimate programs such as Economic Impact Payments. Instead of providing economic relief, these scams collect personal and financial information. Legitimate government programs will have corresponding information on their official government websites. Phishing emails or SMS/texts - known as smishing - attempt to trick the person receiving the message into disclosing personal information such as passwords, bank account numbers, credit card numbers or Social Security numbers. Anyone with a smartphone is a potential target. Smishing scams may leverage the child tax credit or other pandemic-related tax-related programs to trick recipients into visiting phishing websites. A specific kind of phishing email is called spear phishing. Rather than the scattershot nature of general phishing emails, scammers take time to identify their victim and craft a more enticing phishing email known as a lure. Scammers often use spear phishing to target tax pros. In a reoccurring and very successful spear phishing scam, criminals pose as potential new clients, exchanging several emails with tax pros before following up with an attachment that they claimed was their tax information. Once the tax pro clicks on the URL or opens the attachment, malware secretly downloads onto their computer, giving thieves access to passwords to client accounts or remote access to the computer. Thieves then use this malware known as a remote access trojan to take over the tax professional's office computer system, identify pending tax returns, complete them and e-file them, changing only the bank account information to steal the refund. This scam remains popular as many tax pros continue to work remotely and communicate with clients over email versus in-person or over the phone because of COVID-19. Tax pros should follow basic security steps to protect their accounts and client data. For example, using the two-factor or the multi-factor authentication option offered by tax preparation providers or storage providers would protect client accounts even if passwords were inadvertently disclosed. Keeping anti-virus software automatically updated helps prevent scams that target software vulnerabilities. Using drive encryption and regularly backing up files helps stop theft and ransomware attacks.
Share this tip on social media -- #IRSTaxTip: Tax pros: Beware of pandemic-related email schemes. https://go.usa.gov/xFFH6 Back to Top Thank you for subscribing to IRS Tax Tips, an IRS e-mail service. For more information on federal taxes please visit IRS.gov. This message was distributed automatically from the IRS Tax Tips mailing list. Please Do Not Reply To This Message. |
No comments:
Post a Comment