Thursday, August 26, 2021

COVID Tax Tip 2021-126: Tax pros: Beware of pandemic-related email schemes

Bookmark and Share

IRS.gov Banner
IRS Tax Tips August 26, 2021

Useful Links:

IRS.gov

Help For Hurricane Victims


News Essentials

What's Hot

News Releases

IRS - The Basics

IRS Guidance

Media Contacts

Facts & Figures

Around The Nation

e-News Subscriptions


The Newsroom Topics

Multimedia Center

Noticias en Español

Radio PSAs

Tax Scams/Consumer Alerts

The Tax Gap

Fact Sheets

IRS Tax Tips

Armed Forces

Latest News


IRS Resources

Compliance & Enforcement News

Contact Your Local IRS Office

Filing Your Taxes

Forms & Instructions

Frequently Asked Questions

Taxpayer Advocate Service

Where to File

IRS Social Media

 


Issue Number: COVID Tax Tip 2021-126


Tax pros: Beware of pandemic-related email schemes


All tax pros need to beware of evolving phishing scams that use various pandemic-related themes to steal client data. It is the tax preparer's responsibility to secure their network to protect taxpayer data.

Tax pros, especially those who engage in remote transactions, remain vulnerable to identity thieves posing as potential clients. The criminals then trick practitioners into opening email links or attachments that infect computer systems.

The warning about these phishing scams comes as part of the IRS and its Security Summit partners annual summer campaign. This year's theme, Boost Security Immunity: Fight Against Identity Theft, urges tax pros to step up their efforts to protect client data.

Scams may differ in themes, but they generally have two traits:

  • They appear to come from a known or trusted source, such as a colleague, bank, credit card company, cloud storage provider, tax software provider or even the IRS.
  • They tell a story, often with an urgent tone, to trick the receiver into opening a link or attachment.

Fraudsters continue to impersonate pandemic-related government benefit programs to launch phishing campaigns. Pandemic-related scams may be delivered by email, social media, phone, or text, and may reference legitimate programs such as Economic Impact Payments. Instead of providing economic relief, these scams collect personal and financial information. Legitimate government programs will have corresponding information on their official government websites.

Phishing emails or SMS/texts - known as smishing - attempt to trick the person receiving the message into disclosing personal information such as passwords, bank account numbers, credit card numbers or Social Security numbers. Anyone with a smartphone is a potential target. Smishing scams may leverage the child tax credit or other pandemic-related tax-related programs to trick recipients into visiting phishing websites.

A specific kind of phishing email is called spear phishing. Rather than the scattershot nature of general phishing emails, scammers take time to identify their victim and craft a more enticing phishing email known as a lure. Scammers often use spear phishing to target tax pros.

In a reoccurring and very successful spear phishing scam, criminals pose as potential new clients, exchanging several emails with tax pros before following up with an attachment that they claimed was their tax information. Once the tax pro clicks on the URL or opens the attachment, malware secretly downloads onto their computer, giving thieves access to passwords to client accounts or remote access to the computer. Thieves then use this malware known as a remote access trojan to take over the tax professional's office computer system, identify pending tax returns, complete them and e-file them, changing only the bank account information to steal the refund. This scam remains popular as many tax pros continue to work remotely and communicate with clients over email versus in-person or over the phone because of COVID-19.

Tax pros should follow basic security steps to protect their accounts and client data. For example, using the two-factor or the multi-factor authentication option offered by tax preparation providers or storage providers would protect client accounts even if passwords were inadvertently disclosed. Keeping anti-virus software automatically updated helps prevent scams that target software vulnerabilities. Using drive encryption and regularly backing up files helps stop theft and ransomware attacks.


More information
:
Publication 4557, Safeguarding Taxpayer Data 


Share this tip on social media -- #IRSTaxTip: Tax pros: Beware of pandemic-related email schemes. https://go.usa.gov/xFFH6


Back to Top

FaceBook Logo  YouTube Logo  Instagram Logo  Twitter Logo  LinkedIn Logo


Thank you for subscribing to IRS Tax Tips, an IRS e-mail service. For more information on federal taxes please visit IRS.gov.

This message was distributed automatically from the IRS Tax Tips mailing list. Please Do Not Reply To This Message.

 


This email was sent to business.solutions.ve@gmail.com by: Internal Revenue Service (IRS) · Internal Revenue Service · 1111 Constitution Ave. N.W. · Washington DC 20535 GovDelivery logo

No comments:

Post a Comment