Auditors Show IRS Workers Too Willing to Cooperate

Fake computer technicians who asked Internal Revenue Service employees to provide login and password information were able to persuade 35 workers to cooperate, according to a new government report.

Treasury Department inspectors, posing as staffers from the information technology help desk, called 100 IRS employees and managers and said they were trying to fix a network problem, the Associated Press reported. They asked the employees for their login name and to temporarily change their password to one they provided. Those who complied with the request violated IRS rules, which bar employees from giving out their passwords.

"With an employee's user account name and password, a hacker could gain access to that employee's access privileges," said the report by the Treasury Department's inspector general for tax administration. "Even more significant, a disgruntled employee could use the same social engineering tactics and obtain another employee's username and password," auditors said.

The test was done to find the human flaws in the security system that protects taxpayers' data. When the test was done in 2001, 71 employees out of 100 cooperated, versus 35 this time.

The employees gave various reasons for complying with the request. Some said they did not suspect foul play since they were having network problems at the time; some said they wanted to be helpful to the tech staff; still others said they couldn't find the caller's name on the global IRS directory, but complied anyway. Some got approval from their managers before they would cooperate.

IRS employees have since been instructed to notify security officials if they get calls seeking password or login information.

You may like these other stories...

Federal judge tosses IRS lawsuitsBernie Becker of The Hill reported that a federal judge sided with the IRS on Thursday, tossing out two lawsuits filed against the tax agency over its improper scrutiny of Tea Party groups...
Amidst the dark clouds hovering over the IRS this year—ranging from the lingering Tea Party scandal to other improprieties to damaging budget cuts—at least there's a ray of sunshine in a new report from the...
SEC, Big Four Chinese affiliates make progress in talks over audit documentsMichael Rapoport of the Wall Street Journal reported that the US Securities and Exchange Commission (SEC) and the Chinese affiliates of the Big Four...

Already a member? log in here.

Upcoming CPE Webinars

Oct 30Many Excel users have a love-hate relationship with workbook links.
Nov 5Join CPA thought leader and peer reviewer Rob Cameron and learn ways to improve the outcome of your peer reviews while maximizing the value of your engagement workflow.
Nov 12This webcast presents basic principles of revenue recognition, including new ASU 2014-09 for the contract method. Also, CPAs in industries who want a refresher on revenue accounting standards will benefit.
Nov 18In this session Excel expert David Ringstrom, CPA tackles what to do when bad things happen to good spreadsheets.