Auditors Show IRS Workers Too Willing to Cooperate

Fake computer technicians who asked Internal Revenue Service employees to provide login and password information were able to persuade 35 workers to cooperate, according to a new government report.

Treasury Department inspectors, posing as staffers from the information technology help desk, called 100 IRS employees and managers and said they were trying to fix a network problem, the Associated Press reported. They asked the employees for their login name and to temporarily change their password to one they provided. Those who complied with the request violated IRS rules, which bar employees from giving out their passwords.

"With an employee's user account name and password, a hacker could gain access to that employee's access privileges," said the report by the Treasury Department's inspector general for tax administration. "Even more significant, a disgruntled employee could use the same social engineering tactics and obtain another employee's username and password," auditors said.

The test was done to find the human flaws in the security system that protects taxpayers' data. When the test was done in 2001, 71 employees out of 100 cooperated, versus 35 this time.

The employees gave various reasons for complying with the request. Some said they did not suspect foul play since they were having network problems at the time; some said they wanted to be helpful to the tech staff; still others said they couldn't find the caller's name on the global IRS directory, but complied anyway. Some got approval from their managers before they would cooperate.

IRS employees have since been instructed to notify security officials if they get calls seeking password or login information.


Already a member? log in here.

Editor's Choice

Upcoming CPE Webinars

Nov 24This webcast presents basic principles of revenue recognition, including new ASU 2014-09 for the contract method. Also, CPAs in industries who want a refresher on revenue accounting standards will benefit.
Dec 3The materials discuss the concepts and principles in the AICPA’s new special purpose framework.
Dec 9A key component to improving your firm’s workflow efficiency while enhancing your profitability at the same time is how you leverage emerging technologies.
Dec 9Kristen Rampe will cover how to diffuse the tension in challenging situations in this one-hour webinar.