Sting operation nabs 61 IRS employees

Representatives from the office of the Treasury Inspector General for Tax Administration (TIGTA) posing as help desk technicians contacted a random sample of 102 IRS employees, including managers and a contractor, by telephone. During the course of the phone calls, which occurred on a single day, 61 of the 102 IRS employees, or 60 percent, agreed to provide their user names and passwords to the strangers on the telephone.

Only eight of the 102 employees contacted followed proper procedure and reported the contact to appropriate IRS personnel.

Senator Max Baucus (D-MT), chairman of the Senate Finance Committee, referred to the results as being demonstrative of "reckless disregard for computer security" on behalf of millions of American taxpayers, leaving them "vulnerable to identity theft and other fraudulent schemes."

A report released by the U.S. Treasury Department stated, "Employees either do not fully understand security requirements for password protection or do not place a sufficiently high priority on protecting taxpayer data in their day-to-day work."

One third of the IRS employees who volunteered their passwords stated that they believed the calls to be legitimate, and some even stated that they were experiencing difficulty with their computers before they got the bogus help desk call.

TIGTA conducted similar tests in 2001 and 2004. In the 2001 test, 75 percent of IRS employees provided their login information to callers; in 2004 the number had decreased to 35 percent.

TIGTA has recommended that the IRS conduct additional security awareness training and internal social-engineering tests.

You can read the complete report.

You may like these other stories...

IRS audits less than 1 percent of big partnershipsAccording to an April 17 report from the Government Accountability Office (GAO), the IRS audits fewer than 1 percent of large business partnerships, Stephen Ohlemacher of the...
Legislation coming out of Washington just might reduce homeowners' burden for disaster insurance. It's a topic very much on everyone's minds since the mudslide in Oso, Washington. The loss of human life was...
Divorce is hard, and the IRS isn't going to make it any easier. The IRS generally says "no" to tax deductions that might ease the pain of divorce. In certain circumstances, however, you might be able to salvage...

Upcoming CPE Webinars

Apr 22
Is everyone at your organization meeting your client service expectations? Let client service expert, Kristen Rampe, CPA help you establish a reputation of top-tier service in every facet of your firm during this one hour webinar.
Apr 24
In this session Excel expert David Ringstrom, CPA introduces you to a powerful but underutilized macro feature in Excel.
Apr 25
This material focuses on the principles of accounting for non-profit organizations' revenues. It will include discussions of revenue recognition for cash and non-cash contributions as well as other revenues commonly received by non-profit organizations.
Apr 30
During the second session of a four-part series on Individual Leadership, the focus will be on time management- a critical success factor for effective leadership. Each person has 24 hours of time to spend each day; the key is making wise investments and knowing what investments yield the greatest return.