Accounting and tax-preparation firms are the target of a new email scheme in which cybercriminals pretend to be clients in need of their services, the IRS, state tax agencies, and tax industry leaders warned on Jan. 11.
This latest phishing scam typically happens in two stages. First, an email is sent to a tax professional that says something like, “I need a preparer to file my taxes.”
“In some cases, the phishing emails may appear to come from a legitimate sender or organization – perhaps even a friend or colleague – because they also have been victimized,” the IRS said. “Fraudsters have taken over their accounts to send phishing emails.”
If the tax professional responds to the email, a second email is sent by the scammer, which contains an embedded web address or a PDF attachment that has an embedded web address.
By clicking on the link, the tax professional thinks that he or she is downloading or accessing that potential client’s tax information. But instead, the scammers are collecting the practitioner’s email address, password, and other private information.
“The scheme’s objective is to collect sensitive information that will allow fraudsters to prepare fraudulent tax returns,” the IRS said.
Content seriesView full content series
So, what should accounting or tax-preparation firms do? The IRS urges them to consider developing internal policies or asking security experts for advice on how to address unsolicited emails seeking their services.
More importantly, tax professionals should never respond to or click on a link in an unsolicited email or PDF attachment from an unknown sender, the IRS said.
Last summer, the IRS and its Security Summit partners launched the “Protect Your Clients; Protect Yourself” initiative, a public awareness campaign on data security that is aimed at tax professionals.