Working Virtually: Avoid phishing scams; Part 4 of Security Summit tips for tax professionals

IR-2020-178, August 11, 2020

WASHINGTON — The Internal Revenue Service and the Security Summit partners today warned tax professionals to be alert to new phishing scams that try to take advantage of COVID-19, Economic Impact Payments and increased teleworking by practitioners.

The IRS, state tax agencies and the nation’s tax industry urged tax firms to review and heighten their data protection plans this summer as cybercriminals step up efforts to steal client tax information. Crooks are targeting tax professionals as well as taxpayers.

Avoiding phishing emails is the fourth in a five-part Security Summit series called Working Virtually: Protecting Tax Data at Home and at Work. The Security Summit initiative by the IRS, state tax agencies and private-sector tax industry spotlights basic security steps for all practitioners, but especially those working remotely in response to COVID-19.

“The coronavirus has created new opportunities for cybercriminals to use email to try stealing sensitive information,” said IRS Commissioner Chuck Rettig. “The vast majority of data thefts start with a phishing email trick. Identity thieves pose as trusted sources – a client, your software provider or even the IRS – to lure you into clicking on a link or attachment. Remember, don’t take the bait. Learn to recognize and avoid phishing scams.”

Phishing emails generally have an urgent message, such as your account password expired. They direct you to an official-looking link or attachment. The link may take you to a fake site made to appear like a trusted source and request your username and password. Or, the attachment may contain malware, which secretly downloads malware that tracks keystrokes and allows thieves to eventually steal all the tax pro’s passwords.

This year, IRS identified a highly sophisticated attack against tax firms where thieves gained remote access either through phishing or malware and were able to enter the cloud storage accounts that held client files. In one case, thieves spent 18 months quietly downloading and accessing taxpayer information before they were discovered.

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning to all organizations to educate employees, especially those teleworking, about increased activity related to phishing scams.

These scams focused on COVID-19 fears by presenting themselves as providers of face masks or personally protective equipment in short supply. Thieves also used other tactics against taxpayers, impersonating the IRS and calling or emailing requests for bank account information to send the Economic Impact Payments.

Tax professionals should beware of emails from criminals posing as potential clients. As people practice social distancing these days, criminals may exploit this process to try to trick tax practitioners into opening links or attachments. The Security Summit continues to urge tax professionals to create “trusted customer” policies, and contact potential clients by phone or video conference.

Taxpayers and tax preparers can forward suspicious emails posing as the IRS to phishing@irs.gov.

Because phishing emails are so common and successful, Summit partners urge tax professionals to educate all office personnel about the dangers and risks of opening suspicious emails – especially during the COVID-19 period.

Additional resources

Tax professionals also can get help with security recommendations by reviewing the recently revised IRS Publication 4557, Safeguarding Taxpayer Data (PDF), and Small Business Information Security: The Fundamentals (PDF) by the National Institute of Standards and Technology.

Publication 5293, Data Security Resource Guide for Tax Professionals (PDF), provides a compilation of data theft information available on IRS.gov. Also, tax professionals should stay connected to the IRS through subscriptions to e-News for Tax Professionals and Social Media or visit Identity Theft Central at IRS.gov/identitytheft.

IR Press

Share
Published by
IR Press

Recent Posts

OCC Announces Enforcement Actions for November 2024

WASHINGTON—The Office of the Comptroller of the Currency (OCC) today released enforcement actions taken against…

5 hours ago

Treasury Sanctions Gazprombank and Takes Additional Steps to Curtail Russia’s Use of the International Financial System

Treasury imposes sanctions on dozens of Russian banks, securities registrars, and finance officials; OFAC issues…

21 hours ago

Acting Comptroller Testifies on State of the Federal Banking System

WASHINGTON—Acting Comptroller Michael J. Hsu today testified on the state of the federal banking system…

1 day ago

Remarks by Assistant Secretary for International Finance Brent Neiman on the U.S. Cross-Border Payments Agenda

As Prepared for Delivery Thank you very much for the opportunity to be here today, and…

3 days ago

Remarks by Assistant Secretary for Investment Security Paul Rosen at the Third Annual CFIUS Conference

As Prepared for Delivery Good afternoon.  I’d like to start by thanking our panelists today for…

3 days ago