Crooks may target tax pros with e-mails claiming to be potential clients or the IRS to scam sensitive information as the season nears, the Internal Revenue Service and other tax and security authorities are warning.
The agencies’ Security Summit partners said early indications are that cybercriminals are already trying to scam tax practitioners, and are cautioning against using only e-mail to communicate with potential or existing clients, “especially if unusual requests are made,” the summit warning read. Past crime could fuel this season’s scams: Recent data breaches likely netted thieves millions of names, addresses, Social Security numbers and e-mail addresses.
Crooks are also relying on last year’s tactic of phishing e-mails to trick practitioners into opening a link or attached document. The IRS reports these recent variations of these email schemes:
- “Happy new year to you and yours. I want you to help us file our tax return this year as our previous CPA/account passed away in October. How much will this cost us?...hope to hear from you soon.”
- “Please kindly look into this issue, A friend of mine introduced you to me, regarding the job you did for him on his 2017 tax. I tried to reach you by phone earlier today but it was not connecting, attach is my information needed for my tax to be filed if you need any more Details please feel free to contact me as soon as possible and also send me your direct Tel-number to rich (sic) you on.”
- “I got your details from the directory. I would like you to help me process my tax. Please get back to me asap so I can forward my details.”
If the practitioner responds, crooks send a second e-mail that contains either a phishing URL or an attached document that contains a phishing URL, claiming tax data is enclosed. In some cases, if the URL or attachment is clicked, it can download malicious software onto the tax pro’s computer.
The IRS also reports that fraudsters have recently again impersonated IRS e-Services, asking tax pros to sign into their accounts and providing a link that in fact leads to a fake e-Services site that steals usernames and passwords.
The IRS recommends that all e-Services account holders upgrade their accounts to the more-rigorous authentication process now offered.
Practitioners can forward phishing e-mails to email@example.com.