IRS sees new filing season scam hitting tax pros

The Internal Revenue Service warned tax professionals Friday to beef up their security measures and avoid clicking on some new phishing emails that can download malware onto their computers to steal their clients’ data.

Even though tax season started just this week, the IRS has already identified a new scam that started with cybercriminals stealing data from several tax preparers’ computers and filing bogus tax returns.

In a new twist on an older scam, the fraudulent tax returns in a few cases actually used the taxpayers' real bank accounts for the deposit. A woman impersonating a debt collection agency official then contacted the taxpayers to say a refund was deposited by mistake and requested the taxpayers to send the money to her.

Andrew Harrer/Bloomberg

This new scam is probably just the first of many this season, the IRS suspects. The agency is working with state tax authorities and the tax industry to combat tax-related identity thieves as part of their Security Summit initiative. While the IRS and its partners have made progress in battling identity theft, cybercriminals have changed their tactics to focus on tax professionals where they can steal the most client data.

Thieves realize it’s harder to identify and stop fraudulent tax returns when they’re using actual client data such as income, dependents, tax credits and deductions. Typically, criminals find alternative ways to get the bogus refunds delivered to themselves rather than the real taxpayers.

Tax professionals can report data theft incidents to the IRS through their state’s IRS Stakeholder Liaison, who will notify the relevant IRS officials and serve as a point of contact. All tax practitioners should also look at the Data Theft Information for Tax Professionals page on IRS.gov for details about the process and the extra steps they should pursue.

When the IRS is notified right away, it can take steps to help safeguard taxpayers from identity theft. IRS Criminal Investigation agents are still examining the latest data theft scam. But the IRS pointed out that most tax-related data thefts happen because a tax preparer or an employee in their office opened a phishing email and clicked on a link or attachment that contained malware. There are different types of malware but some can be downloaded secretly into computers and let thieves see each keystroke or provide thieves with remote access to computers. Both versions let thieves steal data kept on the computers. Tax pros should check out the Security Summit’s Don’t Take the Bait campaign, which describes various scams used by criminals to trick preparers.