IRS warns e-Services users of new phishing scam

Register now

The Internal Revenue Service issued a new warning Tuesday to users of its online e-Services cautioning them to beware of a new phishing scam that attempts to trick tax professionals into “signing” a new e-Services user agreement.

The phishing scam is actually trying to steal passwords and data, the IRS warned in an email to tax professionals. The IRS has been trying to migrate to new e-Services technology with improved authentication and security abilities, but has faced repeated delays. The IRS said that all tax professionals should be aware that as e-Services begins its move later this month to Secure Access authentication and its two-factor protections, cybercriminals are likely to make last-ditch efforts to steal passwords and data prior to the transition.

The scam email claims to come from “e-Services Registration” and says “Important Update about Your e-Services Account” in the subject line. In part, the scam email states, “We are rolling out a new user agreement and all registered users must accept its revised terms to have access to e-Services and its products.” The email asks users to review and accept the agreement but takes them instead to a fake site.

If tax professionals have clicked on this link, the IRS said they should perform a deep scan with their security software, contact their office’s IT or cybersecurity personnel, and contact the IRS’s e-Help Desk.

Separately on Tuesday, the IRS said the migration of e-Services to a new platform is taking longer than anticipated. “We know this is causing issues for some of you, and we apologize,” said the IRS. “We are working hard to get this technology upgrade in place and hope to have applications back online within the next two weeks. We will provide weekly updates until we are ready to launch.”

Meanwhile, the IRS’s online Transcript Delivery System, Taxpayer Identification Number Matching, Secure Object Repository and Registration apps are functional, it noted.

For reprint and licensing requests for this article, click here.