IRS Warns of Remote Control Attacks on Tax Preparer Computers

The Internal Revenue Service is warning tax professionals that identity thieves are trying to remotely take control over their computers to file fraudulent tax returns using the names and IDs of their clients.

The IRS urged tax preparers Fridays to double-check the settings on their tax prep software and enable all security measures to safeguard their clients’ information. They should pay particular attention to any usernames and passwords for accessing their tax software. The IRS said it is aware of approximately two dozen cases in recent days where tax professionals have been victimized.

The IRS has been working with state tax authorities and the tax industry on an initiative called the Security Summit to combat identity theft. Together they recently launched the Protect Your Clients; Protect Yourself campaign to raise awareness of criminals targeting tax professionals and their clients’ information.

“This latest incident reinforces the need for all tax professionals to review their computer settings as soon as possible,” said IRS Commissioner John Koskinen‎ in a statement. “Identity thieves continue to evolve and look for new areas to exploit‎, especially as our fraud filters become more effective. The prompt identification of these attacks is another example of the great benefits that result from the close‎ working relationship the IRS now has with the tax industry and the states through the Security Summit initiative. Information is flowing more rapidly between our groups as we continue‎ our efforts to protect taxpayers.”

Koskinen recently recorded a video that the IRS posted on YouTube this week urging tax professionals to take precautions to safeguard their cybersecurity.

The IRS pointed out that the attacks are occurring as the Oct. 17 deadline approaches for filing tax extensions. The IRS warned of a similar remote control attack this past spring, just before the April 15 tax day deadline.

To prevent identity thieves from remotely accessing computers, the IRS is urging tax preparers to run a security “deep scan” to search for viruses and malware. They should also strengthen their passwords for accessing both their computers and software. The password should be at least eight digits long (although more is better), using a mix of numbers, letters and special characters.

Tax pros should also be on the lookout for phishing scams and not click on links or open attachments from unknown senders. They should educate all staff members about the dangers of phishing scams in the form of emails, texts and calls.

Tax practitioners should also review any software their employees use to remotely access the network or their IT support vendor uses to remotely troubleshoot technical problems and support the systems in the office. Remote access software is a potential target for identity thieves to gain entry and take control of a machine.

The IRS recently issued instructions to tax professionals on how to monitor their PTIN activity. Tax pros should also review Publication 4557, Safeguarding Taxpayer Data, a Guide for Your Business, which provides a checklist to help safeguard taxpayer information and enhance office security. Another guide, Data Breach Information for Tax Professionals, provides information on what action to take if one becomes a victim.