The Internal Revenue Service, along with state tax agencies and the tax industry, is cautioning tax preparers to beware of a new phishing scheme revolving around emails claiming to be from a tax software education provider.
The phishing email uses the name of a real U.S.-based preparer education company, although the IRS did not identify the company in the warning it issued Friday on behalf of its Security Summit group.
The email says, “In our database, there is a failure, we need your information about your account.
In addition, we need a photo of the driver's license, send all the data to the letter. Please do it as soon as possible, this will help us to revive the account.
*Company Name *
*EServices Username *
*EServices Password *
*EServices Pin *
*Answers to a secret question*
*EIN Number *
*Owner/Principal Name *
*Owner/Principal DOB *
*Owner/Principal SSN *
*Prior Years AGI
Mother's Maiden Name"
The IRS said the actual origin of the email is unknown and could be coming from cybercriminals who may be operating from either a location in the U.S. or another country. The message asks for an unusually large amount of sensitive preparer information that could allow criminals to steal client data and file fraudulent tax returns.
The IRS reminded tax professionals that legitimate businesses and organizations should never ask for usernames, passwords or sensitive data via email, and tax preparers should never provide such information by email no matter who requests it.
Tax professionals’ e-Services credentials, Electronic Filing Information Number (EFIN), Preparer Tax Identification Number (PTIN) and Centralized Authorization File (CAF) number can be extremely valuable information to identity thieves, the IRS noted, and anybody who is handling taxpayer information has a legal obligation to protect it.
The IRS has been partnering with state tax authorities and the tax industry on its Security Summit initiative in recent years to combat identity theft. It said they are making inroads on individual tax-related identity theft, so cybercriminals are targeting tax professionals more and more. The authentication procedures have become more rigorous so scammers need to get some of the actual client data so they can better impersonate taxpayers when filing fraudulent returns for tax refunds.
Register or login for access to this item and much more
All Accounting Today content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access