Phishing criminals pose as potential tax clients to infiltrate tax preparers' systems and steal data
Millions of taxpayers prepare their own returns using tax software. Even the Internal Revenue Service encourages this do-it-yourself approach with Free File.
So it's no surprise that many tax professionals are looking at ways to retain and add to their client base.
Unfortunately, crooks know this, too, and are taking advantage with a new phishing scam in which they target accounting and tax preparation firms and pose as potential clients.
Instead of looking for help in completing their returns, the cybercrooks are trying to gather sensitive information from tax professionals that the criminals then will use to file fraudulent tax returns on their own.
Two-tiered phishing attempt: The Internal Revenue Service and its Security Summit partners say these latest phishing emails come in typically two stages.
The first email is the solicitation, in which the scamming sender reaches out to tax pros and says, "I need a preparer to file my taxes."
In some cases, this first entreaty appears to come from a legitimate sender, perhaps even a friend or colleague, or from a legitimate organization that the tax pro knows about or belongs to. In these cases, though, the seemingly real sender also is a victim, as the fraudsters have taken over their accounts to send phishing emails.
If the tax professional does respond to the original inquiry, the cybercriminal sends a second email.
The follow-up message has either an embedded web address or contains a PDF attachment that has an embedded web address.
Targeted tax pros may think they are downloading a potential client's tax information or accessing a site with the potential client's tax information. However, in reality it's the criminals who are collecting information, such as the responding preparer's email address and password and possibly other information.
Beef up office security: This new phishing scam has been showing up nationwide, according to the IRS.
The tax agency urges tax professionals and tax preparation firms to consider creating internal policies or getting security experts' recommendations on how to address unsolicited emails seeking their services.
Such suggestions can be found at the Security Summit's special Protect Your Clients; Protect Yourself web page.
And one cyber security recommendation applies not just to tax pros, but to all of us. Never respond to or click on a link in an unsolicited email or PDF attachment from an unknown sender.