Tax professionals are target of yet another ID theft scam
Sunday, June 25, 2017
Based on the fast and furious pace of tax scams this month, you'd think it was high tax season instead of summer.
For the second time in just more than a week, the Internal Revenue Service has issued a new tax scam alert. (In case you missed it, the pervasive tax telephone scam was recently tweaked.)
This latest scam warning is for tax professionals, who are receiving phishing emails purportedly from a tax software education provider. The fake communication asks for the tax preparers' help in repairing a failure in the message sender's sham database.
To that fake end, the cyber crooks want the tax pros to send them what the IRS describes as an unusual amount of sensitive preparer data.
Unknown origin, but typical data sought: The IRS is still investigating this new phishing scam, which uses the name of a real U.S.-based preparer education firm. (The IRS did not provide the company's name in issuing its warning to tax pros.)
So far, the email's origin is unknown. It could be from cyber criminals operating within the U.S. or abroad.
Regardless of the source, the goal is the same as all tax identity theft schemes, to get enough personal info to successfully file fake tax returns and claim fraudulent refunds.
Here's the fake email's text that is showing up in tax pros' in-boxes:
In our database, there is a failure, we need your information about your account.
In addition, we need a photo of the driver's license, send all the data to the letter. Please do it as soon as possible, this will help us to revive the account.
*Company Name *
*EServices Username *
*EServices Password *
*EServices Pin *
*Answers to a secret question*
*EIN Number *
*Owner/Principal Name *
*Owner/Principal DOB *
*Owner/Principal SSN *
*Prior Years AGI
Mother's Maiden Name
Obviously, if the con artists get the requested info — particularly tax pros' e-Services credentials such as an Electronic Filing Information Number (EFIN), Preparer Tax Identification Number (PTIN) and Centralized Authorization File (CAF) number — the crooks will have a field day filing fake 1040s.
Tax pros now preferred by ID thieves: Since the IRS and its Security Summit partners have been increasingly successful in stemming individual taxpayer scams, tax pros are now the preferred target of identity thieves.
But why would any tax pro in this day and age fall for such a request?
Some folks are just naturally trusting. Others see a message from what appears to be a company they've worked with for years and want to help.
Stop being so cooperative and helpful. Stop trusting any emails asking for your or clients' personal information.
Just stop. Sadly, the time of being a nice guy or gal tax preparer has passed.
Remember, legitimate businesses and organizations never ask tax professionals for usernames, passwords or sensitive data via email. Even if you are asked, never provide such sensitive information via email.
All this tax pro tax scam advice leads to this week's By the Numbers figure: 0. As in nada, nil, zilch, zero.
As in zero tolerance for any questionable calls or emails or even snail mailed correspondence seeking personal or professional tax-related info.
Recovery steps if scammed: If, however, the worst does happen and you, a tax professional, do fall victim to this or other tax scam emails, forward a copy to email@example.com.
Also copy the phishing email to StateAlert@taxadmin.org. This lets state tax agency representatives know of the identity breach so that they can assist victims with compromised data at that level, too.
If you disclosed any credential information, contact the e-Services Help Desk to reset your password.
And if you disclosed information and taxpayer data was stolen, contact your local stakeholder liaison.
You also might find these items of interest:
These ID theft scams usually target tax professionals. Tax professionals must be aware of these scams to protect them and especially their clients. These tax professionals should know how to resolve problems like this. Here in the Philippines, consulting firms that offer tax services might be a great help in resolving problems like this.
Posted by: Cera Yabut | Wednesday, July 05, 2017 at 04:00 AM
thanks, Jonathan, for the added alert address. Noted!
Posted by: Kay Bell | Wednesday, June 28, 2017 at 01:21 PM
Kay, in future communications and articles, please also include the e-mail address StateAlert@taxadmin.org, in addition to the IRS address Phishing@IRS.gov. The email goes to state tax agency representatives that can assist victims with compromise of personal data by ensuring that all states rapidly receive notice of the issue. See our website at www.taxadmin.org for more information.
Posted by: Jonathan Lyon, Sr. Mgr., Tax Technology & Standards | Wednesday, June 28, 2017 at 11:17 AM
I'd hope that most people would get suspicious at the volume of ID/PW info that this scam email requests, but I know better. I still get calls from clients indicating that they're getting the scam IRS phone calls & aren't sure if they should provide info. It's surprising & disappointing that people are still falling for this, but the scammers wouldn't stop unless these scams worked.
Posted by: Samina | Monday, June 26, 2017 at 09:15 AM
George, as a Texan, I love your data/oil analogy! Kay
Posted by: Kay Bell | Sunday, June 25, 2017 at 06:21 PM
We certainly need more awareness on information security in the field. "Data is the new oil," and these scams prove it.
Posted by: George | Sunday, June 25, 2017 at 03:50 PM