Based on the fast and furious pace of tax scams this month, you'd think it was high tax season instead of summer.
For the second time in just more than a week, the Internal Revenue Service has issued a new tax scam alert. (In case you missed it, the pervasive tax telephone scam was recently tweaked.)
This latest scam warning is for tax professionals, who are receiving phishing emails purportedly from a tax software education provider. The fake communication asks for the tax preparers' help in repairing a failure in the message sender's sham database.
To that fake end, the cyber crooks want the tax pros to send them what the IRS describes as an unusual amount of sensitive preparer data.
Unknown origin, but typical data sought: The IRS is still investigating this new phishing scam, which uses the name of a real U.S.-based preparer education firm. (The IRS did not provide the company's name in issuing its warning to tax pros.)
So far, the email's origin is unknown. It could be from cyber criminals operating within the U.S. or abroad.
Regardless of the source, the goal is the same as all tax identity theft schemes, to get enough personal info to successfully file fake tax returns and claim fraudulent refunds.
Here's the fake email's text that is showing up in tax pros' in-boxes:
In our database, there is a failure, we need your information about your account.
In addition, we need a photo of the driver's license, send all the data to the letter. Please do it as soon as possible, this will help us to revive the account.
*Company Name *
*EServices Username *
*EServices Password *
*EServices Pin *
*Answers to a secret question*
*EIN Number *
*Owner/Principal Name *
*Owner/Principal DOB *
*Owner/Principal SSN *
*Prior Years AGI
Mother's Maiden Name
Obviously, if the con artists get the requested info — particularly tax pros' e-Services credentials such as an Electronic Filing Information Number (EFIN), Preparer Tax Identification Number (PTIN) and Centralized Authorization File (CAF) number — the crooks will have a field day filing fake 1040s.
Tax pros now preferred by ID thieves: Since the IRS and its Security Summit partners have been increasingly successful in stemming individual taxpayer scams, tax pros are now the preferred target of identity thieves.
But why would any tax pro in this day and age fall for such a request?
Some folks are just naturally trusting. Others see a message from what appears to be a company they've worked with for years and want to help.
Stop being so cooperative and helpful. Stop trusting any emails asking for your or clients' personal information.
Just stop. Sadly, the time of being a nice guy or gal tax preparer has passed.
Remember, legitimate businesses and organizations never ask tax professionals for usernames, passwords or sensitive data via email. Even if you are asked, never provide such sensitive information via email.
All this tax pro tax scam advice leads to this week's By the Numbers figure: 0. As in nada, nil, zilch, zero.
As in zero tolerance for any questionable calls or emails or even snail mailed correspondence seeking personal or professional tax-related info.
Recovery steps if scammed: If, however, the worst does happen and you, a tax professional, do fall victim to this or other tax scam emails, forward a copy to [email protected].
If you disclosed any credential information, contact the e-Services Help Desk to reset your password.
And if you disclosed information and taxpayer data was stolen, contact your local stakeholder liaison.
You also might find these items of interest: