Tax Professionals – Protect Client Data, Learn Signs of Data Theft


Tax professionals increasingly are targeted by cybercriminals seeking to steal taxpayer data and file fraudulent tax returns. Make sure you take steps to protect client data and protect your business.

Take basic security steps:

  • Learn to recognize phishing emails, especially those pretending to be from the IRS, e-Services, a tax software provider or cloud storage provider. Never open a link or any attachment from a suspicious email. Remember: The IRS never initiates initial contact with a tax pro via email.
  • Create a data security plan using IRS Publication 4557, Safeguarding Taxpayer Data PDF, and Small Business Information Security – The Fundamentals  PDF, by the National Institute of Standards and Technology.
  • Review internal controls: 
    • Install anti-malware/anti-virus security software on all devices (laptops, desktops, routers, tablets and phones) and keep software set to automatically update.
    • Create passwords of at least eight characters; longer is better. Use different passwords for each account, use special and alphanumeric characters, use phrases, password protect wireless devices and consider a password manager program.
    • Encrypt all sensitive files/emails and use strong password protections.
    • Back up sensitive data to a safe and secure external source not connected fulltime to a network.
    • Wipe clean or destroy old computer hard drives and printers that contain sensitive data.
    • Limit access to taxpayer data to individuals who need to know.
    • Check IRS e-Services account weekly for number of returns filed with EFIN.
  • Report any data theft or data loss to the appropriate IRS Stakeholder Liaison
  • Stay connected to the IRS through subscriptions to e-News for Tax Professionals, Quick Alerts, and Social Media.

Watch for signs of data theft

You or your firm may be a victim and not even know it. Here are some common clues to data theft:

  • Client e-filed returns begin to reject because returns with their Social Security numbers were already filed;
  • Clients who haven’t filed tax returns begin to receive authentication letters (5071C, 4883C, 5747C) from the IRS;
  • Clients who haven’t filed tax returns receive refunds; 
  • Clients receive tax transcripts that they did not request;
  • Clients who created an IRS online services account receive an IRS notice that their account was accessed or IRS emails stating their account has been disabled or, clients receive an IRS notice that an IRS online account was created in their names;
  • The number of returns filed with tax practitioner’s Electronic Filing Identification Number (EFIN) exceeds number of clients;
  • Tax professionals or clients responding to emails that practitioner did not send;
  • Network computers running slower than normal;
  • Computer cursors moving or changing numbers without touching the keyboard;
  • Network computers locking out tax practitioners.

Data Loss Reporting

  • Tax professionals who suffer a data theft or loss can assist their clients by immediately reporting the loss to the Internal Revenue Service. The IRS can take steps to either prevent tax-related identity theft or assist taxpayers to recover faster from tax-related identity theft. More information available at Data Theft Information for Tax Professionals.
  • Report client data theft to your local stakeholder liaison. Liaisons will notify IRS Criminal Investigation and others within the agency on your behalf. Speed is critical. If reported quickly, the IRS can take steps to block fraudulent returns in your clients’ names and will assist you through the process.

Additional Resources:

Protect Your Clients!

Learn More