IR-2017-170, Oct. 11, 2017
WASHINGTON — The IRS today warned all e-Services users to beware of a new phishing scam that tries to trick tax professionals into “signing” a new e-Services user agreement. The phishing scam seeks to steal passwords and data.
The scam email claims to be from “e-Services Registration” and uses “Important Update about Your e-Services Account” in the subject line. It states, in part, “We are rolling out a new user agreement and all registered users must accept its revised terms to have access to e-Services and its products.” It asks the individual to review and accept the agreement but takes them to a fake site instead.
All tax professionals should be aware that as e-Services begins its move later this month to Secure Access authentication and its two-factor protections, cybercriminals likely will make last-ditch efforts to steal passwords and data prior to the transition. As the IRS has warned over the past few years, these sophisticated schemes are adaptive in nature and everyone should be cautious before clicking on a link or entering sensitive personal information.
For those who may have clicked onto this link, perform a deep scan with security software, contact IT/cybersecurity personnel and the IRS e-Help Desk.
To read more about what the IRS is doing to protect accounts with Secure Access authentication, go directly to the main e-Services landing page on IRS.gov.