Information For...

For you and your family
Individuals abroad and more
EINs and other information

Filing For Individuals

Information For...

For you and your family
Standard mileage and other information

Forms and Instructions

Individual Tax Return
Request for Taxpayer Identification Number (TIN) and Certification
Single and Joint Filers With No Dependents
Employee's Withholding Allowance Certificate

 

Request for Transcript of Tax Returns
Employer's Quarterly Federal Tax Return
Installment Agreement Request
Wage and Tax Statement

Popular For Tax Pros

Amend/Fix Return
Apply for Power of Attorney
Apply for an ITIN
Rules Governing Practice before IRS

Security Summit Alert: New Two-Stage E-mail Scheme Targets Tax Professionals

IR-2017-03, Jan. 11, 2017

WASHINGTON – The Internal Revenue Service, state tax agencies and tax industry leaders today warned tax professionals to be alert to an email scam from cybercriminals posing as clients soliciting their services.

A new variation of this phishing scheme is targeting accounting and tax preparation firms nationwide. The scheme's objective is to collect sensitive information that will allow fraudsters to prepare fraudulent tax returns.

These latest phishing emails come in typically two stages. The first email is the solicitation, which asks tax professionals questions such as "I need a preparer to file my taxes." If the tax professional responds, the cybercriminal sends a second email. This second email typically has either an embedded web address or contains a PDF attachment that has an embedded web address.

In some cases, the phishing emails may appear to come from a legitimate sender or organization (perhaps even a friend or colleague) because they also have been victimized. Fraudsters have taken over their accounts to send phishing emails.

The tax professional may think they are downloading a potential client's tax information or accessing a site with the potential client's tax information. In reality, the cybercriminals are collecting the preparer's email address and password and possibly other information.

The IRS urges tax professionals and tax preparation firms to consider creating internal policies or obtain security experts' recommendations on how to address unsolicited emails seeking their services.

One tip: Never respond to or click on a link in an unsolicited email or PDF attachment from an unknown sender. As the IRS, states and the tax industry make progress in the fight against identity theft, cybercriminals are becoming more sophisticated in their efforts to steal additional client information. Criminals need more data in their effort to impersonate clients and file fraudulent returns to claim refunds, and schemes like this can help in this effort.

Read more at Protect Your Clients; Protect Yourself, the Security Summit initiative to increase awareness about the tax professional community.

Follow the IRS on Social Media
Subscribe to IRS Newswire