TAX PROS: BEWARE, and New Scam Targeting Tax Professionals, please share with your colleagues!
(Urgent Message from Marc Zine, IRS Stakeholder Liaison)
There’s a new phishing scheme targeting tax professionals. Emails pretending to be from tax software companies request the recipient to download and install an important software update via a link included in the e-mail. Once recipients click on the embedded link, they are directed to a website prompting them to download a file appearing to be an update of their software package. The file has a naming convention that uses the actual name of their software followed by an “.exe extension.” Upon completion, tax professionals believe they have downloaded a software update when in fact they have loaded a program designed to track the tax professional’s key strokes, which is a common tactic used by cyber thieves to steal login information, passwords and other sensitive data.
Given the proliferation of schemes, return preparers should monitor the usage of their PTINs and EFINs.
PTINs – someone else may use your PTIN to file legitimate returns or refund fraud returns. All credentialed preparers and Annual Filing Season Program participants can monitor their PTIN activity in their PTIN accounts to ensure the number of returns filed using their PTIN matches IRS records. For more information, see Tax Tip 2016-11 on IRS.gov on the IRS Security Awareness Tax Tips page: https://www.irs.gov/uac/irs-security-awareness-tax-tips https://www.irs.gov/uac/irs-security-awareness-tax-tips. I’ve attached a screen shot from the PTIN system showing what this information looks like.
TINs – your client’s TINs may be stolen if your systems are hacked, to file fraudulent refund returns. All preparers can monitor their EFIN activity in their IRS e-Services account (from within the e-file application). Check the EFIN status of your application through e-Services Online Tools to make sure the volume of returns e-filed matches your records. You can also review your acknowledgement report totals. If your records do not agree, your EFIN may have been compromised.
These are security steps that preparers should regularly do all year, but especially during the filing season.
IRS Stakeholder Liason