As the April 17 tax filing season deadline nears, the Office of Tax and Revenue (OTR), the Internal Revenue Service (IRS), tax agencies from other states, and the tax industry warn tax professionals to be alert to taxpayer data theft.
The Security Summit partners urge taxpayers to enhance their data safeguards immediately. As stated by the IRS, in recent days, the “New Client” scam has re-emerged, signaling ongoing attempts by cybercriminals to target tax professionals with spear phishing schemes. In this scam, a “new client” emails the tax pro about a tax issue, attaching documents to their email that they claim to be an IRS notice or prior-year tax information. The documents actually contain malware that, if opened, enable the criminals to steal taxpayer information.
Here is an example of an email from the “New Client” scam: “I just moved here from Michigan. I have an urgent Tax issue and I was hoping you could help,” the email begins. “I hope you are taking on new clients.” The email says one attachment is the IRS notice and the other attachment is the prospective client’s prior-year tax return. This scam has many variations. (See IR-2018-2, Security Summit Partners Warn Tax Pros of Heightened Fraud Activity as Filing Season Approaches.)
As a reminder, January through April is the prime season for cybercriminals to attack tax practitioners, however, data thefts can occur at any time. It is critical for tax professionals to stay vigilant and enhance security measures to protect their data especially as the tax filing season deadline is approaching.
Some tax professionals may be unaware they are victims of data theft. Here are some signs:
- Client e-filed returns begin to reject because returns with their Social Security numbers were already filed;
- The number of returns filed with tax practitioner’s Electronic Filing Identification Number (EFIN) exceeds number of clients;
- Clients who haven’t filed tax returns begin to receive authentication letters (5071C, 4883C, 5747C) from the IRS;
- Network computers running slower than normal;
- Computer cursors moving or changing numbers without touching the keyboard;
- Network computers locking out tax practitioners.
The Security Summit partners, which include the IRS, state tax agencies and the nation’s tax community, remind tax professionals and taxpayers to never open a link or an attachment from a suspicious email. These scams can increase during the tax season.
Tax professionals can review additional tips to protect clients and themselves at the Security Summit’s awareness campaign, Protect Your Clients, Protect Yourself, on IRS.gov.