Tax professionals are target of yet another scam

They’re back. OK, they never really left. They are tax scammers. And they are once again targeting tax professionals. Specifically, says the Internal Revenue Service, tax con artists have their sights on tax pros who use the agency’s e-services. Phishing for tax pro data: The crooks are sending these tax pros an email asking them to update their accounts and directing them to a fake website. The subject line for the fraudulent email is “Security Awareness for Tax Professionals,” purportedly coming from “Your e-Services Team.” The scam email tells recipients that information was stolen from certain user accounts in 2015 from a state-sponsored actor. It says they should upgrade their e-service account to ensure protection of their information by clicking on the provided login to access their accounts for security upgrade. As with many phishing attempts, the email includes touches to try to convince recipients that the email is real. In this case there’s an IRS logo and an e-services logo. Both of these fake IRS images, warns the real IRS, contain hyperlinks to a URL that’s been verified as a phishing site. The spoofing site poses as an e-services registration page. This latest tax-pro targeting comes as the IRS is strengthening its e-services authentication process and working to improve communications with tax professionals about their accounts. Scammers are attempting to steal e-services usernames, passwords and possibly more personal data through the fake registration page. Recovery steps: If you already clicked on the fake logo and provided your username and password, the IRS wants you to contact its e-services help desk to reset your account. If you use the same password for other accounts, change those ASAP. And as an extra precaution, the IRS recommends you perform a deep security scan on your computers, re-evaluate security controls and stay alert to any other signs of identity theft or data compromise. Additional tax pro security measures suggested by the IRS and its Security Summit partners include: Always use robust security software Use encryption software to protect taxpayer data Use strong passwords and change them often Learn to recognize phishing emails attempting to steal data Never click on links or download attachments from suspicious emails Beware of any communications claiming to be the IRS that are outside normal channels You also can review the agency’s Protect Your Clients, Protect Yourself web page for other steps you can take to protect your tax preparation business and your customers’ information. You also might find these items of interest: Tax scam targets tax professional offices 4 tax cyber security tips from IRS, NY tax officials 2-step authentication system on the way for access to more IRS online services

Article Source From:
Tax professionals are target of yet another scam