Scammers clearly aren’t taking a break this summer. Days after the Internal Revenue Service (IRS) warned taxpayers about a “new twist” to an existing phone scam, the agency has issued yet another scam warning. The IRS, state tax agencies, and the tax industry, as part of the Security Summit partnership, are warning tax professionals about new phishing emails claiming to be from a tax software education provider seeking sensitive preparer data.
According to the IRS, the email’s origin is not yet known but is thought to be issued by cybercriminals who could be operating from the U.S. or abroad. What makes the email unusual, according to the IRS, is “the amount of sensitive preparer data that it seeks.”
And, just to make the scam more believable, he fake email uses the name of a real U.S.-based preparer education firm.
So what exactly are the scammers hoping to find out? They’re seeking information about tax preparer credentials in order to gain access to taxpayer data. With real client data, thieves can better impersonate the taxpayer when filing fraudulent returns for refunds.
Here’s a sample of the text that the IRS reports is being sent to tax professionals:
In our database, there is a failure, we need your information about your account.
In addition, we need a photo of the driver’s license, send all the data to the letter. Please do it as soon as possible, this will help us to revive the account.
* Company Name *
* EServices Username *
* EServices Password *
* EServices Pin *
* CAF number *
* Answers to a secret question *
* EIN Number *
* Business Name *
* Owner/Principal Name *
* Owner/Principal DOB *
* Owner/Principal SSN *
* Prior Years AGI *
* Mother’s Maiden Name *
This information, says the IRS, will enable the thieves to steal client data and file fraudulent tax returns. That’s because e-Services credentials, Electronic Filing Information Numbers (EFINs), Preparer Tax Identification Numbers (PTINs), and Centralized Authorization File (CAFs) numbers are extremely valuable to identity thieves. It’s important to take steps to protect that information.
All tax professionals should remember that legitimate businesses and organizations will never ask for usernames, passwords or sensitive data via email. And obviously, tax preparers should never provide such sensitive information via email.
Additionally, it’s important to remember that anyone handling taxpayer information has a legal obligation to protect that data. If you have received or fallen victim to the scam email, forward a copy to phishing@irs.gov. If you have disclosed any tax credential information, contact the e-Services Help Desk to reset your password. Finally, if you have disclosed information and taxpayer data has been stolen, you need to contact your local stakeholder liaison.
The IRS says that the Security Summit partnership, which kicked off in March of 2015 as a collaboration between IRS, state tax agencies, and the private-sector tax industry, is making inroads on individual tax-related identity theft. As a result, cybercriminals are increasingly targeting tax professionals.
