The Internal Revenue Service (IRS) is warning about new efforts to steal taxpayer data from tax professionals in the final weeks of the tax filing season.
With less than a month to go before Tax Day, the IRS says that the “New Client” scam has re-emerged. In the scam, tax professionals receive an email allegedly from a potential new client. The purported new client claims to have a tax issue. One such email begins, “I just moved here from Michigan. I have an urgent Tax issue and I was hoping you could help.” Another opens with, “I hope you are taking on new clients.” The scammer then attaches documents said to be an IRS notice or prior-year tax information to the email. Unfortunately, the attachments contain malware that, if opened, allows the criminals to steal taxpayer data.
Other examples include emails that begin:
Please kindly look into this issue, A friend of mine introduced you to me, regarding the job you did for him on his 2017 tax. I tried to reach you by phone earlier today but it was not connecting, attach is my information needed for my tax to be filed if you need any more Details please feel free to contact me as soon as possible and also send me your direct Tel-number to rich (sic) you on.
And:
I got your details from the directory. I would like you to help me process my tax. Please get back to me asap so I can forward my details.
Sometimes, the initial email may not contain an attachment. However, if the tax professional responds, the scammer will send a second email that contains either a phishing URL or an attachment. The URL or attachment is typically malicious and will download malicious software onto the tax professional’s computer.
The IRS also reports that tax professionals may be at risk for other spear phishing attempts. This happens when scammers send an email which appears to be from a trusted source like the IRS, e-Services, a tax software provider, or a cloud storage provider. Thieves also may pose as clients or potential new clients. The scammer attempts to trick the tax professional into disclosing sensitive usernames and passwords through email or to open a link or attachment that downloads malware enabling the thieves to track every keystroke.
The IRS reports that it has seen a “steep upswing” in the number of reported thefts of taxpayer data from tax practitioner offices. The agency is encouraging tax professionals to be on high alert as Tax Day approaches since criminals may try to take advantage during this busy time of year.
What can identity thieves do with the data? On a basic level, the thieves can file tax returns using taxpayer data to secure bogus refunds. Last month, the IRS warned that scam had been kicked up a notch with a new twist: Thieves are using stolen taxpayer data to file fraudulent tax returns and use the taxpayers’ real bank accounts to deposit erroneous tax refunds. Then, the thieves, posing as IRS or other law enforcement, call attention to the error and ask taxpayers to return the money to them.
Taxpayers and tax professionals alike should learn to recognize phishing emails, especially those pretending to be from the IRS, e-Services, a tax software provider, or cloud storage provider. Do not open a link or any attachment from a suspicious email. And remember: The IRS never initiates contact with a taxpayer (or tax professional) via email.
For more tips for tax professionals, check out IR-2018-68.