New e-Services Scam Aimed at Preparers
Tax professionals are being warned to watch out for a new round of email scams that seek to steal their professional credentials and other critical information.
As the income tax season nears the April 18 deadline, identity thieves have gone into overdrive, launching this latest campaign to obtain tax pros’ e-Services usernames and passwords. This latest scam is a bogus email message that appears to be from the Internal Revenue Service e-Services division.
Subject lines on the emails can vary. But in general, they attempt to convince the tax pro that their e-Services account has been closed or is in danger of closure. Some examples of the subject lines are:
- Account Closure!
- E-Services Account is Blocked
- Few Hours to Close Your Account
- Your Account is Closed
- Your Account is Terminated
- 24 Hrs to Block Your Account
Links in the scam email will send tax pros to a fake e-Services login page where the thieves can steal the user’s credentials. It’s “signed” by “IRS gov e-Services.” Any email carrying these subject lines should be considered suspicious. NEVER click any link in suspect email messages.
The phishing campaign feeds off recent IRS efforts to toughen e-Services security measures, which now include identity validation. If an account indeed has been closed due to failure to revalidate the user’s identity, tax professionals should call the IRS e-Services Help Desk to have it re-opened. The IRS will not send an email to reopen the account.
Preparers who receive suspect emails seeking e-Services account information should never open any links or attachments in the email; instead, go directly to the IRS e-services web page.
Acting together as the Security Summit, the Internal Revenue Service, state tax agencies and the tax industry are warning that this time of year is high season for identity thieves and their scams to steal professional and client data from tax practitioners. To keep their data safe, all tax professionals and their employees are asked to be on guard against phishing activities through the April 18 deadline.