America’s tax professionals are being warned about a new phishing campaign aimed at stealing the preparers’ filing data.
While the origin of the email is unknown, the Internal Revenue Service says it could be coming from cybercriminals either inside the U.S. or abroad. One characteristic of this new attack is the extensive amount of sensitive data sought by the thieves.
The fake email in this attack uses the name of a real U.S.-based preparer education firm. Here’s the text as it appears in in the bogus emails being sent to tax professionals:
In our database, there is a failure, we need your information about your account.
In addition, we need a photo of the driver's license, send all the data to the letter. Please do it as soon as possible, this will help us to revive the account.
*Answers to a secret question
*Prior Years AGI
Mother's Maiden Name
Remember that the IRS and legitimate businesses will NEVER ask a tax professional for their usernames, passwords, or other sensitive data by email. NEVER provide that data via email if asked for it.
An IRS release on the phishing effort alerts all tax pros to be ready for further attacks that attempt to get their filing information.
“Because the IRS, state tax agencies and the tax industry, acting in partnership as the Security Summit, are making inroads on individual tax-related identity theft, cybercriminals increasingly target tax professionals. Thieves are looking for real client data so they can better impersonate the taxpayer when filing fraudulent returns for refunds,” the release states.
If you received or fell victim to the scam email, forward a copy to firstname.lastname@example.org. If you disclosed any credential information, contact the e-Services Help Desk to reset your password. If you disclosed information and taxpayer data was stolen, contact your local stakeholder liaison.