IRS Issues Urgent Warning Regarding Cyberattacks on Tax Professionals

Four Questions You Need to Ask Yourself About Your Data’s Security
4 Cybersecurity Tools You Need to Know About
Scammers are impersonating IRS emails to gain personal information.

With tax season already underway, individuals are facing something that is unexpected when doing their taxes, being the target of phishing cyberattacks. The IRS has sent out a dire notice to tax professionals warning them of digital scams involving people trying to steal Electronic Filing Identification Numbers, also known as EFINs. 

Agency officials said they have seen a plethora of individuals receiving fake emails. The emails lure in their victims with subject lines like, “Verifying your EFIN before e-filing,” posing as a sender labeled IRS Tax E-Filing. The IRS said tax professionals have become optimal targets for attackers looking for information to help them file fake tax returns and steal identities.

Phishing scams are one of the most popular cyberattacks due to their easy set-up with emails that can expose a large number of potential victims. We have seen an increase in phishing scams since the pandemic started, and often see an increase during tax season. This means that those within the industry have to stay on high alert.

In order to help tax professionals understand what to look out for, the IRS shared some of the subject lines individuals have been receiving, as well as some resources on what to look out for. Within the phishing email, it asks the target to send, “a current PDF copy or image of your EFIN acceptance letter or a copy of your IRS EFIN Application Summary,” and even asks for photos of the front and back of a driver’s license.

The IRS has also seen some of these scammers impersonating a customer that is asking for help. Such emails may include clickables that contain malware and other dangerous hacking implementations. Your email isn’t the only place you should be staying vigilant, though. There has been a similar increase in scams on mobile phones over the last couple of years.

The alarming increase of scams specifically targeting tax firms comes from the desire to gain more valuable information, such as social security numbers and bank account information. Cyberattackers across the world were able to steal billions of dollars last year as the US government worked to keep the economy going with direct payments and PPP loans.  

With increasingly sophisticated and ever-changing threats, what can businesses do to stop these phishing attacks from infiltrating their computing networks and detrimentally affecting their customers? There are important steps you can take today to make sure that this does not happen to you.

First, individuals should understand that the IRS will never just email or call to ask for personal information. Second, tax professionals should always go through government agency sites and have a 2-factor authentication on their accounts for extra layers of security. Third, tax professionals should habitually follow some basic “best practices” when evaluating emails, including the examination of the sender’s address and evaluating message content with care.

Moreover, it is important for these safety protocols to be shared. Training employees on these practices is critical, as everyone is a potential target of these cyberattacks.

A warning released by the IRS stated that tax professionals should not click any links within the emails, no matter how urgent they sound. Clicking these links can lead to a download of documents that contain dangerous malware. The agency created an email address, phishing@irs.gov, and those who receive any suspicious emails should reach out to the Treasury Inspector General for Tax Administration.

Keeping your business, your employees, and your customers safe is one of our priorities here at Symmetric IT Group and is something you shouldn’t have to do alone, especially when tax season gets underway. You should be able to focus on what you do best and not have to worry about the security of your IT systems. We are here to help. Reach out to us today at 813-749-0895 or explore our information security page for more information on how you can best protect your business during tax season and beyond.

Interested in our Services?

You should be able to run your business without having to worry about managed it support or the security of your data.

Read more about our services and how we can help you.

Related Posts

Schedule Your Free Consultation

"*" indicates required fields

Services you are interested in?*
Yes, subscribe me to Newsletter
This field is for validation purposes and should be left unchanged.

Schedule Your
Free Consultation

Are you exposed to cybersecurity, or technology obsolescence risks? Are their ways to reduce your ongoing Managed IT Support costs or improve business operations?

Information Security by your Managed IT Services provider