IRS Warns of More Email Scams for 2018
January 17, 2018
The IRS is warning tax professionals of early signs that cybercriminals already are at work as the nation's tax season approaches. Fraudsters are using a new round of emails posing as potential clients or even the IRS to trick tax practitioners into disclosing sensitive information.
The IRS encourages tax practitioners to be wary of communicating solely by email with potential or even existing clients, especially if unusual requests are made. If in doubt, tax practitioners should call to confirm a client's identity.
In recent days, tax professionals have reported numerous attempts by fraudsters to pierce their security by posing as potential clients. The fraudsters, posing as potential clients, send initial emails to tax practitioners. In recent days, the IRS has seen these early variations of these email schemes:
- "Happy new year to you and yours. I want you to help us file our tax return this year as our previous CPA/account passed away in October. How much will this cost us?...hope to hear from you soon."
- "Please kindly look into this issue, A friend of mine introduced you to me, regarding the job you did for him on his 2017 tax. I tried to reach you by phone earlier today but it was not connecting, attach is my information needed for my tax to be filed if you need any more Details please feel free to contact me as soon as possible and also send me your direct Tel-number to rich (sic) you on."
- "I got your details from the directory. I would like you to help me process my tax. Please get back to me asap so I can forward my details."
If the tax practitioner responds, the fraudster will send a second email that contains either a phishing URL or an attached document that contains a phishing URL, claiming their tax data is enclosed. The fraudster wants the tax pro to click on the link or attachment and then enter their credentials. In some cases, the URL or attachment might be malicious and if clicked will download malicious software onto the tax pro's computer.
Depending on the malware involved, this scheme could give fraudsters access to the tax practitioners' secure accounts or sensitive data. It may even give the fraudster remote control of the tax professionals' computers.
The IRS also has received recent reports of fraudsters again posing as IRS e-Services, asking tax pros to sign into their accounts and providing a disguised link. The link, however, sends tax pros to a fake e-Services site that steals their usernames and passwords.
This type of scam is one of the reasons the IRS has moved e-Services to the more secure identity-proofing process called Secure Access. It is important that all e-Services account holders upgrade their accounts to this more rigorous authentication process. E-Services account holders who have not updated their accounts should do so immediately.
Tax practitioners receiving emails from fraudsters posing as the IRS, or even their tax software provider, should go directly to the main website, such as IRS.gov, rather than opening any links or attachments. Forward attempted phishing emails to phishing@irs. gov. The IRS does not send unsolicited emails.