Tax pros beware; the Internal Revenue Service (IRS) is reporting a new tax scam that targets tax professionals rather than the taxpayers themselves.
This new email scam targets tax professionals though e-services. A variation on a previous scam, in this one tax professionals receive an email asking them to update their accounts.
The link in the email directs the tax professionals to a bogus website which claims to be an e-services registration page. The website in question has in fact been verified as a phishing site. For those of you who do not know, a phishing site is a site that pretends to be legitimate, but collects personal information or asks you to confirm your personal information including credit card information, bank account numbers, PIN numbers, Social Security numbers and passwords for the purpose of committing fraud.
Here’s what to look out for with this fraudulent email:
- Subject line reads “Security Awareness for Tax Professionals.”
- Email purports to be from “Your e-Services Team” and looks just like an e-services registration page.
- Both the IRS logo and e-services logo directly link you to the phishing site, if you click on them.
The fraudulent email advises the reader that a state-sponsored actor stole information from certain user accounts in 2015.The email then directs users to upgrade their e-services account to ensure the protection of their information by clicking on the login to access their account.
If you are an e-services user who received the email and clicked on the fake logo or link, and provided them with your username and password, contact the real e-services help desk immediately to reset your password. Furthermore, if you happened to click the link and the password you provided is the same password you use for other accounts (i.e. credit card logins, online banking accounts, etc.) you should immediately reset those passwords as well. As an extra level of protection, users who clicked the logo(s) or link should perform a deep security scan on their computers, re-evaluate their security controls, and be on the lookout for any other signs of identity theft or data compromise.
If you receive a suspicious email that claims to be from the IRS, DO NOT OPEN the email or click on any links. Rather, you should immediately forward the email as an attachment to email@example.com and then promptly delete the email
If you are using Apple Mail, to forward the email as an attachment click on “Message” and scroll down to click on “Forward as Attachment.” In Microsoft Outlook, to forward an email as an attachment, click on “Actions” and scroll down to click on “Forward as an Attachment.” Alternatively, you can use the keyboard commands Ctrl+Alt+F.
Tax professionals should always visit IRS.gov directly to access e-services and never click on any links in emails allegedly from the IRS.
For more information about protecting your accounts and taxpayer information, check out the “Protect Your Clients; Protect Yourself” page on the IRS website.