We recently wrote about an Internal Revenue Service warning of heightened phishing activity to try to deceive the release of employee W-2 information. With tax season in full swing, the IRS, along with state agencies and the tax preparation industry, warn of a new scam targeting tax professionals. Phishing e-mail schemes are targeting tax professionals by impersonating their software providers.
The scam e-mail contains the subject line, “Access Locked.” It purports that the recipients’ access to their software accounts has been “suspended due to errors in your security details.” The recipient is instructed to address the issue by using the “unlock” link in the e-mail. When clicking on the link, the recipients will be taken to a fake web page, where they are instructed to enter their user name and password. The cybercriminals will use the provided information to access the preparers’ accounts and steal client information.
For tax professionals who receive such e-mails purportedly from their tax software providers, they should send the e-mail to their actual provider (without accessing the link). For Windows users, the IRS provides the following instructions:
1. Use “Save As” to save the scam. Under “save as type” in the drop down menu, select “plain text” and save to your desk top. Again, don’t click on any links. 2. Open a new e-mail and attach the saved e-mail as a file. 3. Send the new e-mail with the attachment to the actual software provider, as well as a copy to Phishing@IRS.gov.
The IRS, state tax agencies and tax professional community have formed a Security Summit partnership to detect and prevent identity theft and tax fraud schemes. The IRS’s website provides useful and updated information about the evolving threats, especially those prevalent during tax season.