On March 17, the Rhode Island Department of Revenue’s Division of Taxation (Division) issued Advisory No. 2017-11 that warns tax preparers and taxpayers about “last-minute phishing email scams, especially those scams requesting deposit changes for refunds or account updates.” The Division’s efforts are part of broad security guidance partnered by the Internal Revenue Service, state tax authorities and the tax industry, collectively working as the Security Summit.

Security Summit partners warn that cybercriminals worldwide are aggressively targeting tax professionals to steal taxpayer information. As the April 18, 2017, tax filing deadline nears, evolving and crafty tax-related scams are proliferating. Diligence, among tax professionals and taxpayers, is a must on a daily basis. If a communication or request appears to be suspicious, it likely is just what it seems.

Security Summit partners suggest that tax preparers should change and strengthen their email passwords to enhance the security of email accounts used to exchange sensitive data with their clients. Also, tax preparers should verbally confirm information with a client— should the preparer receive an email request to change an address or the routing of direct deposit refunds.

Also, taxpayers are targets of scam emails purporting to be from a tax software provider asking them to update online accounts. Any email urging taxpayers to give sensitive data—such as passwords, social security numbers or financial account numbers—are almost certainly phishing ruses. Recipients should not ever open the email’s attachments or links. Suspicious emails should be reported to phishing@irs.gov.