Tax Tip 2019-120: Here’s what tax pros can do so they aren’t taken on a phishing trip

Internal Revenue Service (IRS) sent this bulletin at 09/03/2019 12:43 PM EDT

Bookmark and Share

 

IRS.gov Banner
IRS Tax Tips September 3, 2019

Useful Links:

IRS.gov

Help For Hurricane Victims

News Essentials

What's Hot

News Releases

IRS - The Basics

IRS Guidance

Media Contacts

Facts & Figures

Around The Nation

e-News Subscriptions

The Newsroom Topics

Multimedia Center

Noticias en Español

Radio PSAs

Tax Scams/Consumer Alerts

The Tax Gap

Fact Sheets

IRS Tax Tips

Armed Forces

Latest News

IRS Resources

Compliance & Enforcement News

Contact Your Local IRS Office

Filing Your Taxes

Forms & Instructions

Frequently Asked Questions

Taxpayer Advocate Service

Where to File

IRS Social Media

 

Issue Number:  Tax Tip 2019-120

Here’s what tax pros can do so they aren’t taken on a phishing trip

Tax professionals should remember to educate everyone who works for them to be on the lookout for phishing emails. Sending scam emails is still the most common tactic used by cybercriminals to steal sensitive data.

More than 90 percent of all data thefts start with a phishing email. Cybercriminals use phishing emails and malware to gain control of computer systems or to steal usernames and passwords. It’s important tax pros and every single one of their employees know how to spot these scams. Tax professionals and others in the business world are only as safe as their least educated employee.

Here are some tactics thieves use to steal data:

Spear phishing.
Spear phishing is a type of phishing scam. The objective of a spear phishing email is to pose as a trusted source and “bait” the recipient into opening an embedded link or an attachment. The email may make an urgent plea to the tax pro to update an account immediately. A link may seem to go to another trusted website, but it’s actually a website controlled by the thief.

Keylogging.
An attachment may contain malicious software called keylogging. This software secretly infects a computer and provides the thief with the ability to see every keystroke. Thieves can then steal passwords to various accounts. The thief can even take remote control of computers, enabling them to steal taxpayer data.

Pretending to be a client.
A common spear phishing scam is when the thief poses as a prospective client and sends an unsolicited email to a tax professional. After an exchange of emails, the thief sends a follow-up email with an attachment. The thief claims it contains the tax information needed to prepare a return. Instead, it contains spyware that allows thieves to track each keystroke.

Sending links.
Thieves pose as tax software providers or data storage providers with emails containing links. These links go to web pages that mirror real sites. The thieves’ goal is to trick tax professionals into entering their usernames and passwords into these fake sites, which the crooks then steal.

Ransomware.
Another trick used by thieves is ransomware. In this scam, the thief doesn’t steal the data, they encrypt it. Once they encrypt the data, thieves demand a ransom in return for the code to unencrypt the data. The FBI warns users not to pay the ransom because thieves often don’t provide the code. 

More information:
www.studentaid.gov
Get Transcript FAQs

Share this tip on social media -- #IRSTaxTip: Here’s what tax pros can do so they aren’t taken on a phishing trip. https://go.usa.gov/xVWt3

 

Back to Top

FaceBook Logo  YouTube Logo  Instagram Logo  Twitter Logo  LinkedIn Logo

Thank you for subscribing to IRS Tax Tips, an IRS e-mail service. For more information on federal taxes please visit IRS.gov.

This message was distributed automatically from the IRS Tax Tips mailing list. Please Do Not Reply To This Message.