Tax Professional Spearphishing Scams Could Lead to Criminals Impersonating Tax Preparers

• The Internal Revenue Service (IRS) is warning tax professionals about spearphishing scams that aim to steal their tax software preparation credentials. The bogus emails claim that an action is required and are linked to fake websites with the logos of legitimate tax software preparation providers.
• While the spearphishing scams target tax professionals, criminals could obtain tax preparer credentials to commit tax preparer scams against consumers. Criminals could use the information to execute many different identity crimes.
• To avoid one of the spearphishing scams, tax professionals should ignore any suspicious emails they are not expecting and avoid suspicious links or pop-up windows asking for credentials.
• If a tax professional falls for a scam, they should save the email and send it to [email protected] and notify the Treasury Inspector General for Tax Administration at tigta.gov.
• To avoid a tax preparer scam, consumers should only choose a professional tax preparer with a valid IRS Preparer Tax Identification Number (PTIN), ask the tax preparer about their credentials, ask how taxpayer information is stored and used, and have a strong passphrase on their account.
• To learn more, or if someone thinks they are the victim of a tax professional spearphishing scam or tax preparer scam, contact the Identity Theft Resource Center toll-free by calling 888.400.5530 or using the live-chat function on the company website idtheftcenter.org.

The Internal Revenue Service (IRS), state tax agencies and tax industry want tax professionals to be aware of new spearphishing scams that attempt to steal their tax software preparation credentials. The IRS recently issued the warning and reminded tax professionals that they remain a prime target for thieves looking to steal client data and tax preparers’ identities to file fraudulent tax returns for refunds.

While the current spearphishing scam only targets tax professionals, if criminals obtain tax preparers credentials, they could try to trick people into falling for a tax preparer scam by impersonating tax preparers to solicit consumers.

What is the Tax Professional Spearphishing Scam?

The latest spearphishing scam uses the IRS logo and a variety of subject lines like “Action Required: Your account has now been put on hold.” The IRS says they have observed similar bogus emails that claim to be from a “tax preparation application provider.” One variation offers an “unusual activity report” and a solution link for the recipient to restore their account.

The IRS says they have also seen emails that claim to be from tax software providers where the bogus email sends users to a fake website that shows the logos of reputable tax software preparation providers. If someone clicks on a logo, there is a request for tax preparer credentials.

How Can It Impact Consumers?

Each year, about half of U.S. taxpayers rely on a tax preparer and a tax preparation service to help them file their tax returns. From accounting firms to walk-in services like H&R Block, Credit Karma, Jackson Hewitt and others, they all can be a target for identity criminals. The tax professional spearphishing scam is an example of how criminals obtain the credentials to commit tax preparer scams.

If a criminal gets their hands on all of the personally identifiable information (PII) a person has to provide to a tax professional, they can file the tax return for themselves, steal refunds the consumers are expecting, and use the information for credential stuffing if they can access other accounts the victim may have.

What Should Tax Professionals Do?

• To avoid a spearphishing scam, tax professionals should ignore any suspicious emails. They could have malicious links, attachments and downloads that could steal one’s information or download malware onto their computer.
• Also, no one should enter their credentials into a pop-up window. Criminals can use personal information to file fraudulent returns.
• If a tax professional clicks on a malicious link or enters their account information into a fake form, they should contact their tax software preparation provider’s support line.
• If a tax professional receives a spearphishing email, they should save the email and send it as an attachment to [email protected]. They should also notify the Treasury Inspector General for Tax Administration at tigta.gov.

What Should Consumers Do?

• To avoid a tax preparer scam, people should only choose a professional tax preparer with a valid IRS Preparer Tax Identification Number (PTIN).
• Consumers should not hesitate to ask what information the preparer will be able to access, how that information will be stored, how long it will be stored, who will be able to access the information and other pertinent questions.
• It is good for consumers to have a strong 12+ character unique passphrase on their account to make it harder for the criminals to guess.

Contact the ITRC

Whether you are a tax professional and believe you fell victim to a spearphishing scam or a consumer who thinks they may have been tricked in a tax preparer scam, the Identity Theft Resource Center (ITRC) is here to help you. You can speak with an expert advisor by calling toll-free (888.400.5530) or using the live-chat function on the company website. Just visit www.idtheftcenter.org to get started.