Regulation and Compliance Federal Regulation IRS

IRS: Watch Out for 'Tax-Savvy' Phishing Scams Ahead of Oct. 15

August 09, 2017 at 12:03 PM
Share & Print

Ahead of the Oct. 15 deadline for extension filers, the Internal Revenue Service is reminding tax professionals that their digital networks are at risk for remote takeover by a new phishing email scam in which cybercriminals impersonate tax software providers and try to steal usernames and passwords.

This scam shows that cybercriminals are "tax-savvy," according to the IRS, "and underscores the need for tax professionals to take strong security measures to protect their clients and … their business."

The latest scam is labeled "Software Support Update" and describes an "Important Software System Upgrade." Plus, it thanks recipients for their continued trust in the software provider, which mimics the software providers' email templates.

It also asks recipients to revalidate their login credentials and gives them a fictitious website that looks like the software provider's real login page.

"This is another emerging threat to tax professionals that the IRS has seen on the rise," IRS Commissioner John Koskinen said in a statement. "A remote takeover can be devastating to practitioners' business as well as to the taxpayers they serve. It's critical for people to take steps to understand and prevent these security threats before it's too late."

Such scams — or phishing — happens when scammers act like a friend, client or company and share attachments that potential victims download, releasing malware and giving criminals remote access to a computer. According to the IRS, such takeovers could lead to fraudulent tax filings and damage to their clients.

"Instead of upgrading software, the tax professionals are providing their information to cybercriminals who use the stolen credentials to access the preparers' accounts and to steal client information," the IRS said in a press release.

Software providers do not embed links in emails that ask for password validation, the government body says, adding that both tax professionals and taxpayers "should never open a link or an attachment from a suspicious email."

What to Do

In order to boost awareness about such takeovers, the IRS launched "Don't Take the Bait," a 10-part campaign aimed at tax professionals, in July.

"Multiple incidents have been reported to the IRS in the past year as tax professionals' systems have been secretly infiltrated. The criminals accessed client tax returns, completed those returns, e-filed them and secretly directed refunds to their own accounts," the organization said in a statement.

Cyberattacks work via weaknesses in security settings. Another line of attack involves the use of malware to download malicious code, which gives criminals access to the network.

"Especially vulnerable are wireless networks, including mobile phones, modems and router devices, printers, fax machines and televisions that retain their factory-issued password settings. Sometimes, these devices have no protection at all," according to the IRS.

The IRS is urging tax professionals to take the following steps to help protect themselves and clients from remote takeovers:

  • Educate staff members about the dangers of phishing scams, which can be in the form of emails, texts and calls, as well as the threat posed by remote access attacks;
  • Use strong security software, set it to update automatically and run a periodic security "deep scan" to search for viruses and malware;
  • Identify and assess wireless devices connected to the network, including mobile phones, computers, printers, fax machines, routers, modems and televisions. Replace factory password settings with strong passwords.
  • Strengthen passwords for devices and for software access. Make sure passwords are a minimum of eight digits (more is better) with a mix of numbers, letters and special characters;
  • Be alert for phishing scams: do not click on links or open attachments from unknown, unsolicited or suspicious senders;
  • Review any software that employees use to remotely access the network as well as those used by IT support vendors to remotely troubleshoot technical problems. Remote access software is a potential target for bad actors to gain entry and take control of a machine. Disable remote access software until it is needed.

— Check out Summer Tax Scams in Full Swing, IRS Warns on ThinkAdvisor.

NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Related Stories

IRS Pushes Back Deadlines in Proposed RMD Regs Dissecting a GOP Senator's Misleading Social Security Attack How to Avoid the Tax Trap of the Wash-Sale Rule IRS to Drop Interest Rates in January Debate: Should the SALT Deduction Cap Be Eliminated? No More Waivers: IRA Beneficiaries Must Take RMDs in 2025

Resource Center

7 Ways to Take Your Practice to the Next Level link

White Paper

7 Ways to Take Your Practice to the Next Level

The Innovative RIA: Why Automation Is The Key To Sustainable Growth link

eBook

The Innovative RIA: Why Automation Is The Key To Sustainable Growth

What's Missing From Passive Municipal Bond ETFs? link

White Paper

What's Missing From Passive Municipal Bond ETFs?