The Internal Revenue Service has warned tax professionals, as the 2016 filing season begins, to be alert to a new email scam by cybercriminals posing as clients soliciting their services. The scam is a variation of a phishing scheme targeting accounting and tax preparation firms nationwide. The scheme's objective is to collect sensitive information that will allow fraudsters to prepare fraudulent tax returns.
The IRS says the fraudulent phishing emails typically come in two stages. The first email is an innocuous solicitation such as "I need a preparer to file my taxes.". If the tax professional responds, the cybercriminal sends a second email. This second email typically has either an embedded web address or contains a PDF attachment that has an embedded web address which the tax professional is instructed to open. In some cases, the phishing emails may appear to come from a legitimate sender or organization (or even a colleague) because they also have been victimized by the phishers taking over their accounts to source their e-mails.
The tax professional may think he or she is downloading a potential client's tax information or accessing a site with the potential client's tax information as a result of the second e-mail. However, in reality, the cybercriminals are collecting the preparer's email address and password and very possibly other information through their malware.
The IRS urges tax professionals and tax preparation firms to consider creating internal policies or obtain security experts' recommendations on how to address unsolicited emails seeking their services.
For more information, please contact William E. Elwood in our Washington, D.C. office at 202-659-6972.