If you or your staff receive an email from someone you don’t know – or for any reason suspect the email could be suspicious – don’t open it!
As part of its Security Summit effort, the IRS is kicking off “Don’t Take the Bait,” another communications effort in its Protect Your Clients, Protect Yourself Campaign. Tax pros are advised to increase their computer security and to beware of their inbox, specifically, the successful email scams called “spear phishing” that identify themselves as a friend, customer or company.
Phishing scams use bait or lures to trick preparers into opening an infected link or attachment or disclosing usernames and passwords to critical accounts. Falling for the phishing bait means exposing taxpayer data to theft. Thieves also are interested in stealing preparers’ e-Services passwords, Electronic Filing Identification Numbers, Centralized Authorization File numbers and Preparer Tax Identification Numbers.
From January through May, there were 177 tax professionals or firms who reported data thefts involving client information involving thousands of people. The IRS currently is receiving three to five data theft reports a week from tax practitioners. Not all data losses are due to phishing scams but stopping this commonly used tactic by cybercriminals would do much to lessen the current losses.