Tax professionals are warned about a rising "new client" scam during the busy tax filing season. In this scheme, cybercriminals impersonate potential clients in phishing emails to tax professionals. The email typically contains a malicious link or attachment, purportedly the client's tax information. Clicking on the link or opening the attachment gives the scammer access to the tax professional's email address, password, and potentially other sensitive data. Some scammers may even deploy malware onto the tax pro's computer to gain access to their system, using the compromised email account to target clients.
To combat such scams, individuals are advised to report unsolicited emails claiming to be from the IRS to phishing@irs.gov. For those experiencing financial losses due to IRS-related scams, reporting to the Treasury Inspector General for Tax Administration, Federal Trade Commission, and the Internet Crime Complaint Center is recommended. Tax professionals who fall victim should promptly report data theft to their local IRS Stakeholder Liaison representative, local offices of the FBI and Secret Service, and local police. State-specific reporting can be done through the Federation of Tax Administrators and state attorneys general.
To enhance security, tax professionals are urged to create a Written Information Security Plan as mandated by Federal Trade Commission rules. A special document developed by the Security Summit effort aids tax practitioners in quickly formulating an effective action plan and knowing whom to contact in the event of a data breach.
Commentaires