Light Dark
March 22, 2021 By David Bisson 2 min read
News

Many people are familiar with U.S. Internal Revenue Service (IRS) scam letters fishing for money around tax season. Now, a new form of IRS scam targets tax professionals in a virtual version of the fake IRS letter.

The IRS warned tax professionals to be on the lookout for a scam that attempts to steal a victim’s E-Filing Identification Number (EFIN). Attackers use a fake email to target tax preparers’ identities and their clients’ data. Then, if they do get the information, attackers can impersonate the tax preparer and file fraudulent tax returns to get refunds.

Read on to learn how this IRS scam works and how to stay safe this tax season:

New IRS Scam Targets EFINS

According to the IRS, the ruse began with a scam email. This email claimed to come from ‘IRS Tax E-Filing.’ The subject line reads ‘Verifying your EFIN before e-filing.’

The email informs the tax preparer that they need to send over some documents to verify authorized E-File personnel. It then asks for a copy of both their EFIN and driver’s license number. To add some urgency to the threat, the email says the IRS will disable the tax preparer’s E-Filing access if they don’t comply.

The IRS urged tax preparers to not follow any of the steps outlined in the email. The best thing to do is to delete the email and not respond in any way.

Other Tax Scams

The IRS and other outlets have highlighted several other notable tax scams this season. In the beginning of February, for instance, the IRS warned taxpayers about the threat of ‘ghost’ tax return preparers who refuse to sign people’s returns that they prepare. Tax preparers are required to sign each return that they prepare and include their Preparer Tax Identification Number.

According to the IRS, the absence of a signature could indicate that a tax preparer is engaged in dishonest activity. They could be promising large refunds and charging fees based on the size of those refunds, for instance.

Another tax-related scam used fake SMS-based text messages that appeared to come from Her Majesty’s Revenue and Customs (HMRC) to trick U.K. recipients into thinking they could get a tax rebate. The scam messages arrived with a link that, when clicked, sent the user to a web page made to look like a real U.K. government website.

The bogus website domain, along with multiple grammatical errors, gave away the web page as a fake. It linked to a page designed to steal visitors’ personal information, including their credit card details. After scooping up their information it redirected victims to a real U.K. government page.

How to Stay Safe Against an IRS Scam

Organizations can defend themselves and their users against an IRS scam by investing in their email security defenses. One of the ways they can do this is by creating a security awareness training program and educating their workforce about some of the most common types of tax-based phishing emails and other scams that are in circulation.

To keep their employees aware of this IRS scam and similar attacks, organizations should test their employees on an ongoing basis. They should also use threat intelligence to stay on top of the newest tax scams.

 |  |  |  |  | 
David Bisson
Contributing Editor

More from News
December 16, 2024

FBI, CISA issue warning for cross Apple-Android texting

3 min read - CISA and the FBI recently released a joint statement that the People's Republic of China (PRC) is targeting commercial telecommunications infrastructure as part of a significant cyber espionage campaign. As a result, the agencies released a joint guide, Enhanced Visibility and Hardening Guidance for Communications Infrastructure, with best practices organizations and agencies should adopt to protect against this espionage threat. According to the statement, PRC-affiliated actors compromised networks at multiple telecommunication companies. They stole customer call records data as well…

December 9, 2024

Zero-day exploits underscore rising risks for internet-facing interfaces

3 min read - Recent reports confirm the active exploitation of a critical zero-day vulnerability targeting Palo Alto Networks’ Next-Generation Firewalls (NGFW) management interfaces. While Palo Alto’s swift advisories and mitigation guidance offer a starting point for remediation, the broader implications of such vulnerabilities demand attention from organizations globally. The surge in attacks on internet-facing management interfaces highlights an evolving threat landscape and necessitates rethinking how organizations secure critical assets. Who is exploiting the NGFW zero-day? As of now, little is known about the…

December 2, 2024

Will arresting the National Public Data threat actor make a difference?

3 min read - The arrest of USDoD, the mastermind behind the colossal National Public Data breach, was a victory for law enforcement. It also raises some fundamental questions. Do arrests and takedowns truly deter cyberattacks? Or do they merely mark the end of one criminal’s chapter while others rise to take their place? As authorities continue to crack down on cyber criminals, the arrest of high-profile threat actors like USDoD reveals a deeper, more complex reality about the state of global cyber crime.…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature