While many of the rest of us are still receiving phone calls from scammers posing as the IRS in order to fool us into sending them money, CPAs and other tax professional are being targeted by sophisticated identity thieves through emails that appear to come from the IRS with the subject line indicating “Security Awareness for Tax Professionals” The email has a counterfeit IRS logo in the message and tells the intended victim that the IRS is updating its authentication procedures and requires the person receiving the email to log in to update their username and password. Of course, anyone providing this information would have turned this data over to a scammer who will then use it to access sensitive information in that person’s e-services account with the IRS.
Tax professionals receiving this email should already be protecting their security through strong passwords, dual factor authentication, when possible, regularly updated security software as well as using encryption programs for email. Data should also be stored in the cloud or a portable hard drive. If someone receiving this email has concerns that it might be legitimate due to the fact that the IRS is constantly trying to update its security, he or she should still not click on any links in the email or provide any information in response to the email, but rather contact the IRS directly at an email address of telephone number he or she knows is legitimate.