You may have heard that the IRS a number of partners in the tax industry have joined forces, forming the “Security Summit,” to fight tax fraud and identity theft. Last year, the Security Summit launched a “Protect You Clients; Protect Yourself” initiative, and the latest effort from this campaign is called, “Don’t Take the Bait.”
Don’t Take the Bait is intended to eductate tax professionals on phishing, which appears to be the tax scam of choice with many hackers.
The focus of Don’t Take the Bait is to raise awareness of email security among tax professionals, and asks for diligence and caution when opening any emails. This warning comes in response to the recent increase in “phishing” scams that specifically target the accounting industry.
How Phishing Scams Target Accountants
According to the IRS, these phishing scams involve emails from nefarious sources claiming to be clients, friends, or other tax professionals that contain an infected link or attachment.
If clicked, tax practitioners risk putting their clients personal information at risk, potentially exposing them to identity theft. Criminals are reportedly most interested in stealing e-Services passwords, Electronic Filing ID Numbers, Preparer Tax ID Numbers, and Centralized Authorization File numbers.
The IRS reports receiving about 5 reports of data theft each week from tax professionals.
“Beware Your Inbox”
“It’s good to trust others but, not to do so is much better.” Benito Mussolini
While security measures like cloud computing, carbonite backup, and antivirus software are helpful, the best weapon against these scams is vigilance. Be sure that any emails you open are coming from trusted sources, beware public Wi-Fi, and think twice before clicking on any links or files, especially those with a “.ZIP” attachment.
The Security Summit reminds us that, “Tax professionals must remember that they have not just an obligation but a legal requirement under federal law to protect taxpayer information.”
IRS Commisioner John Koskinen also adds that, “Too many still overlook basic security steps needed to protect their data. As part of this, we urge the tax professional community: Beware your inbox. Don’t take the bait from these phishing scams.”
Well said, John. And, remember that if your clients’ data is stolen from you in a phishing scam, you’ll be “on the hook” as well!