WASHINGTON – The Internal Revenue Service on September 2, 2016 warned tax professionals of a new wave of attacks that allow identity thieves to file fraudulent tax returns by remotely taking over practitioners’ computers.
The IRS is aware of approximately two dozen cases where tax professionals have been victimized in recent days. Recently, the IRS urged tax professionals to review their tax preparation software settings and immediately enact all security measures, especially those settings that require usernames and passwords to access tax preparation products.
The IRS, state tax agencies and the tax industry – working as partners in the Security Summit – recently launched the Protect Your Clients; Protect Yourself campaign to increase awareness that criminals are targeting tax professionals and the taxpayer data they possess.
The IRS urges all tax preparers to take the following 5 steps:
- Run a security “deep scan” to search for viruses and malware;
- Strengthen passwords for both computer access and software access; make sure your password is a minimum of eight digits (more is better) with a mix of numbers, letters and special characters and change them often;
- Be alert for phishing scams: do not click on links or open attachments from unknown senders;
- Educate all staff members about the dangers of phishing scams in the form of emails, texts and calls;
- Review any software that your employees use to remotely access your network and/or your IT support vendor uses to remotely troubleshoot technical problems and support your systems. Remote access software is a potential target for bad actors to gain entry and take control of a machine.
“This latest incident reinforces the need for all tax professionals to review their computer settings as soon as possible,” said IRS Commissioner John Koskinen. “Identity thieves continue to evolve and look for new areas to exploit, especially as our fraud filters become more effective. The prompt identification of these attacks is another example of the great benefits that result from the close working relationship the IRS now has with the tax industry and the states through the Security Summit initiative. Information is flowing more rapidly between our groups as we continue our efforts to protect taxpayers.”
These attacks come as the Oct. 17 deadline approaches for extension filers. The IRS first warned of a similar remote take-over attack in the spring, just ahead of the April 15 deadline, another peak period for tax professionals.
Thieves are able to access tax professionals’ computers and use remote technology to take control, accessing client data and completing and e-filing tax returns but directing refunds to criminals’ own accounts.
In addition, the IRS recently issued instructions to tax professionals on how to monitor their PTIN activity. Tax professionals now use the PTIN in lieu of using social security numbers; a change made more than 20 years ago.
This program offers a second layer of protection when e-filing a tax return. If anyone tries to e-file a return without the TPPIN, the return will be rejected. The program ensures filing, including refunds that come back to the taxpayer. It also prevents others from fraudulently filing a taxpayer’s return for the purpose of getting access to refund monies.
“As tax professionals, we do as much as possible to protect our own and our client’s information. I would like to see clients better protect themselves. Do NOT, even to your CPA, send your bank and routing numbers in the same email. Do not list the password in the same email as the password protected files. Do not send your birthdate and social security numbers in the same email. Do not send your bank login name and password in the same email. Believe it or not, it happens all the time. Especially during tax season.”
– Cathy Silva, CPA at Silva Business Solutions
Tax professionals should review Publication 4557, Safeguarding Taxpayer Data, a Guide for Your Business, which provides a checklist to help safeguard taxpayer information and enhance office security. Also, practitioners should review Data Breach Information for Tax Professionals for information on what action they should take if they do become victims.