Bookmark and Share [ [link removed] ]

a { color:#0073AF !important;} a:hover { color:#004673 !important;}
IRS.gov Banner
IRS Newswire August 1, 2023

News Essentials

What's Hot [ [link removed] ]

News Releases [ [link removed] ]

IRS - The Basics [ [link removed] ]

IRS Guidance [ [link removed] ]

Media Contacts [ [link removed] ]

Facts & Figures [ [link removed] ]

Around The Nation [ [link removed] ]

e-News Subscriptions [ [link removed] ]

________________________________________________________________________

The Newsroom Topics

Multimedia Center [ [link removed] ]

Noticias en Espa?ol [ [link removed] ]

Radio PSAs [ [link removed] ]

Tax Scams [ [link removed] ]

The Tax Gap [ [link removed] ]

Fact Sheets [ [link removed] ]

IRS Tax Tips [ [link removed] ]

Armed Forces [ [link removed] ]

Latest News Home [ [link removed] ]

________________________________________________________________________

IRS Resources

Contact My Local Office [ [link removed] ]

Filing Options [ [link removed] ]

Forms & Instructions [ [link removed] ]

Frequently Asked Questions [ [link removed] ]

News [ [link removed] ]

Taxpayer Advocate [ [link removed] ]

Where to File [ [link removed] ]

IRS Social Media [ [link removed] ]

________________________________________________________________________


*Issue Number*:? ??IR-2023-138

*Inside This Issue*
________________________________________________________________________

*Security Summit: Tax pros should remain vigilant against phishing emails and cloud-based attacks*

WASHINGTON ? In the third installment of a special series, the Security Summit [ [link removed] ] partners warned tax professionals to be aware of evolving phishing scams and cloud-based schemes designed to steal sensitive taxpayer information.

The IRS and its Security Summit partners - state tax agencies and the nation's tax industry ? continue to see a steady stream of attacks aimed at the nation?s tax professional community to steal sensitive tax and financial information from clients.

?We continue to see a relentless string of attempts from scammers to obtain sensitive tax professional information,? said IRS Commissioner Danny Werfel. ?Identity thieves and fraudsters continue to look for new and inventive ways into tricking tax pros. These scams can be subtle and sophisticated, and tax pros should not let down their guard to protect their clients and their businesses.?

This is the third release in a five-part "Protect Your Client; Protect Yourself [ [link removed] ]" summer series from the Security Summit, a public-private partnership that works to protect the tax system against tax-related identity theft and fraud.

The weekly news release series and the IRS Nationwide Tax Forums [ [link removed] ], which continue later this month in Washington, D.C., San Diego and Orlando, provide important information to help protect sensitive taxpayer data that tax professionals hold while also protecting their business from identity thieves. This marks the eighth year that the Security Summit partners have worked to raise awareness about these issues through the "Protect Your Clients; Protect Yourself [ [link removed] ]" campaign.

*Phishing, spear phishing and whaling*

One of the most common threats facing tax pros are f phishing and related scams. These are designed to trick the recipient into disclosing personal information such as passwords, bank account numbers, credit card numbers or Social Security numbers.

Tax professionals and taxpayers should be aware of different phishing terms and what the scams might look like:


* *Phishing/Smishing* ? Phishing emails or SMS/texts (known as "smishing") attempt to trick the recipient into clicking a suspicious link, filling out information or downloading a malware file. Often phishing attempts are sent to multiple email addresses at a business or agency increasing the chance someone will fall for the trick.
* *Spear phishing* ? A specific type of phishing scam that bypasses emailing large groups at an organization, but instead identifies potential victims and delivers a more realistic email known as a ?lure.? These types of scams can be trickier to identify since they don?t occur in large numbers. They single out individuals, can be specialized and make the email seem more legitimate. These can pose as a potential client for a tax professional, luring the practitioner into sharing sensitive information.
* *Whaling* ? Whaling attacks are very similar to spear phishing, except these attacks are generally targeted to leaders or other executives with access to secure large amounts of information at an organization or business. Whaling attacks can also target people in payroll offices, human resource personal and financial offices.

Security Summit partners continue to see instances where tax professionals have been particularly vulnerable to emails posing as potential clients. The criminals use this technique to trick practitioners into opening email links or attachments that infect computer systems with the potential to steal client information. Similar schemes are seen with whaling situations where scammers try to obtain large amount of information with legitimate looking email requests.

?The complexity and realism of all these schemes can really catch tax pros and many others off-guard,? Werfel said. ?Scammers can be quite creative and resourceful. We urge the tax community to remain vigilant as well as taxpayers and anyone else with sensitive financial information.?

*Warning signs of scams*
Regardless of the type of phishing attempt, tax pros can protect themselves or their organization by being aware of these scams and looking for warning signs like:


* An unexpected email or text claiming to come from a known or trusted source such as a colleague, bank, credit card company, cloud storage provider, tax software provider or even the IRS and other government agencies.
* A false narrative often with an urgent tone urging the receiver to open a link or attachment.
* An email address, number or link that?s misspelled or has a different domain name or URL ("irs.*com* "vs. "IRS.*gov*").

*Cloud-based schemes can ruin a summer day*
Tax professionals using cloud-based systems that store information or run tax preparation software should use multi-factor authentication to help safeguard that data.

Specifically, the Security Summit continues to see attacks [ [link removed] ] that take advantage of cloud-based systems and compromise personal information. Multi-factor authentication options provide an additional layer of security to access a system by using a phone, text messages or tokens. Since email is easier for identity thieves to access, having these layers of security helps guard against potential vulnerabilities.

*Additional Resources*

For tax professionals who are victim of any of these schemes or identity theft, IRS urges them to quickly contact their IRS Stakeholder Liaison [ [link removed] ] to provide details of the situation. Quickly reporting these incidents can not only protect the tax pro?s clients, it can also help provide critical information timely that can help prevent these attacks from hitting others in the tax community.

Tax professionals should review IRS Publication 4557, Safeguarding Taxpayer Data, for more information.

Other resources include Small Business Information Security: The Fundamentals [ [link removed] ], by the National Institute of Standards and Technology and the IRS? Identity Theft Central [ [link removed] ] pages for tax pros.

Publication 5293, Data Security Resource Guide for Tax Professionals [ [link removed] ], provides a compilation of data theft information available on IRS.gov. The IRS also encourages tax professionals to stay connected to the IRS for its latest updates and alerts through subscriptions to e-News for Tax Professionals [ [link removed] ] and its social media sites [ [link removed] ].

Back to Top [ #Fifteenth ]

________________________________________________________________________

FaceBook Logo [ [link removed] ]??YouTube Logo [ [link removed] ] ?Instagram Logo [ [link removed] ]? Twitter Logo [ [link removed] ] ?LinkedIn Logo [ [link removed] ]

________________________________________________________________________

Thank you for subscribing to the IRS Newswire, an IRS e-mail service.

If you know someone who might want to subscribe to this mailing list, please forward this message to them so they can subscribe [ [link removed] ].

This message was distributed automatically from the mailing list IRS Newswire. Please Do Not Reply To This Message.



?

________________________________________________________________________

Update your subscriptions, modify your password or email address, or stop subscriptions at any time on your Subscriber Preferences Page [ [link removed] ]. You will need to use your email address to log in. If you have questions or problems with the subscription service, please contact subscriberhelp.govdelivery.com [ [link removed] ].

This service is provided to you at no charge by the Internal Revenue Service (IRS) [ [link removed] ].


body .abe-column-block {min-height: 5px;} ________________________________________________________________________

This email was sent to [email protected] by: Internal Revenue Service (IRS) ? Internal Revenue Service ? 1111 Constitution Ave. N.W. ? Washington DC 20535 GovDelivery logo [ [link removed] ]
body .abe-column-block { min-height: 5px; } table.gd_combo_table img {margin-left:10px; margin-right:10px;} table.gd_combo_table div.govd_image_display img, table.gd_combo_table td.gd_combo_image_cell img {margin-left:0px; margin-right:0px;}