Phishing Scam

The IRS spotted highly sophisticated attacks against tax firms this year. The hackers gained remote access either through phishing or malware and with it they were able to get into the cloud storage accounts having files of the clients. In one of the cases, the intruders quietly kept downloading and accessing the information of taxpayers for around 18 months before they were caught. The Internet Crime Complaint Center of FBI reported that there was a loss of $57 million of the people to phishing schemes in a year. The IRS and the Security Summit partners have warned tax professionals to be attentive to the new phishing scams that are trying to take advantage of the Corona Outbreak, Economic Impact Payments, and increased teleworking by practitioners.

The IRS, state tax agencies, and the nation's tax industry urged tax firms to review and enhance the data protection blueprint as cybercriminals have stepped up in their efforts of stealing client tax information. Criminals are targeting tax professionals as well as taxpayers. The initiative by the IRS of security summit, the private-sector tax industry, and state tax agencies highlights basic security steps for all practitioners, but especially those who are working remotely in response to the pandemic.

If we get into the history of phishing scams then we can see some of the biggest names there that fell into the trap like Facebook, Google, Crelan Bank, FACC, Upsher-Smith Laboratories, Ubiquiti Networks, Leoni AG, Xoom Corporation, and more. So from that, we can understand the caliber of the criminals and understand that we need to learn the proper way to tackle the phishing scams.

Phishing Scam

Whether it is a large corporation, a small business, or a medium-sized company, Phishing is considered to be one of the most dangerous threats to the business. Chuck Rettig, the IRS Commissioner said that “The coronavirus has created new opportunities for cybercriminals to use email to try stealing sensitive information. Let us look at some of the methods that hackers use for the purpose of phishing.

The Phishing Methods 

Phishing emails are the most common form of phishing, and messages such as your account password expired come up in the mail. There is a link or attachment in the mail that looks quite official. Clicking on that link may take you to a site that looks like a trusted source but is actually fake. The site requests your username and password, or the attachment can contain malware that would secretly download another malware that tracks keystrokes. With the keystrokes, it becomes quite easy for the hacker to steal all the passwords of a tax professional. During the corona outbreak, the scammers have presented themselves as providers of face masks or personal protective equipment in short supply. The hackers also used other tactics against the taxpayers as well as the tax professionals while impersonating the IRS or potential clients and calling or emailing requests to send the economic impact payments for bank account information

Phishing scams Methods

Several signs of warning that may indicate a phishing scam include:

  • Asking customers to confirm personal and/or financial information.
  • Including links to questionable or suspicious websites, email addresses, or attachments. Never click or open anything that does not come from a trusted source.
  • Poorly written or communicated messages.
  • Stating immediate action must be taken to avoid consequences.
  • Claiming to be from DOR or the IRS, asking for personal information when neither agency will ever ask for personal information via email.
  • Additionally, tax professionals, payroll offices, and human resources staff should be on high-alert when asked for W-2 or banking information. Scammers often pose as employees and target these groups in search of personal information to file fraudulent returns.

These are some of the signs, now let us move to the preparation that we need to fight against the phishing scams.

How To Be Prepared For The Phishing Scams

There has been an issue of warning recently by the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) for educating employees, especially the teleworking, about the phishing scam activities that have increased. People are practising social distancing these days, and the criminals are exploiting this process by tricking the tax professionals into opening links or attachments.

The Security Summit has urged the tax professionals to create the policies of trusted customers and do the contacting with potential clients via phone or video conference.

  • Keep the operating system and applications updated to the latest versions and update antivirus and security software.
  • Use a trusted email service that flags questionable emails; for example, Gmail displays an alert at the top of an email if the communication or sender appears untrusted. It is important to note that these services are not completely foolproof, although it offers more protection than nothing at all.
  • The two-factor authentication process adds another layer of protection to prevent unauthorized parties from accessing an account.
  • External hardware authentication devices, called security keys, are the most secure form of 2FA, acting as a physical key to protecting online accounts. While a password is something a user knows, the security key provides something you have, and without it you cannot access your account, successfully combating hackers.

Phishing Scams alerts

With the phishing emails being so common and successful, Summit partners have urged the tax professionals to educate all office personnel about the problems and risks of clicking on suspicious emails, especially during the pandemic period. The tax professionals and taxpayers really need to keep some of the important points in mind, let us delve into that.

Important Points for the Tax Professionals and Taxpayers

File your taxes early: If you file your taxes early, scammers planning to use your personal information to file a fraudulent return in your name will not be able to do so. They cannot file if you beat them to it.

Never click a link in an email that notifies you the availability of tax documents: When you open the browser, type in online W-2 your company or tax document retrieval service URL to avoid most of the common phishing scams. This ensures you enter the right website and get your documents safely.

Avoid impersonation scams of the IRS: The IRS never contacts you over the phone or email to ask for payment of an overdue tax bill. Criminals frequently make such calls and they can request payment by normal means or by prepaid gift cards, and any contact like this should be ignored.

Report a tax fraud: The IRS encourages taxpayers for sending suspicious emails related to tax fraud to phishing@irs.gov. The other forms of tax fraud could be reported by following these instructions.

If individuals receive any unexpected or suspicious correspondence appearing to be from DOR or the IRS, they can report it to:

Internal Revenue Service

Email: phishing@irs.gov

Phone: 1-800-829-1040

Indiana Department of Revenue

Email: investigations@dor.in.gov

Phone: 317-232-2240, Monday through Friday, 8 a.m. – 4:30 p.m.

If you already know your data has been compromised, remember the Federal Trade Commission’s website has information to help you determine your next steps at identitytheft.gov.

Ultimately, individuals are empowered to play an active role in stopping phone and email phishing scams during tax time. Learning to recognize illegitimate emails and text messages, implementing personal solutions, and taking advantage of government resources will help ensure a safe and successful end to what has been a challenging financial year.

Share this post on

Start Your Free Trial

Testimonials

Continued support

I would like to thank you for your continued support. I’m so glad everything turned out well. I owe you one.

Vishal Savadiya

Prompt service

George was outstanding; he fixed my issue within a couple of minutes and got me back to work! Thank you for such prompt service!

Lyndsey Chapman

Best tech support

Your tech person resolved this issue to the best of my satisfaction. He is very knowledgeable, helping and nice person. Thank you for this help.

Bipin Bhatt
KB Accounting & Tax Services

Exceptional service

I appreciate the exceptional service that Duke Williams always provided us at JS Morlu. He is patient, knowledgeable and extremely helpful.

John S. Morlu
Global Managing Partner

Quick response

As always, It was a very positive experience having your technician solve the issue we were currently experiencing.

Brad Pollack
Retail Service Options

Kristi PArker

Was assisted with permission setting, easy process. Thank you.

Origin Books

Mary L Zembruski

They have always promptly resolved any issues I have contacted them about.

Wilson Landscaping

Christopher Hutzel

Easy of working and very helpful

Christopher Hutzel
Compactor Service

Mandy Leong

Great customer service

Mandy Leong
Managed Staffing

Taylor Hill

Not a problem since I started years ago. Support is amazing and couldn’t be quicker. Just tonight, I emailed them and within 1 hour David helped me through an issue and resolved it as quick as I could have asked. Glad I found these guys.

Taylor Hill
Hill Tax, Payroll & Bookkeeping

Serina McCoy

Service was very quick to resolve the issue we had with logging in. Michael Olson emailed and called with in a few minutes on realizing we had an issue and had us back up and working quickly.

Serina McCoy
Gilberts Mobile Service

Mark Tevrucht

thank you reason for stars is my opion nothing is perfect

Mark Tevrucht
T&T AUTO & TRUCK

Nancy Evans

Easy to work with Aaron.

Nancy Evans
Nancy P Evans CPA PC

Tom Cloninger

Excellent service! Very responsive!

Tom Cloninger
RAN Accounting & Consulting

Rich Durso

Anderson solved my issue quickly and efficiently!

Rich Durso
RTD

Juli Hale

We’ve been very happy with the service so far. I would highly recommend Sagenext for hosting QuickBooks and other software. Thank you Michael Olson!

Juli Hale
Vico Plastics, Inc.

Nabila Qureshi

Great Customer service and support. Will highly recommend Aaron was very helpful and knowledgeable

Nabila Qureshi
Tax King USA Inc

Yelena V Moshkovsky

Great service with persistence to solve the issue and easy to reach. Anderson was a lot of help with my remote desktop issue.

Yelena V Moshkovsky
Supporting Strategies

IT Director

Sage Next have been great. We moved from 2 other quickbooks hosting providers to SageNext because it is the fastest server we could find which makes working on it much easier for our team. That plus their team is always available and very helpful!

IT Director
American Foods

Victoria

Very happy with the functionality of the hosted environment and excellent customer service. A human always answers the phone quickly and is always knowledgeable and resolve any issue quickly. Thank you Michael and your support team.

Victoria
Abacus

Cristen Rolen

Worst support team who are getting more time ever.

Cristen Rolen
Cristen CPA Firms

Ed

Aaron was extremely helpful, and resolved my issue quickly and professionally. Sagenext hosting services has been reliable, and support has always been great.

Ed
Zigo Associates

Peg Kelly

Michael Olson was very helpful, professional, knowledgeable and kind. He’s a keeper should have more employees like him. Highly recommend Sagenext.

Peg Kelly
All Star Therapy

Jon Graff

Support has been terrific, every time I’ve had issues I’ve been able to get help quickly which has resolved any issues. Michael Olson recently helped me resolve a backup issue. Thank you Sagenext

Jon Graff
The Reason Foundation

Candi

Prompt support when needed!

The College Music Society

Stacy

Sage is wonderful! Aaron was an incredible help to me!

Elfand & assoc

Brenda

Thank you so much! I use Quickbooks on their servers and they are very helpful for all my computer needs. Thank you Michael for your great support.

BDKdoor

Gwendolyn Terrell

Customer Service was great they was able to fix the issue in a timely matter.

National Tax Center

Newsletter

Free Trial

Sagenext Trial