The IRS renewed warnings to tax professionals to stay vigilant against new and evolving schemes aimed at stealing business and taxpayer information.
That message was sent as part of this summer’s “Protect Your Clients; Protect Yourself,” a campaign that the IRS and its Security Summit partners launched in 2016.
This campaign is part of a larger effort by the Security Summit coalition—which includes the IRS, state tax agencies, and the nation’s tax community—to help tax practitioners combat tax-related identity theft.
“The IRS, the states, and the nation’s tax industry through the Security Summit partnership continue their decade-long effort to protect taxpayers,” IRS Commissioner Billy Long said in a statement. “This effort is a testament to what can be accomplished when business and government work together to educate the taxpayer and raise awareness of this wide-ranging problem.”
“Tax professionals face an increasingly complex threat landscape, with identity thieves using ever more sophisticated tactics to exploit both practitioners and the sensitive data they manage,” added Taylor Rodier, legislative affairs manager with Taxwell and a Security Summit member. “The stakes are high—not just for individual firms, but for the taxpayers who rely on them. Staying vigilant, informed, and prepared is essential to defending taxpayer data and maintaining trust in the services these professionals provide.”
Identity thieves are taking numerous approaches to steal sensitive information from tax professionals, and the IRS said they need to be on the lookout to avoid falling prey to the following emerging attacks, which threaten not just their clients but their own businesses:
- Beware of the “new client” scheme: In this form of spear phishing, fraudsters pretend to be real taxpayers seeking tax professionals’ help with their taxes.
- Scams involving EFINs, PTINs, CAF numbers: Another scam circulating on a large scale this year involves phishing attempts by scammers trying to obtain various identification numbers used by tax professionals, including their Electronic Filing Identification Number (EFIN); EFIN documents; their Preparer Tax Identification Number (PTIN); and their Centralized Authorized File (CAF) number.
- Watch and listen for phone, text, and correspondence schemes: Several of these schemes are common right now that can target not just taxpayers, but potentially tax professionals and their clients, including:
— The so-called “Zero Tax” program, in which callers promise to wipe out tax debt for people who owe back taxes. The callers request people’s Social Security numbers as part of their pitch, which they use for nefarious purposes. Tax professionals should watch out for clients reporting this scheme.
— Social media scams circulating inaccurate or misleading tax information that can involve creating common tax documents that are false like a Form W-2 or claiming credits to which the taxpayer isn’t entitled, such as the Fuel Tax Credit, Sick and Family Leave Credit, and Household Employment Credits.
— Scammers reaching out by phone or text message to dupe people into handing over sensitive financial information in exchange for a false promise of IRS money for them.
— Use of artificial intelligence. Scammers will use AI to create fake IRS letters that are mailed to victims.
For tax professionals who discover they’re victims of a security breach, they should contact their local IRS Stakeholder Liaison to report a theft. The IRS Stakeholder Liaison will ensure the appropriate IRS offices are alerted. If incidents are reported quickly, the IRS can take steps to block fraudulent returns in the clients’ names and will assist practitioners through the process.
Tax professionals can also share information with the appropriate state tax agency by visiting the Report a Data Breach page hosted by the Federation of Tax Administrators.
Practitioners should also understand the Federal Trade Commission’s Data Breach Response requirements as part of their overall information and data security plan.
Thanks for reading CPA Practice Advisor!
Subscribe Already registered? Log In
Need more information? Read the FAQs
