ID theft directly targeting tax preparers

January 18, 2017 by Chris Rubino
Person backpacking in mountains

George Mallory, a famous mountain climber, when asked why he wanted to climb Mt. Everest, replied “Because it’s there.” While Mallory was a man of high repute, those with much more nefarious motives have started targeting tax preparers to obtain personally identifiable information (PII) of the tax preparer’s clients, ostensibly on the theory “Because it’s there.”
 
In the course of preparing taxes, a good deal of confidential PII is accumulated that can be used by thieves to perpetuate ID theft, including the preparation of fraudulent returns. We of the tax community have a duty and an obligation to do everything within our means to protect the information we gather as we conduct our businesses.
 
The newest scam involves cybercriminals approaching the tax preparer in the guise of a potential client, sending an email to the preparer which asks about using the preparer’s services. The email may even appear to come from a legitimate organization, colleague, or friend, if their emails or systems were previously hacked. If the tax preparer then responds to this initial email, the cybercriminal replies with a second follow-up message containing an embedded web address, or with an embedded web address in an attachment. If the preparer clicks on this address, instead of downloading a client’s information, a virus or malware is downloaded that sends information to the cybercriminal.
 
There are some commonly accepted best practices in regard to email phishing scams that we can do to protect our clients’ information.
 

  • Understand that email is never a secure form of communication.
  • Do not respond to emails from unknown sources.
  • Never click on links contained within emails (including attachments) that are unsolicited, or unexpected, or from unknown senders.
  • Be wary of emails that seem to come from a known sender, but are out-of-the ordinary for that person or entity. You may want to contact the person by phone instead of replying by email.
 
Information security is, in today’s world, vital to our clients and ourselves. The IRS, after being hacked in 2015 through their transcript delivery system, is placing ever more emphasis on information security. More information that can be very helpful to the tax community in regard to the IRS’ efforts can be found at Protect Your Clients; Protect Yourself.

SEARCH

 

Chris Rubino, EA
Tax Content Developer

 

Chris’ current job title at TaxAudit is Tax Content Developer. He is an Enrolled Agent, and at present spends most of his time in the Education and Research Department, writing texts for the Education team and researching tax questions that arise during audits. During his time at TaxAudit he has been in a number of roles, including Return Reviewer and Audit Representative. He brought a varied financial background to TaxAudit, including income tax preparation and financial planning advisement. 


 

Recent Articles

Inheritance on top of money
Generally, when you inherit money it is tax-free to you as a beneficiary. However, like so much in tax law, the answer to this question is “it depends.”
Warning tax scam sign laying on a keyboard
The IRS has published a “Dirty Dozen” list to warn taxpayers to beware of joining the thousands of people who lose millions of dollars to scammers each year.
Stimulus Check
If you are currently under audit with IRS, you will still receive a stimulus check if your income falls within the eligibility limits.
small business owner
If you are the sole proprietor, the chance of being selected for audit by the IRS is 4.5 to 12 times higher than it is individuals without a business.
This blog does not provide legal, financial, accounting, or tax advice. The content on this blog is “as is” and carries no warranties. TaxAudit does not warrant or guarantee the accuracy, reliability, and completeness of the content of this blog. Content may become out of date as tax laws change. TaxAudit may, but has no obligation to monitor or respond to comments.