ID theft directly targeting tax preparers

January 18, 2017 by Chris Rubino
Person backpacking in mountains

George Mallory, a famous mountain climber, when asked why he wanted to climb Mt. Everest, replied “Because it’s there.” While Mallory was a man of high repute, those with much more nefarious motives have started targeting tax preparers to obtain personally identifiable information (PII) of the tax preparer’s clients, ostensibly on the theory “Because it’s there.”
In the course of preparing taxes, a good deal of confidential PII is accumulated that can be used by thieves to perpetuate ID theft, including the preparation of fraudulent returns. We of the tax community have a duty and an obligation to do everything within our means to protect the information we gather as we conduct our businesses.
The newest scam involves cybercriminals approaching the tax preparer in the guise of a potential client, sending an email to the preparer which asks about using the preparer’s services. The email may even appear to come from a legitimate organization, colleague, or friend, if their emails or systems were previously hacked. If the tax preparer then responds to this initial email, the cybercriminal replies with a second follow-up message containing an embedded web address, or with an embedded web address in an attachment. If the preparer clicks on this address, instead of downloading a client’s information, a virus or malware is downloaded that sends information to the cybercriminal.
There are some commonly accepted best practices in regard to email phishing scams that we can do to protect our clients’ information.

  • Understand that email is never a secure form of communication.
  • Do not respond to emails from unknown sources.
  • Never click on links contained within emails (including attachments) that are unsolicited, or unexpected, or from unknown senders.
  • Be wary of emails that seem to come from a known sender, but are out-of-the ordinary for that person or entity. You may want to contact the person by phone instead of replying by email.
Information security is, in today’s world, vital to our clients and ourselves. The IRS, after being hacked in 2015 through their transcript delivery system, is placing ever more emphasis on information security. More information that can be very helpful to the tax community in regard to the IRS’ efforts can be found at Protect Your Clients; Protect Yourself.



Chris Rubino, EA
Tax Content Developer


Chris’ current job title at TaxAudit is Tax Content Developer. He is an Enrolled Agent, and at present spends most of his time in the Education and Research Department, writing texts for the Education team and researching tax questions that arise during audits. During his time at TaxAudit he has been in a number of roles, including Return Reviewer and Audit Representative. He brought a varied financial background to TaxAudit, including income tax preparation and financial planning advisement. 


Recent Articles

House for Sale
Details regarding the disposition of grouping of activities in order to more easily satisfy the material participation requirements for the RE Pro status.
Man opening a letter
IRS CP06A notice asks you to verify the Premium Tax Credit you claimed on your tax return with documentation. How should you properly respond to this notice?
Woman reading a letter and holding her phone
Notice CP14H is issued by the IRS to inform you of your unpaid shared responsibility payment that is due and to request that payment. How should you respond?
Man on phone while looking at a letter
IRS Notice CP21E informs taxpayers that an audit was recently done on their tax return and the IRS determined that those changes resulted in additional tax due.
This blog does not provide legal, financial, accounting, or tax advice. The content on this blog is “as is” and carries no warranties. TaxAudit does not warrant or guarantee the accuracy, reliability, and completeness of the content of this blog. Content may become out of date as tax laws change. TaxAudit may, but has no obligation to monitor or respond to comments.