Tax advisors alerted over surge in targeted phishing attacks by IRS

The Internal Revenue Service (IRS) has issued a warning about a rise in spearphishing attacks targeting tax professionals and businesses. These attacks pose a significant threat to the livelihood of businesses and the sensitive tax and personnel information that identity thieves can use to file fake tax returns.

Spearphishing is a type of email scam where criminals pretend to be potential clients to steal sensitive information. To avoid falling victim to these attacks, the IRS encourages everyone to be cautious with emails, verify new contacts, and use strong security on accounts. It is also advisable to encrypt sensitive information and keep software updated.

Protecting your email is crucial. The IRS recommends using strong passwords and two-factor authentication, and only sending sensitive information that is encrypted and password-protected. If a suspicious email is received, it should be forwarded to [email protected] with details like the sender's email address and the date and time it was received.

If contacted by a potential new client via email, it is advisable to call them to verify the email's legitimacy. The IRS and its Security Summit partners continue their joint efforts to prevent identity theft and tax fraud through education and heightened security measures.

The warning is part of the IRS's annual "Dirty Dozen" campaign, which highlights top scams targeting taxpayers and tax advisors. The IRS also provides resources on their website for recognizing and reporting phishing attempts.

The current IRS Commissioner who issued the warning about the rise in spearphishing attacks is not explicitly named in the provided search results. However, IRS Commissioner Danny Werfel has previously emphasized the importance of staying alert to cyberattacks.

The IRS also encourages reporting abusive tax promoters and dishonest tax preparers using the online Form 14242 or by mailing or faxing the form to the IRS Lead Development Center.

Cyberattacks can happen at any time of the year, so it is essential to remain vigilant and educate employees about the risks of spearphishing attacks. Do not click on links or download attachments from unknown or unexpected emails, especially those that claim to be from new clients. By following these simple steps, you can help protect yourself and your business from these dangerous attacks.