IRS Warns Tax Professionals About Risks of Phishing Attacks

IRS advises tax firms to not take the bait from phishing scams and beware of email attacks.

IRS Data Breach 2

The U.S. Internal Revenue Service (IRS) is warning tax professionals about the continuing threat of phishing emails that aim to steal information about clients.

The IRS said that in the first five months of 2017 there were 177 reports from tax firms or professionals of data thefts. Those thefts were of client information, involving what the IRS referred to as, 'thousands of people'. Data thefts from tax professionals are still occurring, with the IRS noting that it is currently receiving three to five data theft reports a week.

The primary attack vector in the tax professional data theft incidents has largely been phishing emails. The IRS warns that the phishing emails appear to be coming from customers or companies known to the tax professionals. The goal of the phishing emails is to trick the tax professionals into opening a malicious attachment or clicking a link that ends up leading to some form of malware infection and unauthorized data disclosure. 

The IRS noted that tax professional phishing attacks are particularly interested in obtaining e-Services passwords, Electronic Filing Identification Numbers (EFINs), Centralized Authorization File (CAF) numbers and Preparer Tax Identification Numbers (PTINs.)

"We continue to see new and evolving threats involving data breaches, intrusions and various takeovers that put people’s personal information at risk," John Koskinen, IRS Commissioner, said in a statement. "These efforts are increasingly targeting tax professionals and businesses with tax information."

The IRS itself is no stranger to cyber-attacks and has been targeted by hackers in different ways over the past few years.

In May 2015, the IRS publicly disclosed that it was the victim of a data breach, by way of its Get Transcript service. In February 2016, the IRS confirmed that it was the victim of an automated attack against the electronic filing PIN application form on the website. The IRS claimed that in both security incidents attacker were able to make use of information obtained from non-IRS websites to gain unauthorized access.

IBM reported in April, that it was seeing a significant increase in the volume of tax related phishing attacks between December 2016 and February 2017. IBM warned that it was also seeing increased sophistication in the tax fraud phishing attacks.

The IRS is not sitting idly by, while the phishing attacks are ongoing and is now ramping up a campaign called 'Don't Take the Bait' as part of its larger Protect Your Clients, Protect Yourself initiative for tax professionals. The Don't Take the Bait campaign officially get underway on July 11, with a 10-week series of information releases from the IRS to help educate tax professionals on cyber-security issues.

"Too many still overlook basic security steps needed to protect their data," Koskinen stated. "As part of this, we urge the tax professional community: Beware your inbox. Don't take the bait from these phishing scams."

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.