The IRS and its state and industry Security Summit partners alert tax practitioners to a new phishing scheme in which cyber criminals pose as state accounting and tax professional associations. A number of tax professionals have reported to the IRS they have received emails attempting to trick them into disclosing email usernames and passwords.
Cybercriminals specifically targeted tax professionals in Iowa, Illinois, New Jersey, North Carolina and Canada. One awkwardly worded phishing email states: “We kindly request that you follow this link HERE and sign in with your email to view this information from (name of accounting association) to all active members. This announcement has been updated for your kind information through our secure information sharing portal which is linked to your email server.”
If you are a member of a professional association, go directly to your association website by typing the address into your browser rather than opening any link or attachment in an email. If you receive a suspicious email regarding taxes, the IRS or phishing attempts to gain access to your client information, forward it to firstname.lastname@example.org.