The subject line for the fraudulent email is “Security Awareness for Tax Professionals.” The “From” line is “Your e-Services Team.” It has both an IRS logo and an e-services logo that hyperlinks to a URL verified as a phishing site. The spoofing site poses as an e-services registration page.
Tax professionals should always go directly to IRS.gov to access e-services, never click on any links provided in emails. Tax professionals who receive a suspicious email should send it as an attachment to Phishing@irs.gov and then delete it. Recipients should not click on any links.