Quick Security Tips for Tax Professionals
- Don't share email passwords.
- Don't open attachments from suspicious sources.
- Don't click links from suspicious sources.
- Do be cautious even with sources that look legitimate.
- Do forward suspicious emails to firstname.lastname@example.org.
- Do alert the IRS if you may have sent private data to an unauthorized party: email@example.com.
- Do alert the Tax Commission if you may have sent private data to an unauthorized party: firstname.lastname@example.org.
Don't take the bait!
- Filing season starts with theft
- More complex scam takes advantage of gaps in practitioners' security. Always report data thefts. Read more on the IRS website [02-02-2018]
- Insurance form scam
- Criminals spoof tax pros, contact clients, and send them to fake insurance sign-up. Read more on the IRS website [10-12-2017]
- IRS warns: New e-Services scam
- Tries to trick tax pros into "signing" a new e-Services user agreement. Read more on the IRS website [10-11-2017]
- Breach or theft? Do this fast
- A quick response by tax practitioners can help avert problems. What to do. Read more on the IRS website [09-12-2017]
- The security 90/10 rule
- Great checklist for you, your employees, and even to share with your clients. Read more on the IRS website [09-05-2017]
- Free from the IRS and NIST
- Handbooks walk you through real-life checklists so you and your clients can be more secure. Read more on the IRS website [08-29-2017]
- Criminals trying for your EFIN
- "For tax professionals working with the IRS, protecting these account numbers is critical." Read more on the IRS website [08-22-2017]
- Payroll, financial, and HR employees targeted
- National and international organized crime behind many of these scams. Read more on the IRS website [08-15-2017]
W-2 Email Scam (04-19-2017)
- Check for weak security on wireless devices
- Remote takeovers of practitioners' business network can be devastating. Read more on the IRS website [08-08-2017]
- IRS recommends: Don't pay the ransom
- Ransomware attacks on increase; tax practitioners have been targeted. Read more on the IRS website [08-01-2017]
- Increase in identity theft involving business-related tax returns
- Three to five data breaches reported each week. Read more on the IRS website [07-25-2017]
- Account takeover tactics detailed
- Criminals do their homework, finding personal clues about you online so they can take over your account. Read more on the IRS website [07-18-2017]
- Emails appearing to be from trusted source are from criminals
- 91% of cyberattacks and data breaches begin with a "spear phishing email." Read more on the IRS website [07-12-2017]
- Spoofed requests look like they're from organization executive
- A dangerous scam targets HR and payroll departments requesting employee information and/or W-2s. Read more on the IRS website [03-28-2017]
- W-2 Email Scam (04-19-2017)
Protect Your Client, Protect Yourself
The IRS has provided over 30 security awareness tax tips all linked from one page. Read them to protect your client and protect yourself.