The IRS on Tuesday warned tax practitioners that an email phishing scam is being used to attempt to capture IRS e-Services usernames and passwords (IRS QuickAlert (11/24/15)). According to the IRS, emails are being sent to tax preparers asking them to update their e-Services information, but these emails are not coming from the IRS. The IRS warns practitioners not to click on any links in these emails.
The phishing scam, or one like it, has been in operation for some time—the IRS issued a similar warning in February 2015 (see IR-2015-31). In its current version, the phishing email appears to come from the IRS and tells practitioners, “Our account surveillance have detected some suspicious activities over your account and to maintain the security we have temporarily disabled some functions on your account.”
The email then invites the recipient to click on an embedded link, saying, “To enable all functions on your account you required to verify your identity with IRS e-Services …”
The IRS tells practitioners that they can simply ignore the email—they do not need to report it to the Service.
IRS e-Services allow tax professionals to complete various transactions with the IRS online. These include becoming an authorized e-file provider and getting transcripts of clients’ returns and account information.
—Alistair Nevius (firstname.lastname@example.org) is JofA’s editor-in-chief, tax.
AICPA Resources: Tax Identity Theft Information & Tools