Both techniques attempt to obtain preparer credentials and data in order to file bogus tax returns.
The IRS warns that with this month's move to Secure Access authentication and two-factor protection "cybercriminals likely will make last-ditch efforts to steal passwords and data prior to the transition."
The phishing message, claiming to be from "e-Services Registration", carries the phrases "Important Update about Your e-Services Account" in the subject line. The pitch states, "We are rolling out a new user agreement and all registered users must accept its revised terms to have access to e-Services and its products." Individuals are urged to review and accept the agreement, by taking them to a fake site via links in the email.
Those who have clicked on the link should perform a deep scan with security software, contact IT/cybersecurity personnel and the IRS e-Help Desk. Information on steps the IRS is taking to combat such threats through Secure Access authentication can be found on e-Services landing page on IRS.gov.
Both clients and tax professionals are being targeted by an email-bassed ploy to access annuity and life insurance accounts.
The IRS warns the typical scam involves someone impersonating cloud-based storage providers via phishing email. The emails attempt to persuade tax professionals to provide email credentials including username and password. That information is then used by scammers to email clients impersonating the professional and attached a fake IRS insurance form, with replies received by fax or email, similar to the tax professionals emails.
Typically, the email carries a subject line "urgent information" and accompanies an awkwardly worded message: "Dear Life Insurance Policy Owner,
Kindly fill the form attached for your Life insurance or Annuity contract details and fax back to us for processing in order to avoid multiple (sic) tax bill (sic)."
Using data from the completed form, the perpetrator then impersonates the client, attempting to obtain a loan or make a withdrawal from insurance accounts.