The message thanks recipients for trusting the software provider to serve their preparation needs and mimics software companies' email templates. Recipients are told because of a software upgrade, they must revalidate login credentials and are given a link to a fictitious website that mirrors the software provider's login page.
Instead of upgrading software, preparers are providing information to cybercriminals who use stolen credentials to access preparer accounts and steal client information. The Security Summit reminds tax professionals that software providers do not embed links into emails asking them to validate passwords.
The Security Summit reminds tax professionals that software providers do not embed links into emails asking them to validate passwords. Also, tax professionals and taxpayers should never open a link or an attachment from a suspicious email.
Tips for protecting preparers and clients are provide at Protect Your Clients, Protect Yourself on IRS.gov.
For Windows users, follow this process to help the investigation of these scam emails:
1. Use "Save As" to save the scam. Under "save as type" in the drop-down menu, select "plain text" and save to the desktop. Do not click on any links.
2. Open a new email and attach this saved email as a file.
3. Send a new email containing the attachment to the tax software provider, as well as a copy to This email address is being protected from spambots. You need JavaScript enabled to view it..