IRS 2023 Dirty Dozen – Scam #8: Spearphishing and Cybersecurity for TaxProfessionals and Businesses (Part B)

IRS 2023 Dirty Dozen – Scam #8: Spearphishing and Cybersecurity for Tax
Professionals and Businesses (Part B)
SIDE-STEP SPEARPHISHING: CYBER SECURITY TIPS FOR TAX PROS AND BUSINESSES
Phishing is a term given to emails or text messages designed to get users to provide
personal information, either directly or by clicking on a link or attachment. Spearphishing
is a tailored phishing attempt to a specific organization or business.
The IRS is warning tax professionals about spearphishing because there is greater
potential for harm if the tax preparer has a data breach. A successful spearphishing attack
can ultimately steal client data and the tax preparer’s identity, allowing the thief to file
fraudulent returns.
A taxpayer becoming a victim of tax-related identity theft is certainly an issue with
spearphishing, but criminals seeking tax preparer credentials or access to their client’s
tax-related information increases the potential number of victims.
Spearphishing begins with a suspicious email – one that may appear as a tax preparation
application or another e-service or platform. Some scammers will even use the IRS logo
and claim something like “Action Required: Your account has now been put on hold.”
Often these emails stress urgency and will ask tax pros or businesses to click on links to
input or verify information.
How to side-step spearphishing:
 Never click suspicious links.
 Double check the requests with the original sender.
 Be vigilant year-round, not just during filing season.
Next week #8: Spearphishing and cybersecurity for tax professionals and Businesses
(Part C)
(IRS Web Site (TTT 090523)