Email Scam Under the Name of IRS Try to gain EFIN of Tax Preparers
A lot of people are familiar with the US Internal Revenue Service (IRS) scam letters about the tax season that are phishing for money. Now, in a virtual version of the fake IRS letter, a different kind of IRS scam aims for tax practitioners.
The IRS has instructed tax practitioners to seek for the scam that tries to obtain the E-Filing Identification Number (EFIN) of a victim. Here, intruders use a fake email to attack the identity and customer information of tax preparers. Besides, attackers can impersonate the tax preparer and submit fake tax returns to receive refunds, if they have the data.
The hoax started with a scam email, as per the IRS. The message claimed to have come from 'IRS tax e-filing.' This was an e-mail that went under the heading - ‘Verifying your EFIN before e-filing.’ The e-mail informs the tax preparer that certain documents are to be sent to check and get approved by the e-file staff. It then requests a copy of its EFIN and the license number of its driver. To make the situation more urgent, the email warns that, unless you comply, the IRS will disable e-filing access for the tax preparer.
This season, many other major tax scams have also been identified by the IRS and other sources. For example, the IRS cautioned taxpayers in early February against threatening 'ghost' preparers of the tax return who are refusing to sign the returns they are making. Every return prepared needs the Preparer Tax Number and it should be signed by the tax preparers as well. The IRS says that the lack of signature may suggest the fraudulent activity of the tax preparer. They may be promising, depending on the size of those refunds, for example, big refunds charging huge fees and accordingly.
Through investing in their e-mail security defense, organizations can protect themselves and their users against such an IRS scam. One way they could do this is to develop a safety education program and educate employees about some of the most common kinds of publicly available tax-based phishing emails and other scams. Organizations should continuously test their employees to keep their employees informed of this IRS scam and similar attacks. Threat intelligence should be used to keep up with the latest tax scams.
Furthermore, the IRS advised the tax preparers to avoid undertaking any of the email steps. It's best to delete the email and not respond in any way.
from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/3sisgzW
Comments
Post a Comment