By Christopher Moschella, CPA, CISA, Risk Advisory Services Senior Manager
The IRS has shared important information to keep taxpayers informed on new tax scams that are occurring in 2018. They are urging individuals and businesses to be alert to fake emails or websites that attempt to steal your personal information.
According to the IRS,
In addition, the IRS has seen email schemes in recent weeks targeting tax professionals, payroll professionals, human resources personnel, schools as well as individual taxpayers.
In these email schemes, criminals pose as a person or organization the taxpayer trusts or recognizes. They may hack an email account and send mass emails under another person’s name. Or they may pose as a bank, credit card company, tax software provider or government agency. Criminals go to great lengths to create websites that appear legitimate but contain phony log-in pages. These criminals hope victims will “take the bait” and provide money, passwords, Social Security numbers and other information that can lead to identity theft.
Fake emails and websites also can infect a taxpayer’s computer with malware without the user knowing it. The malware gives the criminal access to the device, enabling them to access all sensitive files or even track keyboard strokes, exposing login information, or install backdoors so the hackers can remotely access the machine at any time.
What to Do with Phishing Attempts
If a taxpayer receives an unsolicited email that appears to be from either the IRS or an organization closely linked to the IRS, such as the Electronic Federal Tax Payment System (EFTPS), they should report it by sending it to phishing@irs.gov. Learn more by going to the Report Phishing and Online Scams page on IRS.gov.
It is important to keep in mind the IRS generally does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media channels.
Taxpayers have a set of fundamental rights they should be aware of when dealing with the IRS. Taxpayers can explore the Taxpayer Bill of Rights and the agency’s obligations to protect them on IRS.gov.
If you receive an email that appears to be legitimate, navigate directly to the website by typing in “irs.gov” into a web browser instead of clicking the link in the email, which may bring you to an imposter website.
Access the full article.
Source: IRS.gov
Interested in learning how to protect your business from cybersecurity threats? Contact us. Our Cybersecurity team can help. Our team is focused solely on evaluating business processes, information technology controls, and security. As such, we possess a unique combination of business and IT expertise and communicate effectively with business and IT professionals alike.
About Keiter Cybersecurity Services
At Keiter, we take a holistic approach to protecting our clients’ data. We leverage state of the art technology combined with a highly trained IT team to maintain and secure our clients’ data. In addition, we provide a variety of cybersecurity services to assist businesses with their data security needs.
Additional Resources:
- Data Breach – It can happen to you!
- SOC for Cybersecurity: An Answer to Leadership’s Cybersecurity Responsibilities
- Five Reasons Why Your IT Outsourcer Isn’t Keeping You Cyber Secure (and neither is your internal IT team)
- Infosecstack: Your Collection of Free Cybersecurity Resources
- Cybersecurity: So You Think You Have A Breach
- Cybersecurity: Educate and Motivate Staff to Be Careful
- Access all of our Cybersecurity Resources
About the Author
The information contained within this article is provided for informational purposes only and is current as of the date published. Online readers are advised not to act upon this information without seeking the service of a professional accountant, as this article is not a substitute for obtaining accounting, tax, or financial advice from a professional accountant.