This week, we’re taking a break from talking about COVID-19 scams to highlight a warning from the Security Summit about a new phishing email that’s targeting tax professionals.
The Summit says that this particular phishing scam tries to get tax professionals to provide a copy of their EFIN acceptance letter, EFIN application summary, and driver’s license. The identity thieves say they need this information to confirm you are a legitimate EFIN holder, warning that failure to act will result in you being unable to transmit returns to the IRS.
(Dramatic movie trailer voiceover: “Just when you thought it was safe to open your inbox.”)
What does the EFIN phishing email look like?
Be on the lookout for emails coming from a bogus IRS division—in this case, “IRS Tax E-Filing”—that have the subject line like, “Verifying your EFIN before e-filing.” To help tax pros avoid falling victim to the scam, the IRS provided a copy of the phishing email.
Warning: This is an example of the fake email. DO NOT FOLLOW THESE DIRECTIONS:
In order to help protect both you and your clients from unauthorized/fraudulent activities, the IRS requires that you verify all authorized e-file originators prior to transmitting returns through our system. That means we need your EFIN (e-file identification number) verification and Driver’s license before you e-file.
Please have a current PDF copy or image of your EFIN acceptance letter (5880C Letter dated within the last 12 months) or a copy of your IRS EFIN Application Summary, found at your e-Services account at IRS.gov, and Front and Back of Driver’s License emailed in order to complete the verification process. Email: (fake email address)
If your EFIN is not verified by our system, your ability to e-file will be disabled until you provide documentation showing your credentials are in good standing to e-file with the IRS.
© 2021 EFILE. All rights reserved. Trademarks
2800 E. Commerce Center Place, Tucson, AZ 85706
Since phishing scams mutate like viruses, you might receive one that looks different from the above example. That’s why it’s imperative that you and everyone in your office learn the signs of phishing scams.
“Like all phishing email scams, it attempts to bait the receiver to take action (opening a link or attachment) with a consequence for failing to do so (disabling the account),” the IRS explains. “The links or attachment may be set up to steal information or to download malware onto the tax professional’s computer.”
Training your office to dodge phishing scams isn’t enough. We all have to work together to build the community’s data-security IQ with knowledge of general phishing tactics and specific scam examples. And the best way to do that is by reporting suspected phishing emails and sharing government warnings with your peers. Here’s what the IRS says you should do:
- Save the email as a file
- Send [the file] as an attachment to email@example.com
- Notify the Treasury Inspector General for Tax Administration at www.tigta.govwww.tigta.gov
Remember, learning the signs of phishing scams is one of the best ways to protect taxpayers, tax professionals, and everyone in-between. So, check out these other helpful data-security resources from the IRS: