The IRS is warning of a new phishing scheme targeting accounting and tax preparation firms nationwide.
These latest phishing emails come in typically two stages. The first email may appear to be from a taxpayer shopping for professional services, such as "I need a preparer to file my taxes." If the preparer or staff responds, the cybercriminal sends a second email with an embedded web address or a PDF attachment that has an embedded web address. Emails may also appear to come from a legitimate sender or organization (perhaps even a friend or colleague) because they also have been victimized.
With one click, instead of downloading or accessing a site with a potential client's tax information, your email address, password and possibly other information has been compromised.
The IRS urges practitioners and tax preparation firms to consider creating internal policies or obtain security experts' recommendations on how to address unsolicited emails seeking their services.