Tax pros: Stay vigilant against phishing emails and cloud-based attacks

IRS Tax Tip 2023-102, Aug. 21, 2023

The IRS and its Security Summit partners continue to see a steady stream of attacks aimed at the nation's tax professionals to steal sensitive tax and financial information from their clients.

One of the most common threats facing tax pros are phishing and related scams. These are designed to trick the recipient into disclosing personal information such as passwords and bank account, credit card and Social Security numbers, or into sending gift cards or wire transfers to the scammer.

Tax pros should be aware of different phishing terms and what the scams might look like:

  • Phishing/Smishing – Phishing emails or SMS/texts attempt to trick the recipient into clicking a suspicious link, filling out information or downloading a malware file. Often phishing attempts are sent to multiple email addresses at a business or agency increasing the chance someone will fall for the trick.
  • Spear phishing – This is a specific type of phishing scam that identifies potential victims and delivers a more realistic email known as a "lure." These types of scams can be trickier to identify since they don't occur in large numbers. They single out individuals, can be specialized and make the email seem more legitimate. These senders can pose as a potential client for a tax professional, luring the practitioner into sharing sensitive information.
  • Whaling – Whaling attacks generally target leaders or other executives with access to secure large amounts of information at an organization or business. Whaling attacks can also target people in payroll offices, human resource personal and financial offices.

Cloud-based schemes

The IRS and its professional partners continue to see attacks that take advantage of cloud-based applications.

These schemes trick their victims with realistic-looking phishing emails that contain links to portals that look like these applications but are really phishing websites designed to collect the tax preparer's credentials.

Tax pros that use cloud-based applications to store information or run tax preparation software should use multi-factor authentication to help safeguard data. Multi-factor authentication provides an extra layer of security.

Warning signs of scams

Regardless of the type of phishing attempt, tax pros can protect themselves and their business by looking for warning signs like:

  • An unexpected email or text claiming to come from a known or trusted source such as a colleague, bank, credit card company, cloud storage provider, tax software provider or even the IRS and other government agencies.
  • A false narrative with an urgent tone telling the receiver to open a link or attachment.
  • An email address, number or link that's misspelled or has a different domain name or URL like irs.com vs. IRS.gov.

More information: