IR-2024-36, Feb. 8, 2024 WASHINGTON — The Internal Revenue Service and Security Summit partners today alerted tax professionals of a scam email impersonating various software companies in an attempt to steal Electronic Filing Identification Numbers (EFINs). The IRS warned that scammers are posing as tax software providers and requesting EFIN documents from tax professionals under the guise of a required verification to transmit tax returns. These thieves attempt to steal client data and tax preparers' identities, creating the potential for them to file fraudulent tax returns for refunds. To help protect tax professionals against this emerging scam, the IRS is hosting a special series of educational webinars aimed at the tax community. The sessions will begin Feb. 12 and run each day next week. "With filing season underway, scammers use this time of year to target tax professionals as well as taxpayers in hopes of stealing information that can be used to try filing fraudulent tax returns,” said IRS Commissioner Danny Werfel. “The IRS and the Security Summit partners have noticed a new surge of an EFIN scam email that targets professionals. This scam serves as a powerful reminder that tax professionals should ensure strong security at their practices, including reminding employees to be careful with any emails coming in that could be posing as an official communication. A little extra caution can mean a world of difference for tax professionals during this busy period." The IRS has already received dozens of reports of the scam targeting tax professionals. They should be alert for a scam email that includes a U.S.-based area code for faxing EFIN documents and also provides instructions on obtaining EFIN documentation from the IRS e-Services site if unavailable. Scam variations being seen use different fax numbers for software vendors. Other warning signs of a scam include inconsistencies in the email wording and a German footer in the email. The IRS cautions tax professionals who receive these should not respond to the email and should not proceed with any of the steps displayed in the email. The body of the fraudulent email states: Dear [recipient_email_address], Help us protect you. Because many Electronic Filing Identification Numbers (EFINs) are stolen each year and used to file fraudulent tax returns, the IRS has asked software vendors, such as Software A, to verify who the EFIN owner is by getting a copy of the IRS issued EFIN document(s). Our records show that we do not have a document for one or more of the EFINs that you transmit with. What this means for you: Until your EFIN is verified, you will be unable to transmit returns. Please provide a copy of your EFIN Account Summary from IRS e-Services, with a status of ‘Completed’, to Software B for verification. To send us your EFIN Summary document: Fax to Software B at 631-995-5984 PLEASE NOTE THAT YOUR PREPARER TAX IDENTIFICATION NUMBER (PTIN) APPLICATION CANNOT BE USED AS DOCUMENTATION FOR YOUR EFIN. If you do not have the above documentation you can get a copy of your IRS Application Summary from IRS e-Services by following the below steps or call the IRS e-Services helpline at 866-255-0654. 1. Sign in to your IRS e-Services account 2. Choose your organization from the list provided and click Submit 3. Click the Application link to access your existing application 4. Click the e-File Application link 5. Select the existing application link that applies to your organization 6. Click the Application Summary link for the area of the application you wish to enter 7. Click the Print Summary link at the bottom of the summary presented on the screen If you have any questions please contact the Compliance Department at xxx-xx-xxxx for assistance. Thank you for your business. We look forward to serving you this coming season. Software B (edited) Special webinars planned to help tax professionals To address this fast-moving scam, the IRS will be providing special webinars next week for tax professionals where agency cybersecurity experts will share information. To register for a session, tax professionals can click on the date/time below. Space is limited; continuing education credits will not be offered: Monday, Feb. 12, at 12 p.m. Eastern │11 a.m. Central │10 a.m. Mountain & Arizona│9 a.m. Pacific│8 a.m. Alaska │7 a.m. Hawaii-Aleutian. Tuesday, Feb. 13, at 1 p.m. Eastern │12 p.m. Central │11 a.m. Mountain & Arizona│10 a.m. Pacific│9 a.m. Alaska │8 a.m. Hawaii-Aleutian. Wednesday, Feb. 14, at 2 p.m. Eastern │1 p.m. Central │12 p.m. Mountain & Arizona│11 a.m. Pacific│10 a.m. Alaska │9 a.m. Hawaii-Aleutian. Thursday, Feb. 15, at 3 p.m. Eastern │2 p.m. Central │1 p.m. Mountain & Arizona│12 p.m. Pacific│11 a.m. Alaska │10 a.m. Hawaii-Aleutian. Friday, Feb. 16, at 3 p.m. Eastern│2 p.m. Central │1 p.m. Mountain & Arizona│12 p.m. Pacific│11 a.m. Alaska │10 a.m. Hawaii-Aleutian. Tips to avoid and how to report potential scams Tax-related identity theft scams consistently target tax professionals with a slew of scams and schemes that seek to gain access to sensitive taxpayer information. As these schemes continue to evolve and increase in volume, they pose a threat to both tax professionals and the clients they serve. Earlier this year, the IRS warned tax professionals of a surge of a new client scheme, and they should continue watching for this scam. Some phishing scams are ransomware schemes in which the thief obtains control of the tax professionals' computer systems and holds the data hostage until a ransom is paid. The Federal Bureau of Investigation (FBI) has warned against paying a ransom because thieves typically leave the data encrypted. Tax pros who receive the scam email should notify the Treasury Inspector General for Tax Administration (TIGTA) to report the IRS impersonation scam. They should also save the email and send it as an attachment to phishing@irs.gov. If there is suspicion that data theft has occurred, tax pros should report it to their local IRS Stakeholder Liaison as soon as possible. IRS Stakeholder Liaison staff will ensure all appropriate IRS offices are alerted and can take steps to block fraudulent returns in the clients' names as well as assist tax pros through the process. Tax professionals should be attentive to other phishing scams that seek EFINs, Preparer Tax Identification Numbers (PTINs), or e-Services usernames and passwords. Related Identity Theft Central Publication 4557, Safeguarding Taxpayer Data PDF Identity Theft Information for Tax Professionals