The latest scam targets Electronic Filing Identification Numbers or EFINs, the IRS warned.
Tax professionals and their clients are particularly at risk, the IRS said. By stealing client data and tax preparers’ identities, the scammers can file fraudulent tax returns for refunds, the IRS said.
Phishing scams are the tool of choice, IRS Commissioner Chuck Rettig said in a statement, referring to schemes where scammers send seemingly authentic email from banks and other trusted entities like the IRS to dupe victims into handing over sensitive data.
“Tax professionals must remain vigilant. The scammers are very active and very creative,” Rettig said.
The scam email says it is from “IRS Tax E-Filing” and carries the subject line “Verifying your EFIN before e-filing,” the IRS said.
The body of the bogus email states in part:
“In order to help protect both you and your clients from unauthorized/fraudulent activities, the IRS requires that you verify all authorized e-file originators prior to transmitting returns through our system. That means we need your EFIN (e-file identification number) verification and Driver’s license before you e-file.
“If your EFIN is not verified by our system, your ability to e-file will be disabled until you provide documentation showing your credentials are in good standing to e-file with the IRS.”
These kinds of schemes are effective during tax season, Erich Kron, security awareness advocate at KnowBe4, told Fox News.
As individuals and organizations “work through the often confusing, stressful, and frustrating task of figuring out how much they will owe or get refunded… this stress and confusion only serve to make the scammers’ job easier,” Kron said.
Criminals typically pilfer social security numbers and bank account information that will allow them to file fake tax returns, Kron said.
Some thieves also pose as potential clients for tax preparers, the IRS said. In this case, the thief will interact with a tax professional and then send an email with an attachment that claims to be their tax information.
That attachment could contain malware that allows the thief to track keystrokes and eventually steal passwords or take over control of the computer systems, according to the IRS.
One of the red flags is the links that come with the bogus email, according to KnowBe4’s Kron. Typically, if you hover over the links with your mouse cursor it will reveal the true email address of the scammer.
As a countermeasure, if sensitive information is requested, you should always contact the requester “at a known good phone number or other method besides replying to the email to confirm the request,” Kron said.
Individuals and tax professionals who get these scams should save the email as a file and then send it as an attachment to email@example.com.
They also should notify the Treasury Inspector General for Tax Administration at tigta.gov to report the IRS impersonation scam.