2 min read

IRS Warns Tax Professionals of Phishing Campaign Targeting EFINs

Alina BÎZGĂ

February 15, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
IRS Warns Tax Professionals of Phishing Campaign Targeting EFINs

The Internal Revenue Service (IRS) began accepting tax-return applications last Friday. As millions of citizens prepare for what may be the most challenging tax season to date, identity thieves got a head start, deploying phishing campaigns impersonating the agency as early as November 25, 2020.

Fraudsters waged a series of new phishing attacks set on stealing Electronic Filing Identification Numbers (EFINs) from tax professionals, the IRS warned. If successful, fraudsters may use stolen customer and tax consultant data to file fraudulent tax returns in their name.

This new scheme impersonating the IRS asks recipients to verify their EFIN before filing, using petty scare tactics such as threatening to disable their accounts and the ability to e-file.

The bogus email can be seen below:

In order to help protect both you and your clients from unauthorized/fraudulent activities, the IRS requires that you verify all authorized e-file originators prior to transmitting returns through our system. That means we need your EFIN (e-file identification number) verification and Driver’s license before you e-file.

Please have a current PDF copy or image of your EFIN acceptance letter (5880C Letter dated within the last 12 months) or a copy of your IRS EFIN Application Summary, found at your e-Services account at IRS.gov, and Front and Back of Driver’s License emailed in order to complete the verification process. Email: (fake email address)

If your EFIN is not verified by our system, your ability to e-file will be disabled until you provide documentation showing your credentials are in good standing to e-file with the IRS.

© 2021 EFILE. All rights reserved. Trademarks

2800 E. Commerce Center Place, Tucson, AZ 85706

The agency recommends tax professionals who receive this fraudulent correspondence save a file copy of the email and forward it as an attachment via phishing@irs.gov.

Different versions of the scam will most likely pop up in the weeks preceding the April 15 deadline. Tax preparers should be wary of any incoming emails asking for EFINs, Preparer Tax Identification Numbers (PTINs) or e-Services usernames and passwords.

“Phishing scams are the most common tool used by identity thieves to trick tax professionals into disclosing sensitive information, and we often see increased activity during filing season,” IRS Commissioner Chuck Rettig said. “Tax professionals must remain vigilant. The scammers are very active and very creative.”

tags


Author



Right now

Top posts

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
Cyber Tips for a Spook-Free Halloween

Cyber Tips for a Spook-Free Halloween

October 26, 2022

3 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Hacking cars remotely with just their VIN Hacking cars remotely with just their VIN
Graham CLULEY

December 05, 2022

2 min read
Russian courts attacked by CryWiper malware that poses as ransomware Russian courts attacked by CryWiper malware that poses as ransomware
Graham CLULEY

December 05, 2022

2 min read
Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts
Silviu STAHIE

December 02, 2022

1 min read