Tax Professionals Warned of New Email Scam

The IRS, state tax agencies and the tax industry have issued a warning to tax professional to be on the lookout for a new phishing scam.

The scam is conducted through email and impersonates tax software providers in an attempt to steal usernames and passwords.

The subject line appears as “Software Support Update” and highlights an “Important Software System Upgrade.” The message instructs recipients to revalidate their login credentials due to a recent software upgrade. The link provided is a fraudulent webpage mimicking the providerʻs actual login page, and requests login information to steal client data.

Tax professionals are advised to take strong security measures to protect their clients and businesses against scams. Many software providers issue upgrades when tax professionals are working to meet the Oct. 15 deadline for those filing extensions.

The Security Summit “Donʻt Take the Bait” campaign, a 10-week joint awareness effort by the IRS, state tax agencies and the tax industry, highlights ongoing scam tactics as well as prevention measures. The Security Summit reminds tax professionals that software providers do not embed links into emails asking them to validate passwords. Also, tax professionals and taxpayers should never open a link or an attachment from a suspicious email.

Tax professionals can review additional tips to protect clients and themselves at Protect Your Clients, Protect Yourself on IRS.gov. Tax professionals who receive phishing emails from supposed tax software providers should forward them to their tax software provider.

For Windows users, follow these steps to report scam emails:

1. Do not click on any links. Use “Save As” to save the scam. Under “save as type” in the drop-down menu, select “plain text” and save to the desktop.
2. Open a new email and attach this saved email as a file.
3. Send a new email containing the attachment to the tax software provider, as well as a copy to [email protected].