Professionals who prepare tax returns need to be on guard for a wave of hackers who are coming for their clients' data and refunds, the Internal Revenue Service said.
In at least two dozen instances in recent days, criminals have remotely taken control of tax preparers' computers to find client information to use to steal identities, and in some cases to have refunds sent to accounts the thieves control, the IRS said.
Tax professionals should analyze their tax preparation software settings and authorize all security measures,
the government's tax branch said last Friday. Preparers need to be especially careful about the software settings that allow logging in with usernames and passwords, it said.
“This latest incident reinforces the need for all tax professionals to review their computer settings as soon as possible,” said John Koskinen, IRS commissioner, in a release. “Identity thieves continue to evolve and look for new areas to exploit, especially as our fraud filters become more effective.”
The warning is part of an IRS effort
to impede criminals' ability to access information that the nation's 700,000 tax preparers collect from clients, as the incidences of identity theft have soared.
The latest warning comes about 45 days before the Oct. 17 tax deadline for extension filers. A similar rash of remote computer takeovers occurred just ahead of the standard April 15 tax deadline, the IRS said.
(More: 8 ways to avoid a tax scam)
Preparers also should run a “deep scan” to identify viruses and malware, strengthen passwords for getting on computers and into software programs, and alert all employees to
“phishing” scams that can come as emails, texts or calls, the IRS said.
They also should review software that employees use to remotely access the company network or that a firm's information technology provider uses to troubleshoot technical problems, as these can be common ways for criminals to tunnel into the system, the IRS said.
