Tax security 101 protect your clients is a Security Summit awareness campaign intended to provide tax professionals with the basic information they need to better protect taxpayer data and to help prevent the filing of fraudulent tax returns. This series builds on and expands on earlier Summit awareness campaigns aimed at tax professionals and taxpayers. In addition, this campaign follows recommendations made by the Electronic Tax Administration Advisory Committee, which noted tax professionals “are at increasing risk” of security vulnerability.
Security Summit News Releases. IR-2018-185, Tax Security 101: Security Summit outlines data theft reporting process for tax professionals, speed helps protect taxpayers. IR-2018-177, Tax Security 101: IRS, summit partners detail warning signs of clients data theft: urge tax professionals to remain alert. IR-2018-175, Tax Security 101: Security Summit reminds tax professionals of data security plan requirements. IR-2018-170: Tax Security 101, Security Summit urges tax professionals to educate all employees about data security, computing safeguards. IR-2018-161: Tax Security 101, Tax professionals victimized by data thefts offer hard won security lessons to colleagues. IR-2018-150, Tax Security 101, Security Summit outlines “Security Six” basic safeguards for tax professionals computers and email. IR-2018-147, Tax Security 101, IRS, Security Summit partners launch new awareness campaign, urge tax professionals to step up protections for clients data. All in all, tax security 101 protect your clients was a success.
The IRS is also urging Tax Professionals to avoid phishing emails. These differ from general phishing emails in that the thief has researched the target before sending the message. An email may appear to be from a colleague, a client, or a friend, a cloud storage provider, tax software provider, the IRS, or a State Government. Spear Phishing emails are one of the most common ways data thieves enter preparers digital networks to steal client information.
The objective of a spear phishing email is to pose as a trusted source and bait the recipient into opening an embedded link or an attahcment. The email may may an urgent plea to update an account immediately. This link may seem to go to another trusted website, but its actually a phishing website controlled by the thief.