CPAs are burning the midnight oil as tax season heads into the home stretch … and so are cybercriminals.
Always on the lookout for creative new ways to bilk honest Americans out of their money, thieves have launched a scam that centers on e-mail messages that claim to come from legitimate state CPA organizations.
“Instead,” reports IRS National Public Liaison Mike Deneroff, “it is a scam that seeks to steal password information. The phishing e-mail uses the name of a legitimate tax preparer who may also have been victimized. The e-mail contains a PDF attachment that claims to be a ‘secured file.’ The attachment contains a hyperlink to view the file that the recipient is directed to open. The link directs the recipient to a phishing site that asks for the recipient’s e-mail address and password.
“Although the e-mail scam has been sent to two East Coast CPA organizations, it is highly likely that the cybercriminals are using an e-mail address list of a previous victim,” Deneroff added.
The best advice is the stuff we’ve all heard time and time again. From Deneroff:
Our thanks to the folks at the AICPA for sharing the IRS alert with us.
For details on other recent cyberscams, check out these articles: