Tax professionals urged to increase cyber vigilance as tax season heats up

Protect against Cyber Attacks

CAMICO claims experience shows that cybercriminals tend to step up their attacks in late March and early April as tax professionals work to wrap up their clients' tax returns.

Tax professionals are urged to be extra vigilant for email scams, even as tax work intensifies.

Cybercriminals have been focusing on accounting and tax firms where there is an opportunity to steal client data, file fraudulent tax returns, and misdirect refunds to the scammers’ bank accounts.

The majority of thefts occur when someone at the firm opens a phishing email and clicks on a link or attachment containing malware. Malware downloaded surreptitiously into computers permits thieves to covertly capture each keystroke or gain remote access to the computer, allowing them to steal data stored there.

Loss Prevention Tips

The IRS and its Security Summit partners posted a warning of the high risk of data theft and urged tax professionals to seek out cyber experts for assistance with security (IRS, Security Summit Partners warn tax professionals of high risk of data theft attacks). The Security Summit also recommends the following basic safeguards:
  • Learn to recognize phishing emails, especially those pretending to be from the IRS, e-Services, a tax software provider or cloud storage provider. Never open any link or attachment from a suspicious email. Remember: The IRS never initiates initial contact with tax professionals via email.
  • Create a data security plan by using resources found within the link above.
  • Review internal controls:
    • Install anti-malware/anti-virus security software on all devices (laptops, desktops, routers, tablets and phones) and keep software set to automatically update.
    • Create passwords/passphrases of at least eight characters; the longer, the better. Use different passwords for each account, use special and alphanumeric characters, use phrases, password protect wireless devices, and consider password manager programs.
    • Encrypt all sensitive files/emails and use strong password protections.
    • Back up sensitive data to a safe and secure external source not connected fulltime to a network.
    • Wipe clean or destroy old computer hard drives and printers that contain sensitive data.
    • Limit access to taxpayer data to individuals who need to know.
    • Check IRS e-Services account weekly for number of returns filed with EFIN.
  • Report any data theft or data loss to the appropriate IRS Stakeholder Liaison.
  • Stay connected to the IRS through subscriptions to e-News for Tax Professionals, Quick Alerts, and Social Media.
  • Opt for multi-factor authentication protection whenever it is available. Multi-factor authentication helps prevent cybercriminals from accessing accounts, even if they steal passwords.

CAMICO also recommends that practitioners avoid public Wi-Fi or hotspots; instead, use your personal hotspot on your cell phone.

Share this post

Leave a comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

Latest Articles

  • 13 Sep

    Proactively Managing Fee and Collection Issues

    An effective way to avoid having a collection problem in the first place is to communicate with the client regarding your billing and collection policies, and to include stop-work or disengagement provisions, or both, in your engagement letter. Such provisions can then be enforced if the c... read more

  • 03 Sep

    What’s the Right Policy Limit for Your Firm?

    If one had to choose the question most frequently asked by CAMICO policyholders, the likely winner would be, "What should our policy limit be?"

    This is not an easy question to answer, which may explain why it is asked so often. Regardless of your level of expertise in C... read more

  • 21 Aug

    Preparing for the Next Recession

    Economic conditions historically have a significant impact on CPA professional liability claims. When the economy is doing well, and businesses are relatively flush with money, people are less likely to notice funds missing. Fraud therefore tends to flourish and go undetected in good times... read more

  • 10 Jul

    Trustee Red Flags and Best Practices

    Many clients look to CPAs as the natural choice to fulfill the trustee role, manage the assets, and carry out client wishes. For CPAs good at managing and minimizing the unique risk attributes of a trustee role, trustee work can be satisfying and rewarding. On the other hand, if a CPA unde... read more