Industry News

IRS Warns Tax Professionals of Phishing Campaign Targeting EFINs

The Internal Revenue Service (IRS) began accepting tax-return applications last Friday. As millions of citizens prepare for what may be the most challenging tax season to date, identity thieves got a head start, deploying phishing campaigns impersonating the agency as early as November 25, 2020.

Fraudsters waged a series of new phishing attacks set on stealing Electronic Filing Identification Numbers (EFINs) from tax professionals, the IRS warned. If successful, fraudsters may use stolen customer and tax consultant data to file fraudulent tax returns in their name.

This new scheme impersonating the IRS asks recipients to verify their EFIN before filing, using petty scare tactics such as threatening to disable their accounts and the ability to e-file.

The bogus email can be seen below:

In order to help protect both you and your clients from unauthorized/fraudulent activities, the IRS requires that you verify all authorized e-file originators prior to transmitting returns through our system. That means we need your EFIN (e-file identification number) verification and Driver’s license before you e-file.

Please have a current PDF copy or image of your EFIN acceptance letter (5880C Letter dated within the last 12 months) or a copy of your IRS EFIN Application Summary, found at your e-Services account at IRS.gov, and Front and Back of Driver’s License emailed in order to complete the verification process. Email: (fake email address)

If your EFIN is not verified by our system, your ability to e-file will be disabled until you provide documentation showing your credentials are in good standing to e-file with the IRS.

© 2021 EFILE. All rights reserved. Trademarks

2800 E. Commerce Center Place, Tucson, AZ 85706

The agency recommends tax professionals who receive this fraudulent correspondence save a file copy of the email and forward it as an attachment via phishing@irs.gov.

Different versions of the scam will most likely pop up in the weeks preceding the April 15 deadline. Tax preparers should be wary of any incoming emails asking for EFINs, Preparer Tax Identification Numbers (PTINs) or e-Services usernames and passwords.

“Phishing scams are the most common tool used by identity thieves to trick tax professionals into disclosing sensitive information, and we often see increased activity during filing season,” IRS Commissioner Chuck Rettig said. “Tax professionals must remain vigilant. The scammers are very active and very creative.”

About the author

Alina Bizga

Alina has been a part of the Bitdefender family for some years now, as her past role involved interfacing with end users and partners, advocating Bitdefender technologies and solutions. She is a history buff and passionate about cybersecurity and anything sci-fi. Her spare time is usually split between her two feline friends and traveling.