The Internal Revenue Service has alerted tax professionals on an emerging phishing email scam that tricks recipients into clicking on a bogus link by pretending to be from tax software providers.
The IRS said Thursday fraudsters use the email scam in an attempt to steal sensitive information such as passwords, Social Security numbers, credit card numbers or to make unnecessary payments.
Tax professionals are asked to download and install an “important software update” via a link included in the email that loads a program designed to track keystrokes that hackers will use to gain access to login information and other sensitive data.
The agency has also launched a “protect your clients; protect yourself” campaign that urges tax professionals to boost security protections and awareness to address cyber criminal threats.
The IRS also urges tax professionals to stay alert for other phishing scams, run a security “deep scan”, strengthen passwords for computer access and software access, educate staff members and review any software employees use to remotely access networks.