Tax Law and News IRS Issues Security Summit Alert: New Two-Stage Email Scheme Targets Tax Professionals Read the Article Open Share Drawer Share this: Click to share on X (Opens in new window) X Click to share on Facebook (Opens in new window) Facebook Click to share on LinkedIn (Opens in new window) LinkedIn Written by Intuit Accountants Team Modified Oct 16, 2017 2 min read Please see the below notice from the IRS announcing a new email scheme targeting tax professionals: The Internal Revenue Service, state tax agencies and tax industry leaders today warned tax professionals to be alert to an email scam from cybercriminals posing as clients soliciting their services. A new variation of this phishing scheme is targeting accounting and tax preparation firms nationwide. The scheme’s objective is to collect sensitive information that will allow fraudsters to prepare fraudulent tax returns. These latest phishing emails come in typically two stages. The first email is the solicitation, which asks tax professionals questions such as “I need a preparer to file my taxes.” If the tax professional responds, the cybercriminal sends a second email. This second email typically has either an embedded web address or contains a PDF attachment that has an embedded web address. In some cases, the phishing emails may appear to come from a legitimate sender or organization (perhaps even a friend or colleague) because they also have been victimized. Fraudsters have taken over their accounts to send phishing emails. The tax professional may think they are downloading a potential client’s tax information or accessing a site with the potential client’s tax information. In reality, the cybercriminals are collecting the preparer’s email address and password and possibly other information. The IRS urges tax professionals and tax preparation firms to consider creating internal policies or obtain security experts’ recommendations on how to address unsolicited emails seeking their services. One tip: Never respond to or click on a link in an unsolicited email or PDF attachment from an unknown sender. As the IRS, states and the tax industry make progress in the fight against identity theft, cybercriminals are becoming more sophisticated in their efforts to steal additional client information. Criminals need more data in their effort to impersonate clients and file fraudulent returns to claim refunds, and schemes like this can help in this effort. Read more at Protect Your Clients; Protect Yourself, the Security Summit initiative to increase awareness about the tax professional community. Previous Post Blockchain Technology and What it Means for Tax Professionals Next Post Coaching Your Self-Employed Clients on Taxes Written by Intuit Accountants Team The Intuit® Accountants team provides ProConnect™ Tax, Lacerte® Tax, ProSeries® Tax, and add-on software and services to enable workflow for its customers. Visit us online or follow us on X, Instagram, Facebook, and LinkedIn. More from Intuit Accountants Team Comments are closed. Browse Related Articles Tax Law and News When does a hobby become a business? Tax Law and News Is the IRS contacting your clients? Verify! Practice Management Practical uses of AI for productivity & client work Tax Law and News August 2025 tax and compliance deadlines Tax Law and News Big Beautiful Bill tax deductions for workers and seniors Advisory Services White paper: Scaling advisory services to your clients Tax Law and News Year-round tax planning tips for clients Practice Management Optimizing your firm for hybrid and remote work Grow your practice Scale your firm, your way Advisory Services Modern marriage issues: Postnup agreements