Tax pros are subject of ‘spearphishing’ attacks

By Paul Bonner

Identity thieves are targeting tax professionals with "spearphishing" emails masquerading as coming from the IRS or tax return preparation software providers, the Service advised in a news release Wednesday.

A recent such ploy features the IRS logo, with a subject line such as "Action Required: Your account has now been put on hold," or a bogus "unusual activity report," with a link purportedly offering to remedy the suspension or other problem. Another links to a page showing logos of several popular tax preparation software companies. Clicking on one prompts a request for the tax preparer's account credentials.

In all such cases, the sender's goal is to obtain taxpayers' data and identities to allow thieves to file fraudulent refund claims, the IRS said. Tax professionals who do enter any account or other sensitive information in response to a fake tax software provider notice should contact the provider's support hotline, the IRS suggested.

They may also save the email and send it as an attachment to and report it to the Treasury Inspector General for Tax Administration.

Additional information on data security for tax professionals is available in IRS Publication 4557, Safeguarding Taxpayer Data, and the IRS's webpage "Identity Theft Information for Tax Professionals."

— To comment on this article or to suggest an idea for another article, contact Paul Bonner at

Tax Insider Articles


Business meal deductions after the TCJA

This article discusses the history of the deduction of business meal expenses and the new rules under the TCJA and the regulations and provides a framework for documenting and substantiating the deduction.


Quirks spurred by COVID-19 tax relief

This article discusses some procedural and administrative quirks that have emerged with the new tax legislative, regulatory, and procedural guidance related to COVID-19.