One of the highest priorities at the IRS is to protect taxpayer and tax preparer data as well as IRS systems. Starting in October, the IRS will strengthen sign-in procedures for e-Services. As part of that effort, all users must re-register and validate their identities, most using the Secure Access authentication process. Learn more: Important Update for Your e-Services Account.

The Internal Revenue Service and its Security Summit partners this week issued an alert to taxpayers and tax professionals to be on the lookout for fake IRS tax bills that may arrive by email, as an attachment, or by mail purportedly related to the Affordable Care Act.

For more information on scams as well as steps you can take to boost your security, visit Protect Your Clients, Protect Yourself on IRS.gov.

WASHINGTON – The Internal Revenue Service today warned tax professionals of a new wave of attacks that allow identity thieves to file fraudulent tax returns by remotely taking over practitioners’ computers.

As part of the Security Summit effort, the IRS urged tax professionals to review their tax preparation software settings and immediately enact all security measures, especially those settings that require usernames and passwords to access the products.  The IRS is aware of approximately two dozen cases where tax professionals have been victimized in recent days.

The IRS, state tax agencies and the tax industry – working as partners in the Security Summit – recently launched the Protect Your Clients; Protect Yourself campaign to increase awareness that criminals increasingly are targeting tax professionals and the taxpayer data they possess. 

"This latest incident reinforces the need for all tax professionals to review their computer settings as soon as possible," said IRS Commissioner John Koskinen‎. "Identity thieves continue to evolve and look for new areas to exploit‎, especially as our fraud filters become more effective. The prompt identification of these attacks is another example of the great benefits that result from the close‎ working relationship the IRS now has with the tax industry and the states through the Security Summit initiative. Information is flowing more rapidly between our groups as we continue‎ our efforts to protect taxpayers."

These attacks come as the Oct. 17 deadline approaches for extension filers. The IRS first warned of a similar remote take-over attack in the spring, just ahead of the April 15 deadline, another peak period for tax professionals.

Thieves are able to access tax professionals’ computers and use remote technology to take control, accessing client data and completing and e-filing tax returns but directing refunds to criminals’ own accounts.

Victims in the tax community learned of these thefts while reconciling e-file acknowledgements.

In addition to activating security measures for tax software products, IRS urges all tax preparers to take the following steps:

• Run a security “deep scan” to search for viruses and malware;
• Strengthen passwords for both computer access and software access; make sure your password is a minimum of eight digits (more is better) with a mix of numbers, letters and special characters and change them often;
• Be alert for phishing scams: do not click on links or open attachments from unknown senders;
• Educate all staff members about the dangers of phishing scams in the form of emails, texts and calls;
• Review any software that your employees use to remotely access your network and/or your IT support vendor uses to remotely troubleshoot technical problems and support your systems. Remote access software is a potential target for bad actors to gain entry and take control of a machine.

In addition, the IRS recently issued instructions to tax professionals on how to monitor their PTIN activity.

Tax professionals should review Publication 4557, Safeguarding Taxpayer Data, a Guide for Your Business, which provides a checklist to help safeguard taxpayer information and enhance office security. Also, practitioners should review Data Breach Information for Tax Professionals for information on what action they should take if they do become victims.

As you are transitioning into the next filing season, remember to take time to review your e-file application information through e-services. Your e-file application information should be updated within 30 days of any changes, such as individuals involved, addresses or telephone numbers. Failure to do so may result in the inactivation of your EFIN.

Your application should only include individuals as Principals who are authorized to act for the entity in legal and/or tax matters. For example:

• Sole Proprietor is the Principal
• Partnership should list each partner who has 5% or more interest in the partnership
• Corporation should list the President, Vice-President, Secretary and Treasurer

Your application should also include a Responsible Official. A Responsible Official is an individual with authority over the Provider’s IRS e-file operation at a location, is the first point of contact with the IRS and has authority to sign revised IRS e-file applications. The Responsible Official may oversee IRS e-file operations at one or more offices, but must be able to fulfill identified responsibilities for each of the offices. If one individual cannot fulfill these responsibilities, add Responsible Officials to the e-file application.

Note: Only individuals involved in the operation of the business can be on the e-file application.

For more information see Frequently Asked Questions and Publication 3112.

You are cordially invited to attend our upcoming South Atlantic Area Webinar on“Appeals Judicial Approach and Culture (AJAC) and the Appeals Process” to be held on Thursday, May 26, 2016 from 1:00 pm - 3:00 pm. Eastern Standard Time.  We encourage you to join us for this highly informative webinar.  An IRS Appeals Team Manager will be sharing a great deal of valuable information and resources on how IRS Appeals is implementing policy clarifications and procedural changes to ensure its actions are consistent with its purpose to settle disputes on an impartial basis. Some of these changes affect Compliance procedures before and after a case is sent to Appeals. In addition, updates on the Fast Track Settlement Program will be discussed. Two CE credits will be offered for attending this free webinar. 

For more details and to register for the event, please CLICK HERE.

IRS YouTube Videos

• Tax Scams: English | Spanish | ASL
• Security Summit Identity Theft Tips Overview: English
• Be Cautious When Using Wi-Fi: English
• Update Your Password Regularly: English

WASHINGTON — As reports of phone scams as well as email phishing schemes continue across the country, the Internal Revenue Service warned taxpayers of a new phishing scam targeting Washington D.C., Maryland and Virginia residents.

This time, the email scammers are citing tax fraud and trying to trick victims into verifying “the last four digits of their social security number” by clicking on a link provided. The criminals specifically state that this is for tax filers in the District of Columbia, Maryland and Virginia. As a further attempt to trick residents of the Capital region, the email scam even suggests that information from recent data breaches across the nation may be involved.  

“As we approach the final days of this filing season, we continue to see these tax scams evolve.” said IRS Commissioner John Koskinen. “We don’t send emails like this, and there’s no special effort underway for people in the District, Virginia and Maryland. As these criminals shift their tactics, the IRS remains committed to quickly warning the taxpayers who may be targeted. Taxpayers should be on the lookout for these scams.”

Last February, the IRS announced a 400 percent increase of these scams being reported when compared to the same period last year. As the email scams increase, the IRS continues its efforts to protect taxpayers, and has teamed up with state revenue departments and the tax industry to make sure taxpayers understand the dangers to their personal and financial data as part of the “Taxes. Security. Together” campaign.

In general, the IRS has added and strengthened protections in our processing systems this filing season to protect the nation's taxpayers. For this tax season, we continue to make important progress in stopping identity theft and other fraudulent refunds.

Protect Yourself

Phishing is a scam typically carried out with the help of unsolicited email or a fake website that poses as a legitimate site to lure in potential victims and prompt them to provide valuable personal and financial information. Armed with this information, a criminal can commit identity theft or financial theft.

If a taxpayer receives an unsolicited email that appears to be from either the IRS or an organization closely linked to the IRS, such as the Electronic Federal Tax Payment System (EFTPS), report it by sending it to phishing@irs.gov. Learn more by going to the Report Phishing and Online Scams page.

It is important to keep in mind that the IRS generally does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media channels. The IRS has information online that can help protect taxpayers from email scams.

Each and every taxpayer has a set of fundamental rights they should be aware of when dealing with the IRS. These are your Taxpayer Bill of Rights. Explore your rights and our obligations to protect them on IRS.gov.

Don’t be fooled by scammers. Stay safe and be informed.

WASHINGTON – The Internal Revenue Service today issued an alert to payroll and human resources professionals to beware of an emerging phishing email scheme that purports to be from company executives and requests personal information on employees.

The IRS has learned this scheme – part of the surge in phishing emails seen this year – already has claimed several victims as payroll and human resources offices mistakenly email payroll data including Forms W-2 that contain Social Security numbers and other personally identifiable information to cybercriminals posing as company executives.

“This is a new twist on an old scheme using the cover of the tax season and W-2 filings to try tricking people into sharing personal data. Now the criminals are focusing their schemes on company payroll departments,” said IRS Commissioner John Koskinen. “If your CEO appears to be emailing you for a list of company employees, check it out before you respond. Everyone has a responsibility to remain diligent about confirming the identity of people requesting personal information about employees.”

IRS Criminal Investigation already is reviewing several cases in which people have been tricked into sharing SSNs with what turned out to be cybercriminals. Criminals using personal information stolen elsewhere seek to monetize data, including by filing fraudulent tax returns for refunds.

This phishing variation is known as a “spoofing” email. It will contain, for example, the actual name of the company chief executive officer. In this variation, the “CEO” sends an email to a company payroll office employee and requests a list of employees and information including SSNs.

The following are some of the details contained in the e-mails:

• Kindly send me the individual 2015 W-2 (PDF) and earnings summary of all W-2 of our company staff for a quick review
• Can you send me the updated list of employees with full details (Name, Social Security Number, Date of Birth, Home Address, Salary) as at 2/2/2016.
• I want you to send me the list of W-2 copy of employees wage and tax statement for 2015, I need them in PDF file type, you can send it as an attachment. Kindly prepare the lists and email them to me asap.

The IRS recently renewed a wider consumer alert for e-mail schemes after seeing an approximate 400 percent surge in phishing and malware incidents so far this tax season and other reports of scams targeting others in a wider tax community.

The emails are designed to trick taxpayers into thinking these are official communications from the IRS or others in the tax industry, including tax software companies. The phishing schemes can ask taxpayers about a wide range of topics. E-mails can seek information related to refunds, filing status, confirming personal information, ordering transcripts and verifying PIN information.

The IRS, state tax agencies and tax industry are engaged in a public awareness campaign – Taxes. Security. Together. – to encourage everyone to do more to protect personal, financial and tax data. See IRS.gov/taxessecuritytogether or Publication 4524 for additional steps you can take to protect yourself. 

Subject: Authorized IRS e-file Providers must not submit electronic returns to the IRS prior to the receipt of all Forms W-2, W-2G, and 1099-R from the taxpayers.

Authorized IRS e-file Providers must not submit electronic returns to the IRS prior to the receipt of all Forms W-2, W-2G, and 1099-R from the taxpayers.

If taxpayers are unable to secure and provide a correct Form W-2, W-2G, or 1099-R, Providers may submit the electronic return only after securing Form 4852, Substitute for Form W-2, Wage and Tax Statement, or Form 1099-R, Insurance Contracts, Distributions From Pensions, Annuities, Retirement or Profit-Sharing Plans, IRAs etc. in accordance with the use of that form. This is the only time Providers should submit an electronic return with information from pay stubs or Leave and Earning Statements (LES).

The IRS may conduct monitoring visits to ensure compliance with Revenue Procedure 2007-40 and with IRS e-file rules and requirements included in IRS e-file publications.

The IRS may warn or sanction Providers that violate IRS e-file rules and requirements. Sanctions may be a written reprimand, suspension or expulsion from participation. Additional information regarding sanctioning is available at IRS.gov in Publication 3112, IRS e-file Application and Participation.

Partners,

Due to an error, taxpayers are receiving Identity Protection PIN letters with an incorrect year listed. Taxpayers and tax professionals should be advised the IP PIN listed on the CP 01A Notice dated January 4, 2016 is valid for use on all individual tax returns filed in 2016.

The notice incorrectly indicates the IP PIN issued is to be used for filing the 2014 tax return when the number is actually to be used for the 2015 tax return.  The IRS emphasizes the IP PIN listed on the CP 01A notice is valid for the 2015 returns. Taxpayers and their tax professionals should use this PIN number for 2015 tax returns, which the IRS will begin accepting from taxpayers starting Jan. 19, 2016.

The IRS apologizes for the confusion and any inconvenience.

FAQ:

When were the CP01A notices mailed?

The notices are all dated January 4, 2016 but were mailed in late December. Taxpayers are receiving these now through mid-January.

What does an IP PIN do?

An IP PIN helps the IRS verify a taxpayer’s identity and accept their electronic or paper tax return. When you have an IP PIN, it prevents someone else from filing a tax return with your SSN. 

If a return is e-filed with your SSN and an incorrect or missing IP PIN, our system will reject it until you submit it with the correct IP PIN or you file on paper. If the same conditions occur on a paper filed return, we will delay its processing and any refund you may be due for your protection while we determine if it’s yours.

Does this issue affect anything else involving the IP PIN process?

No.

WASHINGTON ― Following a review of the tax extenders legislation signed into law last week, the Internal Revenue Service announced today that the nation’s tax season will begin as scheduled on Tuesday, Jan. 19, 2016.

The IRS will begin accepting individual electronic returns that day. The IRS expects to receive more than 150 million individual returns in 2016, with more than four out of five being prepared using tax return preparation software and e-filed. The IRS will begin processing paper tax returns at the same time. There is no advantage to people filing tax returns on paper in early January instead of waiting for e-file to begin.

“We look forward to opening the 2016 tax season on time,” IRS Commissioner John Koskinen said. “Our employees have been working hard throughout this year to make this happen. We also appreciate the help from the nation’s tax professionals and the software community, who are critical to helping taxpayers during the filing season.”

As part of the Security Summit initiative, the IRS has been working closely with the tax industry and state revenue departments to provide stronger protections against identity theft for taxpayers during the coming filing season.

The filing deadline to submit 2015 tax returns is Monday, April 18, 2016, rather than the traditional April 15 date. Washington, D.C., will celebrate Emancipation Day on that Friday, which pushes the deadline to the following Monday for most of the nation. (Due to Patriots Day, the deadline will be Tuesday, April 19, in Maine and Massachusetts.)

Koskinen noted the new legislation makes permanent many provisions and extends many others for several years. "This provides certainty for planning purposes, which will help taxpayers and the tax community as well as the IRS," he said.

The IRS urges all taxpayers to make sure they have all their year-end statements in hand before filing, including Forms W-2 from employers, Forms 1099 from banks and other payers, and Form 1095-A from the Marketplace for those claiming the premium tax credit.

“We encourage taxpayers to take full advantage of the expanding array of tools and information on IRS.gov to make their tax preparation easier,” Koskinen said.

Although the IRS begins accepting returns on Jan. 19, many tax software companies will begin accepting tax returns earlier in January and submitting them to the IRS when processing systems open.

Choosing e-file and direct deposit for refunds remains the fastest and safest way to file an accurate income tax return and receive a refund. The IRS anticipates issuing more than nine out of 10 refunds in less than 21 days. Find free options to get tax help, and to prepare and file your return on IRS.gov or in your community if you qualify. Go to IRS.gov and click on the Filing tab to see your options.

• Seventy percent of the nation’s taxpayers are eligible for IRS Free File. Commercial partners of the IRS offer free brand-name software to about 100 million individuals and families with incomes of $62,000 or less;
• Online fillable forms provides electronic versions of IRS paper forms to all taxpayers regardless of income that can be prepared and filed by people comfortable with completing their own returns.
• The Volunteer Income Tax Assistance (VITA) and Tax Counseling for the Elderly (TCE) offer free tax help to people who qualify. Go to irs.gov and enter “free tax prep” in the search box to learn more and find a VITA or TCE site near you, or download the IRS2Go app on your smart phone and find a free tax prep provider. 

The IRS also reminds taxpayers that a trusted tax professional can provide helpful information and advice about the ever-changing tax code. Tips for choosing a return preparer and details about national tax professional groups are available on IRS.gov.