Phishing Campaign For Stealing EFIN Data
Scams related to tax filing are numerous. We’ve seen hackers stealing the taxpayers’ data and the refunds in several ways in the past years. A new campaign in the wild targets the US tax professionals for stealing their filing data and potentially their client’s tax data. As described by the US Internal Revenue Service (IRS), an ongoing phishing campaign impersonating them is stealing tax professionals’ sensitive data. The phishing email will have a subject line as “Verifying your EFIN before e-filing” and have the following content, The Electronic Filing Identification Numbers (EFINs) are used by and given to verified tax professionals for filing the returns on behalf of their clients. Hackers getting their hands on this information and other verification items can impersonate the tax professional and file returns to loot clients’ refunds. Please have a current PDF copy or image of your EFIN acceptance letter (5880C Letter dated within the last 12 months) or a copy of your IRS EFIN Application Summary, found at your e-Services account at IRS.gov, and Front and Back of Driver’s License emailed in order to complete the verification process. Email: (fake email address) If your EFIN is not verified by our system, your ability to e-file will be disabled until you provide documentation showing your credentials are in good standing to e-file with the IRS.” The IRS has also warned about scams asking for not just the EFINs, but also the “Preparer Tax Identification Numbers (PTINs) or e-Services usernames and passwords.” These can let attackers into the IRS portal on tax professionals’ behalf and steal their clients’ data. Any attachments or links coming in these phishing emails shouldn’t be engaged and directed to [email protected]
