Skip to main content

Fraud Alert: IRS Reports Remote Takeovers of Tax Preparer Accounts

We have received information from the IRS about a new potential fraud issue targeting tax professionals.

The IRS has noticed a recent increase in activity involving remote takeovers of at least 20 tax preparers. The IRS is still investigating.  The preparers have noticed some larger than expected refunds for some customers with the bank account numbers changed. Some preparers have also noticed that new accounts are being set up in their systems.

An IRS alert will be issued tomorrow. We will send that alert early next week. 


The IRS campaign to raise awareness among tax professionals about security threats posed by identity theft issues offers many recommendations. The Protect Your Clients; Protect Yourself effort urges tax professionals to step up their security protections and be aware they increasingly are targets of cybercriminals by taking the following steps:

  • Be alert for phishing scams: do not click on links or open attachments contained in e-mails and always utilize a software provider's main webpage for connecting to them;
  • Run a security "deep scan" to search for viruses and malware;
  • Strengthen passwords for both computer access and software access; make sure your password is a minimum of 8 digits long (more is better) with a mix of numbers, letters and special characters;
  • Educate all staff members about the dangers of phishing scams in the form of emails, texts and calls;
  • Review any software that your employees use to remotely access your network and/or your IT support vendor uses to remotely troubleshoot technical problems and support your systems. Remote access software is a potential target for bad actors to gain entry and take control of a machine.

Tax professionals should review Publication 4557, Safeguarding Taxpayer Data, A Guide for Your Business, which provides a checklist to help safeguard taxpayer information and enhance office security.