On October 10, the IRS warned all e-Services users to beware a new phishing scam that tries to trick tax professionals into “signing” a new e-Services user agreement. The phishing scam seeks to steal passwords and data.
All tax professionals should be aware that as e-Services begins its move later this month to Secure Access authentication and its two-factor protections, cybercriminals likely will make last-ditch efforts to steal passwords and data prior to the transition.
The scam email claims to be from “e-Services Registration” and uses “Important Update about Your e-Services Account” in the subject line.
It states, in part, “We are rolling out a new user agreement and all registered users must accept its revised terms to have access to e-Services and its products.” It asks you to review and accept the agreement but takes you to a fake site instead.
If you have clicked onto this link, you should perform a deep scan with your security software, contact your office’s IT/cybersecurity personnel, and contact the IRS e-Help Desk.