To ensure a smooth transition, the IRS has decided to delay the October 24 date for requiring e-services users to re-register and validate their identities through Secure Access authentication.
In the next few weeks, the IRS plans to have discussions with key stakeholders affected by the e-services changes to discuss security protocols and next steps in this process.
A new implementation date has not been set. When a new date is set, the IRS will share the information widely with e-Services users.
The IRS is strengthening the e-Services registration process as part of a wider effort to ensure the protection of taxpayer data and IRS systems.
Katie Williams 33-03226
Senior Stakeholder Liaison
FTB Tax News
New Phishing Scheme Targets Tax Professionals
The Internal Revenue Service is alerting tax professionals to a new phishing scheme where scammers pose as tax software companies.Several tax professionals received emails asking the recipient to download and install an “important software update” via a link included in the e-mail.Once recipients click on the embedded link, they are directed to a website to download a file appearing to be an update of their software package. The file has a naming convention that uses the actual name of their software followed by an “.exe extension.”Upon completion, tax professionals believe they have downloaded a software update when in fact they have loaded a program designed to track the tax professional’s key strokes, which is a common tactic used by cyber thieves to steal login information, passwords and other sensitive data.Tax professionals are encouraged to be on the lookout for these scams and never to click on unexpected links in emails. Similar email schemes were used to target individual taxpayers in the past.For a checklist to help safeguard taxpayer information and enhance office security, tax professionals can review IRS Publication 4557, Safeguarding Taxpayer Data, A Guide for Your Business
GENERAL ALERT FROM NORTON ANTIVIRUS
There are more attacks happening with hackers. One of the newer ones is a notice that your Microsoft Windows needs to be reactivated and for you to call an 800 number. Meantime, the hacker will attempt to unlock your files and hold them for ransom until you pay a hefty fee. Also, cell phones are being hacked as well through a text message. The text asks you to open a link or asks for your email so they can send you the information on a project or a document. Never open or link on anything from someone you don’t know.
Be aware that you never call anyone who emails you to re-activate your Windows software.
Symantec has discovered a new ransomware variant that pretends to originate from Microsoft and uses social engineering techniques to trick the victim into calling a toll-free number to “reactivate” Windows. In this case reactivating Windows means unlocking their computer. This is an offshoot of the notorious tech support and ransom browser lock scam and tech support ransomware scam we’ve covered in the past, this time, however, it is using a recognizable name.
We have seen the threat (freedownloadmanager.exe), which Symantec detects as Trojan.Ransomlock.AT, being distributed primarily in the United States. We have seen it used in limited attacks. It uses a prompt that mimics the look and feel of Microsoft’s trade dress (Figure 1), and states:
“Your Windows Licence has Expired , Please get a new one by calling on 1-888-303-5121 from Store Representative”