Phishing
Scammers often try to steal their victims’ identities by sending them phony e-mails which claim to come from trusted sources, such as well-known financial institutions or government agencies (including the IRS), and ask them for detailed personal and financial information. This practice is known as “phishing.” The information requested is used by the scammers to gain access to the victims’ bank accounts, open new credit cards in their victims’ names and get cash advances, and more.
While we have not heard this from our VITA/TCE community, we wanted to share this as an informational awareness alert:
TaxSlayer Pro has been made aware of an email phishing scam where the sender claims to be from TaxSlayer Pro. The subject line may read “Urgent Warning” or “Action Required”. The body of the email is asking you to “take action or lose access to your account within 24 hours” or “we’ve updated our servers and some of your information is missing”. This email contains a link to a site intended for you to update your information. Do not click the link or provide any requested information. These emails were sent from an unknown party not affiliated with TaxSlayer Pro. Please note, official email from TaxSlayer Pro will always be sent from a TaxSlayerPro.com email address, or in the case of VITA/TCE a [email protected] email address.
The IRS has noticed an increase in the number of phishing attempts targeting professional tax preparers over the past year. Phishing emails may use differing language in an attempt to trick an individual in to disclosing sensitive data. Should you ever have concerns about the legitimacy of an email claiming to be from TaxSlayer Pro, please do not hesitate to contact our Support team by phone at 800-421-6346 or by email at [email protected] prior to taking any action.
How to Spot a Scam
Many e-mail scams are fairly sophisticated and hard to detect. However, there are signs to watch for, such as an e-mail that:
- Requests detailed or an unusual amount of personal and/or financial information, such as name, SSN, bank or credit card account numbers or security-related information, such as mother’s maiden name, either in the e-mail itself or on another site to which a link in the e-mail sends the recipient.
- Dangles bait to get the recipient to respond to the e-mail.
- Threatens a consequence for not responding to the e-mail.
- Gets the company or other federal agency names wrong.
- Uses incorrect grammar or odd phrasing.
- Uses a really long address in any link contained in the e-mail message or one that does not start with the actual company email address. To see the actual link address, or url, move the mouse over the link included in the text of the e-mail.