Posts Tagged ‘phishing’

Phishers Target Tax Professionals

Thursday, February 11th, 2016

I received the following email today:

From: [redacted] [differentname@mail.csuchico.edu]
Sent: Thu 2/11/2016 3:06 PM
To: undisclosed-recipients:

Hi,

I and my Family are looking for a very Qualified CPA in your area. Please let us know if you can be available to help us with our tax preparation, both company and individual..Please download to view my previous 1040 tax return and W-2 before we discuss about your payment.I will be waiting to read from you on on when to make an appointment with you.Please view my Doc’s for me and my family to know how I can prepare my self to become one of your client.

I await your email.

Regards

[redacted]

Email: [redacted]s731@gmail.com

There are a few hints that this is a phishing attempt. First, the writing (grammar, capitalization, etc.) is atrocious. Second, this is clearly a mass email (the recipients names aren’t disclosed). Third, the person is willing to send his tax documents–presumably containing his social security number and other items that should never be emailed by email. Fourth, the sender’s name (which I redacted) doesn’t match the email address. Fifth, the name of the sender doesn’t match his supposed email address (an ‘s’ was added at the end).

Most importantly, my anti-malware program stripped out the attachments. Yes, that 1040 and W-2 were malware.

Tax professionals, be wary. There are phishing emails supposedly from the IRS targeting tax professionals. Now, we have supposed new clients emailing tax professionals. My mantra, if it sounds too good to be true it probably is, holds for tax professionals, too. Do not click on links that you do not know for certain are valid. Consider installing anti-malware programs (the professional version of Malware Bytes will scan incoming emails for malware; there are other programs that do this, too). I use Malware Bytes and am happy with it.

I think I would have caught this email with or without Malware Bytes (it really is a poorly written email), but as they said on Hill Street Blues, “Let’s be careful out there!”