IRS warns of new phishing email scam

Blog Post
The IRS, state tax agencies, and the tax industry warned tax professionals to be on alert to a new phishing email scam. Cybercriminals are sending phishing emails to tax professionals appearing to be tax software providers and attempting to steal user names and passwords.

At this time of year, many software providers issue upgrades while tax professionals are working to meet the October 15th deadline for extension filers. This latest phishing email scam variation has a subject line of “Software Support Update” and highlights an “Important Software System Upgrade.” It thanks recipients for continuing to trust the software provider to serve their tax preparation needs and mimics the software providers’ email templates. 

The email informs the recipients that due to a recent software upgrade, the tax professional must revalidate their login credentials. It provides a link to a fictitious website that mirrors the software provider’s actual login page. Instead of upgrading software, the tax professionals are providing their information to cybercriminals who use the stolen credentials to access the tax professionals’ accounts and steal client information.

The IRS recommends that tax professionals who receive emails purportedly from their tax software providers seeking login credentials send those scam emails to their tax software provider. The IRS also is asking tax professionals to send a copy of the phishing emails to to help the investigation of these scam emails.

This new phishing email scam underscores the need for tax professionals to take strong security measures to protect their clients and their business. Tax professionals and taxpayers should never open a link or attachment from a suspicious email. Further, software providers do not embed links into emails asking tax professionals to validate passwords.


  • Training: Are you training your employees on phishing emails? 
    • All employees at all levels should receive cybersecurity awareness training, including training on phishing emails.
  • Policies: Do you have the appropriate cybersecurity policies and procedures in place? 
    • It is best practice (and sometimes required depending on the area of industry) for all entities, including tax professionals, to have certain policies and procedures, including, for example, written information security program, incident response plan, computer & electronic devices usages policy, and vendor management policy.
Jump to Page

McDonald Hopkins uses cookies on our website to enhance user experience and analyze website traffic. Third parties may also use cookies in connection with our website for social media, advertising and analytics and other purposes. By continuing to browse our website, you agree to our use of cookies as detailed in our updated Privacy Policy and our Terms of Use.