WASHINGTON – With identity thieves continuing to target the tax community, Internal Revenue Service Security Summit partners today urged tax professionals to learn the signs of data theft so they can react quickly to protect clients.

The IRS, state tax agencies and the tax industry – working together as the Security Summit – reminded tax professionals that they should contact the IRS immediately when there’s an identity theft issue while also contacting insurance or cybersecurity experts to assist them with determining the cause and extent of the loss.
 
“Tax pros much be vigilant to protect their systems from identity thieves who continue to look for ways to steal data,” said IRS Commissioner Chuck Rettig. “Practitioners can take simple steps to remain on the lookout for signs of data and identity theft. It’s critical for tax pros to watch out for these details and to quickly take action when tell-tale signs emerge. This can be critical to protect their business as well as their clients against identity theft.”

This is the third in a summer series of five Security Summit news releases aimed at raising awareness among tax professionals about data security. The special Protect Your Client; Protect Yourself campaign is designed to help protect against tax-related identity theft by increasing attention on basic security steps that tax professionals and others should take to protect sensitive information.

One common concern the IRS hears from tax professionals is that they did not immediately recognize the signs of data theft.

Summit partners are urging tax professionals to watch out for these critical signs:

• Client e-filed returns rejected because client’s Social Security number was already used on another return.
• More e-file acknowledgements received than returns the tax pro filed.
• Clients responded to emails the tax pro didn’t send.
• Slow or unexpected computer or network responsiveness such as:
• • Software or actions take longer to process than usual,
  • Computer cursor moves or changes numbers without touching the mouse or keyboard,
  • Unexpectedly locked out of a network or computer.

Tax professionals should also watch for warning signs when clients report they’ve received:

• IRS Authentication letters (5071C, 6331C, 4883C, 5747C) even though they haven’t filed a return.
• A refund even though they haven’t filed a return.
• A tax transcript they didn’t request.
• Emails or calls from the tax pro that they didn’t initiate.
• A notice that someone created an IRS online account for the taxpayer without their consent.
• A notice the taxpayer wasn’t expecting that:
• • Someone accessed their IRS online account,
  • The IRS disabled their online account,
  • Balance due or other notices from the IRS that are not correct based on return filed or if a return had not been filed.

These are just a few examples. Tax pros should ensure they have the highest security possible and react quickly if they sense or see something amiss.

If the tax pro or their firm are the victim of data theft, immediately:

•  Report it to the local IRS Stakeholder Liaison

Liaisons will notify IRS Criminal Investigation and others within the agency on the practitioner’s behalf. Speed is critical. If reported quickly, the IRS can take steps to block fraudulent returns in the clients’ names and will assist tax pros through the process.

•  Email the Federation of Tax Administrators at StateAlert@taxadmin.org

Get information on how to report victim information to the states. Most states require that the state attorney general be notified of data breaches. This notification process may involve multiple offices.

•  Be pro-active with clients that could have been impacted and suggest appropriate actions, such as obtaining an IP PIN or completing a Form 14039, Identity Theft Affidavit if applicable. See the early Security Summit reminder about the importance of IP PINs.

Find more information at Data Theft Information for Tax Professionals.

Additional resources

• Publication 5293, Data Security Resource Guide for Tax Professionals, provides an overview resources about how to avoid data theft.
• Tax professionals can also get help with security recommendations by reviewing IRS Publication 4557, Safeguarding Taxpayer Data, and the IRS Identity Theft Central pages for tax pros.
• Tax pros should also review Small Business Information Security: The Fundamentals by the National Institute of Standards and Technology
• Also, tax professionals should stay connected to the IRS through subscriptions to e-News for Tax Professionals and Social Media.
• For more information, see Boost Security Immunity: Fight Against Identity Theft.

Revenue Procedure 2022-29 modifies and supersedes Revenue Procedure 2006-36, 2006-38 I.R.B 498.  It sets forth the procedures for other Government agencies and members of the public to request the creation of special statistical studies and compilations involving return information pursuant to section 6108(b) of the Internal Revenue Code. It further sets forth the criteria for determining reasonable fees for costs associated with the creation of the special statistical studies and compilations.

Revenue Procedure 2022-34 provides indexing adjustments required by statute for certain provisions under section 36B.  Specifically, this revenue procedure updates the applicable percentage table used to calculate an individual’s premium tax credit for taxable years beginning in calendar year 2023 and updates the required contribution percentage for plan years beginning after calendar year 2022.

Revenue Procedure 2022-34 will be in IRB: 2022-33 dated 8/15/2022.

Today, the IRS published the latest executive column, “A Closer Look,” which features Nancy Sieger, IRS Chief Information Officer, discussing one of the most complex modernization programs in the federal government, Customer Account Data Engine 2 (CADE 2), and why it’s important to continue funding. “CADE 2 is a database and multi-faceted processing engine that enables faster refund processing, improved fraud detection and faster case resolution,” said Sieger. “We have completed important work over the last year to help our customers get the assistance they need, in addition to improving the agency’s underlying technology infrastructure. Our continued progress depends on Congressional appropriations that fund IRS operations and our continuing modernization and cybersecurity activities.” Read more here. Read the Spanish version here.

“A Closer Look” is a column from IRS executives that covers a variety of timely issues of interest to taxpayers and the tax community. It also provides a detailed look at key issues affecting everything from IRS operations and employees to issues involving taxpayers and tax professionals.

Check here for prior posts and new updates.

WASHINGTON – As part of a special Security Summit series, the Internal Revenue Service, state tax agencies and nation’s tax industry warn tax professionals to beware of evolving scams designed to steal client data.

The Security Summit partners continue to see instances where tax professionals have been vulnerable to identity theft phishing emails that pose as potential clients. The criminals then trick practitioners into opening email links or attachments that infect computer systems with the potential to steal client information.

The Summit also warns tax professionals using cloud-based systems to store and prepare tax returns and information to make sure they use multi-factor authentication in light of recent attacks. Specifically, the Summit partners urge people using cloud-based platforms to use multi-factor options like phone, text or tokens. This can avoid potential vulnerabilities with authentication done just through email, which is easier for identity thieves to access.

Avoiding these schemes is the second in a five-part series from the IRS, state tax agencies and the nation’s tax community – working together as the Security Summit that highlight critical steps tax professionals can take to protect client data. The focus of the Security Summit series – part of the Protect Your Clients, Protect Yourself campaign – is to urge tax professionals to work to strengthen their systems and protect client data.

“Identity theft scammers continually try new schemes to steal client personal and financial information from tax professionals. We continue to see a barrage of emails aimed at tax professionals trying to trick them into providing valuable access to identity thieves,” said IRS Commissioner Chuck Rettig. “And we continue to urge people to use multi-factor authentication, including those using cloud-based services. Constant vigilance is necessary, not just during tax season but year-round. We urge tax pros, both large operations and smaller ones, to consider these invaluable recommendations to help protect their clients and themselves.”

Phishing emails or SMS/texts (known as “smishing”) attempt to trick the recipient into disclosing personal information such as passwords, bank account numbers, credit card numbers or Social Security numbers. Tax pros are a common target.

Scams may differ in themes, but they generally have two traits:

A specific kind of phishing email is called spear phishing. Rather than the scattershot nature of general phishing emails, scammers take time to identify their victim and craft a more enticing phishing email known as a lure. Scammers often use spear phishing to target tax professionals.

In a reoccurring and very successful scam, criminals posed as potential clients, exchanging several emails with tax professionals before following up with an attachment that they claimed was their tax information. This scam gained energy as many tax professionals worked remotely and communicated with clients over email versus in-person or over the telephone because of the pandemic.

Once the tax pro clicks on the embedded URL and/or opens the attachment, malware secretly downloads onto their computers, giving thieves access to passwords to client accounts or remote access to the computers themselves.

Thieves then use this malware known as a remote access trojan (RAT) to take over the tax professional’s office computer systems, identify pending tax returns, complete them and e-file them, changing only the bank account information to steal the refund.

In the past, criminals have used ransomware attacks to shut down a variety of companies. Criminals can use similar, smaller scale tactics against tax pros. When the unsuspecting tax professional opens a link or attachment, malware attacks the tax pro’s computer system to encrypt files and the thieves hold the data for ransom.

Another emerging scheme the IRS has seen involves weak security from tax professionals using cloud-based systems to store client data. While many cloud-based systems are secure, tax professionals using these should ensure they’re using strong multi-factor authentication on these to avoid thieves accessing their sensitive information.

The IRS has observed multiple instances – frequently involving smaller tax professionals or businesses – where individual accounts on cloud-based platforms have been compromised. Identity thieves’ access these and then use existing data from taxpayer returns to file new tax returns seeking refunds, frequently by mail.

These cloud-based accounts are more vulnerable when tax pros do not use strong multi-factor authentication to validate who is using the platform. Summit partners urge using authentication methods besides email, which can be easier for thieves to access and allow entry into tax professional accounts. Using text, phone calls or tokens are safer options.

These scams highlight the importance of the basic security steps recommended by the Security Summit to protect data:

For tax professionals, securing their network to protect taxpayer data is their responsibility as a tax preparer.

To help tax professionals guard against phishing scams and better protect taxpayer information, the IRS Publication 4557, Safeguarding Taxpayer Data. This IRS publication contains some of the latest suggestions such as using the multi-factor authentication option offered by tax software products and helping clients get an Identity Protection Pin.

Additional resources
In addition to reviewing IRS Publication 4557, Safeguarding Taxpayer Data, tax professionals can also get help with security recommendations by reviewing Small Business Information Security: The Fundamentals by the National Institute of Standards and Technology. The IRS Identity Theft Central pages for tax pros, individuals and businesses have important details as well.

Publication 5293, Data Security Resource Guide for Tax Professionals, provides a compilation of data theft information available on IRS.gov. Also, tax professionals should stay connected to the IRS through subscriptions to e-News for Tax Professionals and Social Media.

For more information, see IRS.gov.

Notice 2022-32 sets forth updates on the corporate bond monthly yield curve, the corresponding spot segment rates for July 2022 used under § 417(e)(3)(D), the 24-month average segment rates applicable for July 2022, and the 30-year Treasury rates, as reflected by the application of § 430(h)(2)(C)(iv). 

Notice 2022-32 will be in IRB:  2022-32, dated August 8, 2022.

With continuing phone and in-person scams taking place across the country, the IRS wants to help taxpayers understand how and why agency representatives may contact taxpayers.

In most instances, the IRS sends a letter or written notice to a taxpayer in advance, but not always. Depending on the situation, IRS employees may first call or visit with a taxpayer.

Here’s how taxpayers can know if a person calling or visiting their home or place of business is a legitimate IRS employee or an imposter. There are special instances where an IRS revenue officer or revenue agent may visit a home or business related to an unpaid tax bill or an audit; the IRS urges people with tax issues to understand the circumstances around these visits and also help protect themselves against imposters.

Text messages: Frequently a scam

The IRS does not send text messages including shortened links, asking the taxpayer to verify some bit of personal information. These fraudulent messages often contain bogus links claiming to be IRS websites or other online tools. Other than IRS Secure Access, the IRS does not use text messages to discuss personal tax issues, such as those involving bills or refunds.

If a taxpayer receives an unsolicited SMS/text that appears to be from either the IRS or a program closely linked to the IRS, the taxpayer should take a screenshot of the text message and include the screenshot in an email to phishing@irs.gov with the following information:

The IRS reminds everyone NOT to click links or open attachments in unsolicited, suspicious or unexpected text messages whether from the IRS, state tax agencies or others in the tax community.

Email: Many tax scams involve email

The IRS does not initiate contact with taxpayers by email to request personal or financial information. The IRS initiates most contacts through regular mail. If a taxpayer receives an unsolicited fraudulent email that appears to be from either the IRS or a program closely linked to the IRS, report it by sending the email as an attachment to phishing@irs.gov. The Report Phishing and Online Scams page at IRS.gov provides complete details.

Mail and phone contacts are first steps with a tax issue

Taxpayers will generally first receive several letters from the IRS in the mail before receiving a phone call. However, there are circumstances when the IRS will call, including when a taxpayer has an overdue tax bill, a delinquent or unfiled tax return or has not made an employment tax deposit.

The IRS does not leave pre-recorded, urgent or threatening voice messages. Additionally, the IRS (and its authorized private collection agencies) will never:

All tax payments should only be made payable to the U.S. Treasury and checks should never be made payable to third parties. For anyone who doesn't owe taxes and has no reason to think they do: Do not give out any information. Hang up immediately. For more information, see IRS warning: Scammers work year-round; stay vigilant.

In-person visits: What to know

IRS revenue officers generally make unannounced visits to a taxpayer’s home or place of business to discuss taxes owed or tax returns due. Keep in mind this important point: Taxpayers would have first been notified by mail of their balance due or missing return. A limited exception involves revenue officer contacts while working a small number of “alert” cases, designed to help businesses from falling behind on withheld employment taxes before a balance due notice is created or mailed. Revenue officers are IRS civil enforcement employees whose role involves education, investigation and when necessary, appropriate enforcement steps to collect a tax debt. A revenue officer will help a taxpayer understand their tax obligations as well as the consequences for not meeting the obligations.

IRS revenue agents will at times visit an individual, business or non-profit who is being audited. That taxpayer would have first been notified by mail about the audit and set an agreed-upon appointment time with the revenue agent. Also, after mailing an initial appointment letter to a taxpayer, an auditor may call to confirm and discuss items pertaining to the scheduled audit appointment.
 
When visited by someone from the IRS, the taxpayer should always ask for credentials or identification. IRS representatives can always provide two forms of official credentials: IRS-issued credentials (also called a pocket commission) and a HSPD-12 card. The HSPD-12 card is a governmentwide standard form of identification for federal employees.

For more information, visit How to know it’s really the IRS calling or knocking on your door on IRS.gov, and the IRS Taxpayer Bill of Rights.

Helpful information on resolving tax issues

The IRS reminds individuals, businesses and non-profits with outstanding tax issues that there are a number of easy ways to get assistance and help them meet their tax obligations. The IRS encourages people to visit a special section on IRS.gov focused on payment options. These include paying taxes through an Online Account with IRS Direct Pay or paying by debit card, credit card or digital wallet. The IRS has options for people who can't pay their taxes, including applying for a payment plan on IRS.gov. Recently the IRS announced expanded voice bot options to help eligible taxpayers easily verify their identity to set up or modify a payment plan while avoiding long wait times.

Remember that the IRS will not:

Taxpayers who have filed a petition with the U.S. Tax Court may receive a call from an Appeals officer to discuss their tax dispute and options for resolution. During the call, the Appeals officer will provide their name, their badge number and their contact information including their phone number, e-fax, and e-mail address. The Appeals Officer will also know the docket number, as well as specifics regarding the case.

Appeals employees will never ask for credit card or banking information. If an Appeals officer cannot reach a taxpayer by phone, they may leave a general voicemail message. When an Appeals employee leaves a voicemail, they will include self-identifying information such as their name, title, badge number, and contact information.

Also, during this call, Appeals employees may ask taxpayers to submit additional documentation regarding their petition directly to the Independent Office of Appeals via mail, fax, or to an email address ending with @irs.gov.

Also note, taxpayers can contact the Taxpayer Advocate Service, which is an independent organization within the IRS that helps taxpayers and protects taxpayers’ rights. They can offer taxpayers help if their tax problem is causing a financial difficulty, they’ve tried and been unable to resolve the issue with the IRS, or they believe an IRS system, process, or procedure just isn’t working as it should. Visit www.taxpayeradvocate.irs.gov or call 1-877-777-4778 for more information.

Today, the IRS published the latest executive column, “A Closer Look,” which features John Hinman, Director, IRS Whistleblower Office, discussing how his team, working closely with other areas in the IRS, enhances tax enforcement through the valuable contributions of whistleblowers. “I’m proud of the work the Whistleblower Office has done and will continue to do, and it’s clear to see the program is working,” said Hinman. “Whistleblower information that the IRS can act on is an important component of effective tax administration and contributes to identifying noncompliance and reducing the tax gap.” Read more here. Read the Spanish version here.

“A Closer Look” is a column from IRS executives that covers a variety of timely issues of interest to taxpayers and the tax community. It also provides a detailed look at key issues affecting everything from IRS operations and employees to issues involving taxpayers and tax professionals.

Check here for prior posts and new updates.

WASHINGTON –– The Internal Revenue Service today released a new five-year Strategic Plan that outlines its goals to improve taxpayer service and tax administration.

The IRS Strategic Plan FY2022-2026 will serve as a roadmap to help guide the agency’s programs and operations. The plan will also help meet the changing needs of taxpayers and members of the tax community.

“Through the Strategic Plan, we want to share our priorities and how they shape the important work that takes place at the IRS, year in and year out, to help taxpayers,” said IRS Commissioner Chuck Rettig. “We serve and interact with more Americans than nearly any other public or private organization. The IRS has undergone tremendous change over the last five years, and we continue to evolve to better serve the nation’s taxpayers.”

The Strategic Plan, developed with input from external partners as well as IRS employees, focuses on four goals that will help improve customer service:

As the IRS works to achieve these goals, it will continue to uphold taxpayer rights and enforce the tax code fairly to improve the taxpayer experience. Under the Taxpayer Bill of Rights, every taxpayer has fundamental rights of which they should be aware when dealing with the agency.
  

WASHINGTON - The Internal Revenue Service is reminding the estimated 19 million taxpayers who requested an extension to file their 2021 tax return that they don’t have to wait until mid-October to file. If a taxpayer has all the necessary information to file an accurate return, they can file electronically at any time before the October deadline and avoid a last-minute rush to file.

Taxpayers who requested more time to file an accurate return have until Oct. 17, 2022. Those who have what they need to file, however, should file as soon as possible to avoid delays in processing their return.

Taxpayers who have questions can get help with most tax issues online or by phone. The IRS.gov website has free and easy to use online tools and resources to help taxpayers get answers 24 hours a day. Voice bots help callers navigate interactive voice responses to simple payment or notice questions, and quickly get responses to Frequently Asked Questions.

The Interactive Tax Assistant is a tool that provides answers to several tax law questions specific to individual circumstances based on input. It can determine if an individual must file a tax return, their filing status, if they can claim a dependent, if an income type is taxable, and their eligibility to claim a credit or deduct certain expenses.

Electronic filing options
The IRS advises individuals who still need to file a 2021 tax return to file electronically and, if due a refund, to choose direct deposit.

Filing electronically is fast, accurate and secure, and when an individual chooses direct deposit, their refund goes directly from the IRS into their bank or financial account getting them their refund in the fastest time possible. If they have a prepaid debit card, they may be able to have their refund applied to the card by providing the account and routing number to the IRS. The IRS processes most e-filed returns and issues direct deposit refunds in less than 21 days.

Eligible individuals can use the IRS Free File program to prepare and file their 2021 federal tax return for free. Taxpayers can choose the brand-name tax preparation software company that is best for them. Some even offer free state tax return preparation. Those who earned more than $73,000 have the option to use IRS Free File Fillable Forms.

MilTax online software is also available for members of the military and certain veterans, regardless of income. This software is offered through the Department of Defense. Eligible taxpayers can use MilTax to prepare and electronically file their federal tax returns and up to three state returns for free.

Volunteer Income Tax Assistance
The IRS's Volunteer Income Tax Assistance (VITA) program offers free basic tax return preparation to people who generally make $58,000 or less and people with disabilities or limited English-speaking taxpayers. While the majority of these sites are only open through the end of the filing season, taxpayers can use the VITA Site Locator tool to see if there’s a community-based site staffed by IRS-trained and certified volunteers still open near them. 

Tax professionals
There are also various types of tax return preparers who can help, including certified public accountants, enrolled agents, attorneys and others who don't have a professional credential.

Taxpayers should choose a tax preparer wisely. For individuals who want help with their taxes, the IRS online directory can assist in finding a tax professional in their area.

Get current on taxes
The IRS sends correspondence to a taxpayer’s last known address, usually the address from their most recently filed tax return. If the taxpayer moves and does not send a change of address to the IRS, they may not receive an IRS notice and could miss the deadline to respond.

There's no penalty for not filing a return if due a refund, but there’s also no statute of limitations for assessing and collecting taxes due if no return has been filed.

Interest is charged on any tax not paid by the April due date and will accrue until paid in full. Individual taxpayers are charged the federal short-term interest rate plus 3 percentage points, currently 5% per year, compounded daily. Penalties will accrue for each month tax remains unpaid until maxed out at 25% of the unpaid tax.

Submitting a tax return and paying any amount owed as soon as possible can help taxpayers avoid further interest and penalties.

Taxpayers who owe taxes can review all payment options online. These include paying taxes through an Online Account with IRS Direct Pay or paying by debit card, credit card or digital wallet. The IRS has options for people who can't pay their taxes, including applying for a payment plan on IRS.gov.

For more information, see:

• IRS encourages taxpayers with October filing extensions and others who still need to file
• Do I Need to File a Tax Return
• What to Do if You Haven't Filed Your Tax Return
• Voice Bot Video
• Self-service options