These phishing emails appear to come from “IRS Tax E-Filing” and contain the subject line, “Verifying your EFIN before e-filing.” Additionally, other phishing emails have been spotted attempting to gather Preparer Tax Identification Numbers (PTINs) and e-Service credentials, or claiming to be clients filing remotely and include malware-laden attachments.

Our partner, The New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) recommends tax professionals avoid clicking on links, enabling macros, or opening attachments within unexpected or unsolicited emails. Additionally, users are encouraged to exercise caution with unexpected emails, even those that come from a known contact. The IRS requests tax professionals who receive these phishing emails to save the email as a file and forward as an attachment to [email protected], as well as notify the Treasury Inspector General for Tax Administration at www.tigta.gov to report the IRS impersonation scam.