As IRS e-Services begins its move later this month to Secure Access authentication and its two-factor protections, cybercriminals are likely to make last-ditch efforts to steal passwords and data prior to the transition.

IRS e-Services users should be aware of a new phishing scam that tries to trick tax professionals into “signing” a new e-Services user agreement.

The phishing scam seeks to steal passwords and data.These and other sophisticated schemes are adaptive in nature, and everyone should be cautious before clicking on a link or entering sensitive personal information.

How the e-Services Scam Works

The scam email claims to be from “e-Services Registration” and uses “Important Update about Your e-Services Account” in the subject line. It states, in part, “We are rolling out a new user agreement, and all registered users must accept its revised terms to have access to e-Services and its products.” It asks the individual to review and accept the agreement but takes them to a fake site instead.

What to do if you Clicked on a Link

For those who may have clicked on this link, perform a deep scan with security software, and then contact IT/cybersecurity personnel and the IRS e-Help Desk on IRS.gov.

Questions or Concerns?

Don’t hesitate to call the office if you have any questions about IRS e-Services or believe you may have been a victim of an IRS-related scam. To learn more about what the IRS is doing to protect accounts with Secure Access authentication, please visit the e-Services landing page on the IRS website.