ShieldApps > News > IRS Warns Tax Professionals: Stay Alert for Phishing and Other Attacks

Articles & News

The best Privacy and Security apps are just a click away...

25 July 2025

IRS Warns Tax Professionals: Stay Alert for Phishing and Other Attacks

( , - 7/25/2025)

What Happened

The Internal Revenue Service and its Security Summit partners kicked off Week 2 of their “Protect Your Clients; Protect Yourself” summer series on July 15, 2025. In their
news release, the IRS warned tax professionals that cybercriminals are using increasingly sophisticated phishing emails and other schemes
to steal clients’ personal and financial data.

The Security Summit — a public‑private partnership of tax professionals, state tax agencies, and industry partners — has worked since 2015 to combat identity theft and fraud
(irs.gov).

What Kinds of Scams Are Out There?

The IRS explained that phishing attacks come in many forms:

  • Phishing and Smishing: Emails or texts tricking recipients into clicking malicious links or downloading malware.
  • Spear Phishing: Targets specific individuals with realistic-looking emails.
  • Clone Phishing: Duplicates a legitimate email and sends it again with a malicious attachment or link.
  • Whaling: Targets high-level executives or administrators with access to sensitive data.
  • “New Client” Scam: Disguises malware in what appears to be a message from a prospective client.

Red Flags to Watch For

The IRS advises tax professionals to be alert for the following signs of phishing:

  • Unexpected messages from trusted sources urging quick action.
  • Duplicate emails with new attachments or links.
  • Urgent password reset or information update requests.
  • Email addresses or domains with slight misspellings (e.g., irs.com instead of irs.gov).

Security Six: Essentials for Protecting Client Data

To secure systems and protect client information, the Security Summit recommends six basic controls:

  • Use up-to-date anti-virus software to detect malware.
  • Implement firewalls to block malicious traffic.
  • Enable multi-factor authentication (MFA) for cloud services.
  • Back up data regularly to mitigate ransomware and disasters.
  • Encrypt sensitive drives to prevent unauthorized access.
  • Use a virtual private network (VPN) for secure data transmission.

If you suspect a breach or phishing incident, contact an IRS Stakeholder Liaison and report it to your state tax agency
(irs.gov).

How Cyber Privacy Suite Can Help

ShieldApps’ Cyber Privacy Suite offers multi-layered protection that aligns with the IRS’s recommendations. Key features include:

  • Built-in anti-virus engine for malware and ransomware detection.
  • Real-time firewall and malware protection.
  • Secure VPN to encrypt internet traffic and protect sensitive data.
  • Password vault to encrypt and store login credentials securely.
  • Dark web monitoring for exposed personal information.
  • Identification of sensitive documents stored locally for quick response in case of data compromise.

By combining anti-virus, identity theft monitoring, and encrypted VPN tools, Cyber Privacy Suite delivers the layered defense strategy that the IRS strongly recommends for all tax professionals.