IRS Warning on Phony New Client Scams and How to Protect Your Business

Introduction: 

The IRS has recently issued a warning to tax professionals about a growing threat known as the “phony new client” scam. This type of scam is a form of spear-phishing specifically targeting accountants, tax preparers, and firms that handle sensitive financial data. In this blog, we’ll break down how this scam works, the risks it poses, and the additional red flags every taxpayer and business owner should watch out for.

How the Phony New Client Scam Works

In this scheme, scammers pose as potential clients reaching out to hire your services. Their initial email often appears legitimate, expressing interest in working with your firm. The goal is to build trust and prompt a response.

Once you reply, the scammer follows up with another email containing an attachment. This file is typically disguised as standard documents, such as prior tax returns or financial records. However, opening the attachment can install malware on your system, giving attackers access to sensitive client data and internal systems.

The Risks to Your Firm and Clients

If the malware is successfully installed, it can compromise your entire network. This may lead to unauthorized access to confidential information, including Social Security numbers, financial records, and tax filings.

Beyond the data breach itself, your firm may face reputational damage, loss of client trust, and significant time spent resolving the issue. For many businesses, the disruption alone can be costly.

Warning Signs to Watch For

The IRS urges professionals to remain cautious when dealing with unsolicited emails. Some common red flags include:

• Emails from unknown individuals claiming to be new clients

• Unexpected attachments or links

• Urgent or unusual requests for information

• Inconsistent details or suspicious email addresses

  
  

Taking a moment to verify the sender before opening attachments can prevent major issues.

Best Practices for Protecting Your Business

Maintaining strong cybersecurity habits is essential in today’s environment. Consider these steps:

• Verify the identity of new clients before engaging

• Avoid opening attachments from unknown sources

• Use secure systems and updated antivirus software

• Train your team to recognize phishing attempts

• Limit access to sensitive data within your organization

  
  

Simple precautions can significantly reduce your risk of falling victim to these scams.

Additional Red Flags When Working with Tax Preparers

While scams target professionals, taxpayers also need to be cautious about whom they trust with their returns. One major red flag is a preparer who refuses to sign the tax return. This often indicates they don’t want to be held accountable for the work they’re doing.

Other warning signs include:

• Preparers promising unusually large refunds

• Claims of “secret” tax strategies

• Aggressive marketing, especially through social media

• Requests to sign blank or incomplete returns

Remember, even if someone else prepares your taxes, you are ultimately responsible for what is filed with the IRS.

Conclusion:

The rise of phony new client scams highlights the importance of vigilance for both tax professionals and taxpayers. By verifying new contacts, avoiding suspicious attachments, and following strong cybersecurity practices, firms can protect their systems and client data.

At the same time, taxpayers should work only with reputable professionals who sign their returns and operate transparently. Avoid shortcuts or questionable strategies, and never sign incomplete documents.

Taking these simple but critical steps can help you avoid unnecessary risks, protect your information, and ensure compliance with IRS regulations.