Protect Your Clients & Your Practice: Final IRS Reminder in Summer Security Series

The IRS and Security Summit partners have just concluded Week 5 of their “Protect Your Clients; Protect Yourself” summer series with a crucial reminder for tax professionals: identity theft is ever-evolving—and it’s targeting us more than ever. In the first half of 2025 alone, there were nearly 300 data breaches affecting up to 250,000 client records.

Common Schemes to Watch For

Identity thieves are constantly adapting. The most widespread attacks include:

• Fake “new client” emails with malicious links or attachments meant to steal credentials or load malware.

• Phishing scams aiming to capture passwords, Social Security numbers, or CAF/PTIN data.

• Phone calls, fake texts, printed mail, or social media posts with misleading or fraudulent tax claims.

  
  

Red Flags Tax Pros Should Know

Be alert if you notice:

• Unexpected IRS Online Account activity.

• Unsolicited tax transcripts or balance-due notices.

• Unauthorized e-file acknowledgments or IRS authentication letters.

• Sluggish system performance, lockouts, or return rejections due to duplicate SSNs.

  
  

Tools to Strengthen Your Defenses

Secure your practice with these essential resources:

• Written Information Security Plan (WISP): Start with IRS Publication 5708—a legal requirement and security best practice.

• The “Security Six”:

  1. Anti-virus protection

  2. Firewalls

  3. Regular backups

  4. Encrypted drives

  5. Multi-Factor Authentication (MFA)

  6. Virtual Private Network (VPN)

• Identity Protection PINs (IP PINs): A six-digit code unique to each taxpayer to thwart fraudulent filings.

• IRS Online & Tax Pro Accounts: Secure platforms for accessing client data and managing authorizations.

  
  

If a Breach Happens

Immediate action matters:

1. Report to your local IRS Stakeholder Liaison—they can halt fraudulent filings.

2. File a breach report with your state tax agency via the Federation of Tax Administrators’ portal.

3. Notify affected clients and guide them to apply for an IP PIN or submit Form 14039 (Identity Theft Affidavit).

   
   

Staying Informed Year-Round

• Subscribe to IRS e-News and follow official IRS social media channels for updates.

• Review key IRS publications like:

  • Publication 5293 — Data Security Resource Guide

  • Publication 4557 — Safeguarding Taxpayer Data

  • Publication 5708 — WISP Planning Template

    
    

How MyTAXPrepOffice Supports Security

• Built-in Security Reminders: Stay on top of WISP requirements and best practices.

• Integrated MFA Support: Secure access at the software and data level.

• Client Portals with Encryption: Safely exchange documents and messages.

• Secure Backup Options: Keep your client data protected, always.

  
  

Final Thought

Identity theft doesn’t pause during summer—and neither can your security efforts. As the IRS reminds us, protecting client data starts with proactive planning. Let MyTAXPrepOffice help you build that defense.

Disclaimer: This article is for informational and educational purposes only and does not constitute legal tax advice. Advanced Tax Solutions is not liable or responsible for any damages resulting from or related to your use of this information. It is your responsibility to refer to official IRS documentation for information regarding any tax laws or tax information shown here.