🚨 Urgent IRS Warning: Hackers Are Targeting Accountants Right Now

Tax season is here—and cybercriminals know it.

The IRS has issued an urgent warning about a new phishing scam targeting accountants and tax professionals. These attackers are posing as potential clients to trick you into giving them access to your email, your passwords, and your entire client list.

🎯 How the Scam Works

Hackers are impersonating new clients reaching out for help. They send a polite, professional-looking email with a document or link—usually saying it contains their tax documents.

The moment you click?

• Malware is installed on your system

• Your email and passwords are compromised

• Your client list is now in the hands of criminals

• Your clients start receiving fake tax updates and wire fraud attempts—from your email address

📄 Read the official IRS warning here

⚠️ Why This Is So Dangerous

You’re under pressure. You’re juggling dozens of clients. And hackers are counting on that.

They rely on distraction and urgency—the exact conditions that make phishing attacks successful. And because your firm holds some of the most sensitive personal and financial data there is, you’re a prime target.

Even one wrong click could:

• Breach client confidentiality

• Trigger regulatory penalties

• Wreck your reputation

• Put your firm in legal and financial jeopardy

✅ What You Should Do Right Now

1. Warn Your Team

Make sure everyone on your staff knows about this scam. Train them to spot suspicious emails—especially ones from “new clients” asking you to open attachments.

2. Review Your Security Plan

Under FTC Safeguards Rule and Gramm-Leach-Bliley Act, accounting firms must have a Written Information Security Plan (WISP) in place. If you don’t have one—or if it’s outdated—you may be out of compliance with federal law. That could mean denial of any insurance claims related to a breach.

3. Schedule a Level 1 Cybersecurity Assessment

If you’re unsure about your current defenses, let us take a look. Bawn was founded by former FBI cyber agents—we’ve seen these attacks from both sides. Our quick, no-pressure assessment can identify vulnerabilities before hackers do.

👉 Schedule Your Security Assessment Now

🔒 This Isn’t Just About Compliance—It’s About Trust

Your clients rely on you. And your firm’s reputation is built on confidentiality. Don’t wait until after a breach to take action.

If you have any questions, or you think you may have already clicked something suspicious, contact us immediately. We’re here to help.

Bawn
Crush Cyber Risk