The IRS issued a newswire (IR-2016-119) on September 2, 2016 warning practitioners of the latest way that the bad guys are scamming the IRS out of money that does not belong to them. Actually, it belongs to us, so they are stealing for all of us.
Personal tax returns (form 1040) for which an extension was filed, are due by October 15th. Now is the time that the scammers are back. The newest warning details that unscrupulous individuals, with more brains than sense, are hacking remotely into tax practitioner’s computers to file false tax returns. The bad guys are using the tax practitioner’s software and directing refunds to their own dummy bank accounts. The tax practitioner only knows he has been hacked by the e-file acknowledgements they receive after the fact, when it is too late and there is no way to un-file.
My question is this; does your tax preparer have enough security on their system to prevent this type of action? I believe we do, we take specific measures to ensure our client’s personal information is secure. We change passwords regularly and create complex passwords to deter hacking. However, do these pop up tax preparation companies put as much thought and effort into their security as we do? I would hope so, but I doubt it. Most don’t even adhere to the basic principle of circular 230 which applies to all tax practitioners.
Do your research. Ask about their security measures. Also consider, does your tax preparer charge for the services they provide? (I would think so if they want to make any money) If so, do they sign the return as the preparer? (They must according to the IRS). Do they use a PTIN “Preparer tax identification number”? (Also a requirement of the IRS) If the answer to these is no, run away as fast as you can, any tax professional worth having will adhere to the basic rules above, and the other rules in circular 230.