October 10, 2025
Phishing Season Never Ends: Safeguard Your Tax Firm & Strengthen Client Trust
The peak of tax season demands your full attention, but don't let your guard down. One urgent-looking email about a "refund issue" could be enough to compromise client data and your EFIN (Electronic Filing Identification Number). The IRS reminds tax professionals that it does not initiate contact by email or text to request personal or financial information. Most legitimate contacts begin by letter. When in doubt, don't click—verify through known channels and forward suspicious messages to phishing@irs.gov .
Evolving Threats Call for Smarter Defenses
Cybercriminals are increasingly sophisticated, leveraging the urgency of tax season to target both tax professionals and their clients. These attacks aren't random; they're calculating attempts to exploit trust and access sensitive financial data. According to the IRS Security Summit alerts, phishing and cloud-based schemes now extend well beyond filing season.
Watch for subtle tactics. Today's phishers use clean branding, lookalike senders and realistic links. Watch for domains such as irs-gov[.]com or subdomains like irs[.]gov-refund[.]secure-payments[.]com (both fake). Always check the reply-to address, hover over URLs before clicking and be skeptical of urgent language like “Refund Overdue—Action Required”. These tactics are designed to bypass even cautious professionals, making continuous awareness essential.
Consistency Builds Resilience
Phishing isn't seasonal. IRS alerts stress continuous controls—especially outside peak months when routines relax. Establish a standing cadence for mailbox rule reviews, credential hygiene and running simulated phish tests tied to IRS themes. Use the Tax Security 2.0 checklist and keep your WISP current.
A data breach isn't just a technical issue; it's a crisis of trust. For small firms, the consequences of lost revenue, reputational damage and regulatory scrutiny can be devastating. Your clients rely on your expertise and your commitment to protecting their information. According to the Federal Trade Commission, consumers reported $12.5B lost to fraud in 2024, with a sharp rise in money-loss rates.
Cox Business: Your Partner in Proactive Cybersecurity
At Cox Business, we offer comprehensive tools to help you identify vulnerabilities and implement solutions that deliver clarity and control. Our security experts will work with you to:
- Reduce breach risk with proactive firewalls and intrusion detection systems.
- Protect your reputation by enforcing DMARC policies and fixing SPF/DKIM.
- Minimize insider threats and data leakage by disabling legacy protocols and auto-forwarding to external accounts.
- Empower your team with external emails banners and domain blocking.
Our goal is to provide you with the tools and expertise needed to protect your clients' data and build a resilient practice.
Ready to Strengthen Your Defenses?
Schedule a free cybersecurity consultation today and discover how Cox Business can help you achieve your security goals. Visit coxbusiness.com to get started.
Sources:
- IRS: Ways to tell if the IRS is reaching out or if it's a scammer (contact methods)
- IRS (GovDelivery fact sheet): The IRS does not initiate contact by email… (report to phishing@irs.gov )
- IRS Security Summit alerts for tax pros (evolving phishing & cloud schemes)
- IRS Tax Security 2.0 checklist for tax pros
- IRS Publication 4557 (Safeguarding Taxpayer Data)
- IRS Data Theft info for tax pros (who to contact if client data is involved)
- CISA Phishing Guidance: Stopping the Attack Cycle at Phase One
- FTC: $12.5B reported losses to fraud in 2024
