Leaderboard

I know why you did it. Your mind was on three different things at once, the name was familiar, you have received similar items before that were legit, and your attention missed the tell-tales for just a half-minute too long. It can happen to ANY of us - which is why you telling us about this incident helps us to stay vigilant. (That it also garners you some sympathy for your aggravation and problem is a nice side effect.) Thank you for the warning! And I hope your IT guy gets everything all set and restored quickly.

Yesterday I got FOUR emails from different people I never heard looking for "representation" work. Yea, right. In the past I have received emails from people I never heard of wanting me to do their returns and attaching their previous year returns, out of the clear blue sky. Yea, right. When I renew my PTIN this year I am definitely opting out of sharing. I take very few new clients anyway. All the IRS listing does is give crooks my contact info. Deb, don't beat yourself up over this. The crooks are really good at what they do, to wit a careful person like you was fooled into entering their den. Good thing you caught it so quickly. Getting into address books is a goal for some of them. I can't count the number of invitations I've gotten from actual clients from their Linked In accounts. Like I really belong in their contractors group or IT group or artist group. I'm with Jack...no drop boxes or cloud retrieval. (One exception: Banks sometimes give me docs this way but always call first with a one-time password.)

WASHINGTON — The Internal Revenue Service today issued the 2017 optional standard mileage rates used to calculate the deductible costs of operating an automobile for business, charitable, medical or moving purposes. Beginning on Jan. 1, 2017, the standard mileage rates for the use of a car (also vans, pickups or panel trucks) will be: 53.5 cents per mile for business miles driven, down from 54 cents for 2016 17 cents per mile driven for medical or moving purposes, down from 19 cents for 2016 14 cents per mile driven in service of charitable organizations https://www.irs.gov/uac/2017-standard-mileage-rates-for-business-and-medical-and-moving-announced

Hard lesson learned! Turns out it wasn't ransom ware but it was a big bug. Computer is brand new so my tech guy is going to reformat the hard drive and restore my operating system. Actually I am one of those who believes you can not be to careful, and I don't know why I did it, I guarantee I will be even more carefull in the future.

Thank you all for your comments. The saving grace is that it was a new computer and I was just starting to move things over. We opted to completed reformat the harddrive and start over. I am very diligent on backups and do keep more than one in different places so it will not be that difficult to restore. My biggest concern is if it is just a virus or where they after and did they get any info. I try hard to ensure safety. I encrypted my hard drive to protect encase of someone breaking in and steeling, I have an external firewall to keep others out, I password protect just about everthing, but there is the chance that something wasn't. Don't know when the bug really took hold, I do know I opened the stupid email on Friday and became aware of something just as they sent out emails to my contacts. I was actually changing my email password when the first email was returned because it couldn't be received, and within 15 minutes sent my own emails out to my contacts to hopefully keep them from opening the attachment. That I know of the only one who did was my brother but doing so on his cell phone and not any of his home or work computers, so we are hoping he's ok. I had a couple call saying they tried but couldn't open it, so don't really know if they have been effected or not, but my IT guys says they could be. So now I'm waiting to get my computer back so I can start over and hope that nothing else comes of this.

...and forest fires.

With the sophistication of cyber crooks, I don't know if this does any good but I've always had two email addresses. One is strictly for friends, family, and clients and the other is the one I use for everything else that requires an email account. The "everything else" email account has no contacts. Lots of spam advertising for Viagra, though.....

About a week ago a supposed attorney sent me an email with a link to documents that he was waiting on for me to sign. I think NOT!

The only protection is the grey matter you have. No software can protect you. Period. Software can make a little easier should you forget safe practices, but software fails miserably at guessing at future threats, and fails often in accuracy. The worst part is "security" software makes some feel protected and they do things they should not. This is coupled with "security" software falsely flagging safe items as unsafe, making the user disable the "security" software, which proves the futility of relying on software for security. If we would go back to reading emails in text only, and not html, email would be incredibly safer. Attachments you were expecting should be saved, scanned (if you believe in such actions), then opened.

I hope this has not happened to any of you, but if it did I would like to hear from you what happened. I received an email from a client that was suppose to be a document he forwarded to me via drop box. Like an idiot I followed the directions and signed into what I thought was drop box via my email account. After looking at the document I thought it was a bit strange, yet still related to tax issues and sort of in character for this client, so I paid it no mind. This morning in another email account that I only use for things that are not important (never given to clients) a similar email showed up, this time however it was flagged (different email provider) as potential spam, so I did not open it. Then came the dawn. I immediately went to reset my pass word to my email account but before I could finish a flood of emails were sent to my contacts containing this same file. I proceeded to reset my password, sent a warning email to all contacts not to open it, and took my computer down to my IT guy who is currently checking it for viruses ect..... My concern is that this is going to turn out to be a Ransom Ware problem, not just an email hack. Has anyone else had this happened (I hope not, and I feel so stupid because I am extremely cautious and careful in this regard, and should have known better, as this is not how DropBox works)? Did you find out anything? I am so nervous right now all I want to do is cry, and I don't cry easy!

Using a throwaway tablet as as screening tool is potentially a good idea - but. (Always a "but"!) If it gets a virus *and* is wifi'd onto your network - it can get on your network. A seminar I just attended said if you suspect anything, first thing to do is pull the ethernet cord off that machine! Then you can change passwords, delete, etc. without viruses getting to your network or going out.

I get asked to create Apple compatible software. Same deal. If your client wants to pay for your time and materials to become competent in that area, great, but I bet your time is worth too much with the income generation you already do, and your leisure time value. I have yet to get any takers for even .001 of what it would cost to develop an Apple version of our software...

Browsers have some built it protection (Get me out of here!), and my antivirus (Eset) does block suspicious sites, plus I have Comodo firewall which blocks suspicious activity... so I feel pretty safe. But if you enter your login credentials on a fake site, you're on your own, especially if you use the same password on your email and other sites.

This is exactly the reason I do NOT use any cloud based file storage or retrieval. PERIOD.

Add external backups. One to keep in your desk, one to keep at home, one to keep in another secure location. More in separate locations as needed for your comfort level. And just as important, do a test disaster recovery at least once a year to make sure you really can restore from a backup, even on a new computer. This includes not only restoring from your backup, but reinstalling needed software. If you do not test the process, you will undoubtedly find gaps in the needed information/knowledge. Do not rely on a computer "expert" for this process. It MUST be you. YOU are the only one who really knows what you will need. Example. Customer had a computer failure. Sent drive off to a high dollar recovery service. Waited. Got a drive back with whatever was able to be recovered. There were no instructions showing how to use what was recovered, so the person, so far, has not been able to make proper use of the recovered information. Could be what was needed was not actually recovered at all. A large amount of time and money spent with no results. The time and expense was well over what it would have cost to hire someone to recreate the missing data. Only YOU can prevent data loss...

Antivirus software will not protect you against this type of scam.

I recently got an email from a lawyer I deal with for several clients and it was one of those secure email systems. I almost clicked on it but the link looked suspicious so I replied to the lawyer and he confirmed that he had not sent that email. Clicking on links in emails has always been and still is one of the most dangerous things you can do. Did you not have any antivirus protection?

I appreciate the warning!

I am so sorry. I have not had this happen, but will definitely be on the lookout.

I have one family that owns a hotel out of the country. FACTA and FinCen and 5471 and more. However, the hotel's books are taken care of by a high-end firm in that country, and they have a currency pegged to the US Dollar so no conversion issues. I get audited financials for the 5471 (that I double-check but do not prepare), I warn all members to file their FBAR/FinCen forms. The one member who has most responsibility has his own tax guy but I do provide the 5471. Other than the 5471 the whole set of returns is pretty straightforward. That's as far as I go. Another client had some joint ventures out of the country and I told him flat-out to get someone else. Foreign operations, foreign employees, currency conversions, foreign taxes, foreign assets (including possibly buildings and land as well as equipment), treaties with multiple nations -- nope. There isn't enough hair dye in the world for me to get involved.

Thanks to all of you. I have been telling him for years that I would be uncomfortable with handling any changes with income out of the country, so it should not be a total shock to him that I don't want to take this on. Just handling all of the ongoing changes in this country gives me more than enough to do.

Your clients need to know if they are due a refund or face a potential tax liability. You are looking out for the interest of your new clients. If you are straight forward with them and sensitive to the situation (which you obviously are), they will respect you for it.

MERRY CHRISTMAS to all! We just bought our Christmas Tree from the market. One of our better clients She deals with good people and even said if we gave it plenty of light and water she would even and come and take it away for us come February! So nicely shaped and just the right amount of fill, etc. Kind of strange quills - I did not get the type. What a great deal and nice young lady she is!! First year in this endeavor, hope she does well. /s

Easytax, you forgot the ornament. Here's one for your new tree:

You won't have any trouble eating all your Christmas cookies with that kind of tree around giving you the munchies.

I've heard you shouldn't hang mistletoe near that kind of tree. It's a dangerous combination.

Gives new meaning to a very Happy and Merry Christmas.

In my opinion if the product is NOT ready to do what it was intended to do and on which basic it was purchased by us by giving TRX advance payment with the expectation that a professional quality tax prep software would be delivered, I don't think any court would uphold TRX's cancellation policy of 72 hours from ordering. He has NOT delivered the good!