Wolters Kluwer phishing email

[GLJEANNE]

Well this is a new one.  Not their email address, and I don't even have this software. 

Titled EFIN SUMMARY UPDATE, from Wolters Kluwer <[email protected]>:

CCH® ProSystem fx® Tax Release 2023.02030

Dear Valued Customer,

We shall be updating our system and would be needing a copy of your EFIN SUMMARY to keep your software active.

We will need a summary generated at least 30days before now.

The Summary tab should list your Firm Name/Address, Provider Options and your EFIN number for verification.

You need to go to your IRS E-file provider services to download a recent and current Efin application page.

Kindly attach a clear copy of your EFIN SUMMARY and get back to us via email or fax to 1 (619) 637-9333.

Sincerely,

Wolters Kluwer

Please do not respond to this automated email message. This is an unattended mailbox.

Confidentiality Notice: This email and its attachments (if any) contain confidential information of the sender. The information is intended only for the use by the direct addressees of the original sender of this email. If you are not an intended recipient of the original sender (or responsible for delivering the message to such person), you are hereby notified that any review, disclosure, copying, distribution or the taking of any action in reliance of the contents of and attachments to this email is strictly prohibited. If you have received this email in error, please permanently delete any copies (digital or paper) in your possession.

 

[Lee B]

Yes with help of AI, the scammers are getting more sophisticated and polished.

[Lee B]

Copied from Forbes:

"An Austin-based CPA firm was hacked after a part-time employee clicked on a link in an email with a reminder to renew her password. The scam is becoming increasingly common, and last month, the IRS alerted tax professionals to watch out for a new round of filing season-related email schemes. Cyber insurance can help, but not all policies offer complete coverage."

Here's a phishing email scam that worked

[BulldogTom]

Just read an article on MSN page that Drake software users are also getting those emails.   They are after us.   They know what we hold in our systems and they want it.

Tom
Longview, TX

[Medlin Software, Dennis]

If the email reading software allowed such an easy click through, then that is item one to resolve. Make it so links cannot be clicked through without some sort of safety process. Text based readers, at least for the first run through are great.  I used MailWasher before. Email software should have the ability to show messages in the text version (not html) by default, which will make it impossible for a novice (such as an employee) to easily open a link.

When viewing a message as plain text, the links are shown fully, not something like "Click here, I won't steal anything". That is where something like mail washer comes in, as nothing (IIRC) is clickable.

[Medlin Software, Dennis]

Something else to ponder. If the emails are truly targeting users of a specific software, then that software vendor is likely selling your email address. Ties back to always using an individual email address for each subscription/software/newsletter/etc. so you can see who does what. There are many ways, an example is the gmail "plus" method. Your email provider can tell you how.

[Lion EA]

 

Child Care Centers and Preschools in Naperville IL

ChildCareCenter.us

https://childcarecenter.us › illinois › naperville_il_chil...

Naperville, IL 60563 | (630) 637-9333. Mission Statement The form of service ... At Just For KIDS Preschool, we provide a variety of programs whose primary ...

[GLJEANNE]

Not just us, the IRS just posted about this:

https://www.irs.gov/newsroom/irs-warns-tax-professionals-to-be-aware-of-efin-scam-email-special-webinars-offered-next-week?utm_source=bambu&utm_medium=social&utm_campaign=advocacy

 

[Patrick Michael]

Just received one supposedly from Drake.