Sep 26 (edited) • 💰TAX PRO Lounge
How an EFIN gets compromised
- Phishing / social engineering: scammers pose as the IRS, software vendors, or partners to trick you into giving e-Services credentials or your EFIN. IRS+1
- Stolen credentials / weak authentication: reused or weak passwords, no multi-factor authentication, or leaked credentials let attackers log in and retrieve EFIN info. IRS
- Malware or network breach: ransomware/keyloggers on a preparer’s computer or network can exfiltrate EFINs and e-Services access. IRS
- Insider misuse or accidental exposure: employees, ex-employees, or contractors who have access share or misuse the EFIN (intentionally or not). IRS
- Scams that request documentation: fraudulent emails instructing you to fax or upload EFIN documents to a bogus number/portal. These have been widely reported. revenuefiles.delaware.gov
- Using an EFIN improperly (e.g., an EFIN from a previous employer or an EFIN not owned by your current firm) — this can be treated as invalid/compromised use.
6
8 comments
How an EFIN gets compromised
powered by
skool.com/tax-bully-hub-1283
A hub for tax pros, credit experts, notaries & bookkeepers to grow, connect, and access tools, trainings, and templates to level up.
Suggested communities
Powered by