IRS WISP Builder Tool | 3 IRS Tax Scams to Watch Out for in August 2025
Book a Demo
Log in
Resources & News

3 IRS Tax Scams to Watch Out for in August 2025

August 7, 2025
IRS WISP Builder Tool | 3 IRS Tax Scams to Watch Out for in August 2025

31 IRS tax scams in just 15 days

G.I. Joe said that “Knowing is half the battle.” and it’s true.  

The IRS just issued a serious warning, and for all tax professionals it is a big wake-up call. 

Glenn Gizzi, IRS Stakeholder Liaison, reported that there have been 31 IRS tax scams and data breaches targeting tax professionals all in just the last 15 days. That’s more than two attacks per day, and that’s not even the worse part. These scams are sophisticated threats created to outsmart even the most experienced tax preparers.

Here are the top 3 IRS tax scams to watch for now:

Malware disguised as IRS tax documents

Hackers are embedding malware into documents that look exactly like the real IRS forms you see every day. These files are even tested against antivirus software before being sent making it difficult to spot.  

Fake Form 8879s

Scammers are sending fraudulent versions of Form 8879 to trick staff into releasing sensitive client information. 

Phishing emails pretending to be referrals or new clients

Emails that appear to be from a potential client or colleague are actually phishing emails that are meant to steal your credentials or drop malware onto your system.

These scams are powered by AI-driven malware, which means they’re constantly evolving and growing stronger, and basic virus protection isn’t enough anymore.

What your IRS WISP can and can’t do.

A Written Information Security Plan (WISP) can’t stop someone from clicking a malicious link, but here’s what an IRS WISP can do: 

  • Limit the damage if there is a data breach
  • Help you find vulnerabilities sooner
  • Keep you compliant with IRS and FTC showing you had a plan, even in a breach 
  • Train your team to recognize red flags 

The only problem is that if your WISP hasn’t been updated in the last 90 days, it’s likely outdated. And if it’s just sitting in a drawer, it’s most likely not even compliant in the case of a data breach. 

What this means for tax accountants

As a tax pro, you’re not just filing returns anymore.  You’re defending sensitive data. In 2024 alone, cyberattacks cost the tax industry $6.4 billion and this number continues to rise.

A Written Information Security Plan isn’t just about compliance, it’s an essential requirement for protecting your client’s data and your reputation. The threats are only getting stronger and happening more often.  Take the steps needed to stay vigilant.  Create Your WISP, review your WISP, train your staff, and be ready for what’s next. And remember knowing is half the battle.

cyber security plan for accountantsdata security accountingirs tax scamsirs wisp complianceirs wisp reviewIRS WISP templatewritten information security plan
Next
Complete An IRS WISP Review Annually: A Step-by-Step Guide
Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from - Youtube
Vimeo
Consent to display content from - Vimeo
Google Maps
Consent to display content from - Google
Spotify
Consent to display content from - Spotify
Sound Cloud
Consent to display content from - Sound
Save
Trustpilot
Book a Demo