Client Phishing Scheme

Another twist on the old phishing schemes. This one has been directed at CPA during the tax season but similar schemes have been used to gather information from attorneys, insurance agents, mortgage brokers, real estate agents, and other professionals.

This email appears to come from a client or a potential new client. In the email example above the email appears to be coming from Kevin Miller, who is asking for me to do his taxes. Since I do not do taxes and in no way, advertise for tax clients, the email is suspect on its surface, but let’s dissect it a bit further.

First would you accept a new client with no contact information except an email address? Second, why would a client send you their tax information without first discussing fees? Third, why would a client use a tinyurl to send their tax information. I think everyone realizes that if you click on the link you will be downloading malware onto your computer.

There are several internal controls a firm can implement to protect themselves from this type of fraud:

  1. Train employees to identify suspicious emails and not to click on links on those emails
  2. Make sure that you speak with a client on the phone before accepting electronic documents
  3. Never open links for documents from a client unless you have a retainer or advance fee
  4. Have good antivirus, antimalware, and antiransomware software on your system
  5. Make sure your antivirus, antimalware, and antiransomware is up to date
  6. Forward the email or the URL of the website to the IRS at

For more information review IR-2017-03 which can be viewed at

About Dr.Bob

Dr. Minniti is the President and Owner of Minniti CPA, LLC. Dr. Minniti is a Certified Public Accountant, Certified Forensic Accountant, Certified Fraud Examiner, Certified Valuation Analyst, Certified in Financial Forensics, Master Analyst in Financial Forensics, Chartered Global Management Accountant, and is a licensed private investigator in the state of Arizona. Dr. Minniti received his doctoral degree in business administration from Walden University, received his MBA degree and Graduate Certificate in Accounting from DeVry University’s Keller Graduate School of Management, and received his Bachelor of Science in Business Administration degree from the University of Phoenix. Dr. Minniti teaches graduate and undergraduate courses in accounting, fraud examination, fraud criminology, ethics, forensic accounting, external audit, and internal audit, at DeVry University, Grand Canyon University, Northwestern University, and the University of Phoenix. He designed graduate and undergraduate courses for Grand Canyon University, Northwestern University, and Anthem College. He is a writer and public speaker. He has experience in forensic accounting, fraud examinations, financial audits, internal audits, compliance audits, real estate valuations, business valuations, internal control development, business continuation planning, risk management, financial forecasting, and Sarbanes-Oxley compliance work. Dr. Minniti is an instructor teaching continuing professional education classes for the American Institute of Certified Public Accountants, Compliance Online, CPE Link. AccountingEd, Global Compliance Panel, Clear Law Institute and various state CPA Societies.

Leave a Reply

Your email address will not be published. Required fields are marked *