New spear phishing alert - ERO support scheme

Alerts and notices
Leave feedback

Internal Employees: Submit feedback

Contact information (optional):

Leave this blank:

Please tell us how we can make this information more helpful.

Characters left:

A new spear phishing scheme is trending across the practitioner community. The alert description we have received from the IRS is as follows:

"This scheme is committed by entities that represent themselves as or They are contacting practitioners after they have identified which ERO the practitioner uses to transmit returns. The caller suggests the ERO needs to reinstall or correct problems with their software.  The caller states they are working on behalf of the ERO and can help resolve the problem by having the practitioner connect to their website, get a passcode from them, and then give them access to the practitioner's computer.  Once they have access to the computer, they take over the practitioner accounts." 

Thomson Reuters delivers updates to your CS Professional Suite applications via CS Connect. We would not contact you from the mentioned domains to reinstall or correct a software issue.

Installations for new product releases are completed via the Products Downloads page on our website and will require you to sign in with your CS Web account login credentials. If you do not have a CS Web account, please see Creating and managing CS Web accounts.

For more information about updates to UltraTax Tax CS, please see Downloading and applying updates and CS connect overview. For Accounting CS, please see Downloading and applying application updates and CS Connect overview.

Additional resources 

Accounting CS / Workpapers CS: Alerts and notices

Accounting CS user bulletin

CS Professional Suite: Using the user bulletins to determine the latest program version

2016 UltraTax CS: Alerts and notices

UltraTax CS user bulletin

Share This