Digital Gov

Another IRS tax tool bites the dust

IRS Headquarters in Washington, D.C. (Photo credit: Rob Crandall / Shutterstock.com) 

The IRS has nixed its online and telephone-based electronic filing PIN offerings following increased cyberattacks.

In a June 23 statement, the agency cited an increasing frequency of automated attacks through which hackers could generate the e-file PINs needed to file fraudulent refunds.

Tax industry insiders have long sounded the alarm on the tool's reliance on Social Security numbers and other static identifiers. Answers to such "out-of-wallet" questions can sometimes be easier for scammers to obtain than answers to the knowledge-based authentication that failed to protect another IRS web tool, Get Transcript.

IRS officials said they were shutting down the e-file PIN options as a precaution to protect taxpayers, and they had already been working with the tax-preparation industry to eliminate the feature.

The tool has been the target of bot attacks since at least February, but officials said they opted to delay taking the tool off-line because most commercial tax-preparation software relies on it to some degree.

As it yanks down insecure web tools, the IRS has been building a new security model that incorporates two-factor authentication and a harder-to-answer series of security questions.

About the Author

Zach Noble is a former FCW staff writer.

Featured

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Stay Connected