2025 IRS Security Summit Awareness Campaign: Protect Your Clients; Protect Yourself

Mark Castro, CPA
September 17, 2025

The 2025 “Protect Your Clients; Protect Yourself” summer campaign highlights the most pressing security concerns and provides practical steps tax professionals can take to safeguard their clients’ personal and financial data—as well as their own. Here are the the key areas of emphasis in 2025:

For the tenth year, the Internal Revenue Service (IRS) and its Security Summit partners are working together to raise awareness and help tax professionals remain vigilant against the evolving threat of tax-related identity theft.

The 2025 “Protect Your Clients; Protect Yourself” summer campaign highlights the most pressing security concerns and provides practical steps tax professionals can take to safeguard their clients’ personal and financial data—as well as their own. Here are the the key areas of emphasis in 2025:

1. Phishing, Spear Phishing, Whaling, and the “Security Six”

Phishing and related scams remain among the most common threats targeting tax professionals. These scams attempt to trick recipients into revealing sensitive information such as passwords, Social Security numbers, or banking details.

Phishing: Mass emails designed to steal information.
Spear Phishing: Targeted attacks aimed at specific individuals or businesses.
Clone Phishing: Replicating legitimate emails with malicious links or attachments.
Whaling: Attacks aimed at high-profile individuals, such as executives.

For definitions and examples, see IRS News Release IR-2025-75

2. Tools for Protecting Against Tax Identity Theft

The IRS and Security Summit partners continue to stress the importance of using available tools to defend against identity theft:

IRS Identity Protection PIN (IP PIN):
- A voluntary, six-digit PIN that adds an extra layer of security to a taxpayer’s federal return.
- Clients must pass an identity verification process to obtain one.
- Each PIN is valid for one calendar year.
- Tax preparers should strongly encourage clients to opt in.
Multi-Factor Authentication (MFA):
- Strengthens account security by requiring more than a username and password.
- Required under the Federal Trade Commission’s Safeguards Rule to protect sensitive client data.
IRS Online Account:
- Provides taxpayers with a secure way to access their IRS account information.
- Helps prevent fraudsters from creating unauthorized accounts in a client’s name.

For more details, see IRS News Release IR-2025-83

3. Written Security Plans Are Mandatory

Tax professionals are legally required to maintain a Written Information Security Plan (WISP). This plan helps protect against data breaches and identity theft by ensuring firms have structured safeguards in place.

Plans must be written, accessible, reviewed, tested, and updated regularly.
Updates should reflect changes in operations, technology, or security testing results.
The IRS has updated Publication 5708: Creating a Written Information Security Plan for your Tax and Accounting Practice, a 28-page, easy-to-use template to help tax professionals build and maintain their own WISP.

For more information, see IRS News Release IR-2025-79

4. Guarding Against Identity Theft

The IRS reports that through June 2025, there were nearly 300 data breaches among tax preparers, impacting 250,000 clients.

Common schemes include:

Fake “new client” solicitations.
Phishing emails disguised as IRS communications.
Attempts to trick preparers into clicking malicious links or giving away sensitive information.

Tax professionals should also be alert to red flags that indicate a client may have been a victim of identity theft, such as:

An IRS Online Account created or accessed without their consent.
Unrequested tax transcripts.
Incorrect IRS balance-due notices.
Refunds issued without a filed tax return.

For details, see IRS News Release IR-2025-88

Additional IRS Resources

Tax professionals can learn more about strengthening security practices and preventing data theft by reviewing the following resources on IRS.gov:

Security Summit page
Protect Your Clients; Protect Yourself – Summer 2025 page
Protect Your Clients; Protect Yourself page
IRS Publication 4557 – Safeguarding Taxpayer Data
Data Theft Information for Tax Professionals
IRS Publication 5461-D – Tax professionals should review their security protocol
Protect Your Clients; Protect Yourself – Summer 2024 page

Final Reminder

Identity theft remains a serious and ongoing threat. By staying alert and implementing the IRS-recommended safeguards, tax professionals can play a critical role in protecting both their clients and their practices.

Share the Post:

New Federal Overtime Pay Deduction: How the 2025–2028 Rules Lower Taxable Income for Millions of Workers

A new federal deduction allows workers to exclude up to $12,500 ($25,000 for MFJ) of qualified overtime pay from taxable income for tax years 2025–2028. Learn how eligibility, phase-outs, and IRS reporting rules apply.

New 2025–2028 Tip Income Deduction: What Taxpayers Need to Know

A new federal tax deduction lets eligible workers deduct up to $25,000 of tip income from 2025–2028. With fresh IRS guidance now available, taxpayers can see how to calculate qualified tips, determine eligibility, and understand phase-out rules for higher-income filers.