The IRS, state tax agencies and the tax industry warned tax professionals to be alert to taxpayer data theft in the final weeks of the tax filing season. The Security Summit partners urged all tax professionals to enhance their data safeguards immediately. In recent days, the “New Client” scam has reemerged, signaling ongoing attempts by cybercriminals to target tax professionals with spear phishing schemes. In this scam, a “new client” emails the tax pro about a tax issue, attaching documents to their email that claim to be an IRS notice or prior-year tax information. The documents actually contain malware that, if opened, enable the criminals to steal taxpayer information.

This filing season, the Internal Revenue Service has seen a steep upswing in the number of reported thefts of taxpayer data from tax practitioner offices. Seventy-five firms reported taxpayer data thefts in January and February, nearly a 60 percent increase from same time last year. Much of this increase follows one scam, the erroneous-refund scheme, that affected thousands of taxpayers and numerous practitioners earlier this filing season. January through April represents prime season for cybercriminals to attack tax practitioners, but data thefts can occur at any time. All tax professionals should be on high alert and deploy strong security measures as the filing season reaches a peak with the April 17 deadline. Criminals try to take advantage of this extremely busy time of year when tax professionals are in greater contact with the taxpayers and are in possession of more data.

Some tax professionals may be unaware they are even victims of data theft. Here are some signs:

• Client e-File returns begin to reject because returns with their SSNs already filed;
• The number of returns filed with tax practitioner’s EFIN exceed number of clients;
• Clients who haven’t filed tax returns begin to receive authentication letters (5071C, 4883C, 5747C) from the IRS;
• Network computers running slower than normal;
• Computer cursors moving or changing numbers without touching the keyboard;
• Network computers locking out tax practitioners.

Identity thieves often are part of sophisticated criminal syndicates based here and abroad who have the resources, tax savvy and digital expertise to pull off these crimes. They use a variety of tactics to break into tax professionals’ computer systems and steal client information if appropriate security measures have not been taken. A common tactic is called spear phishing in which the criminal singles out one or more tax preparers in a firm and sends an email posing as a trusted source such as the IRS, e-Services, a tax software provider or a cloud storage provider. Thieves also may pose as clients or new prospects. The objective is to trick the tax professional into disclosing sensitive usernames and passwords or to open a link or attachment that secretly downloads malware enabling the thieves to track every keystroke.

The “New Client” scam is one form of spear phishing. Here’s an example: “I just moved here from Michigan. I have an urgent Tax issue and I was hoping you could help,” the email begins. “I hope you are taking on new clients.” The email says one attachment is the IRS notice and the other attachment is the prospective client’s prior-year tax return. This scam has many variations. (See IR-2018-2, Security Summit Partners Warn Tax Pros of Heightened Fraud Activity as Filing Season Approaches.) The IRS Criminal Investigation division continues to investigate a series of data thefts at tax preparers’ offices earlier this year in which the criminals added a new twist to their scheme to file fraudulent tax returns. The thieves directed the fraudulent refunds into the taxpayers’ actual bank accounts. This scam has claimed thousands of taxpayer victims. (See IR-2018-17, Scam Alert: IRS Urges Taxpayers to Watch Out for Erroneous Refunds.)

Although reports of this data theft have lessened recently, taxpayers and tax professionals should remain on alert for this scam. And taxpayers should return any fraudulent refunds to the IRS the proper way as well as discuss security options for their checking or savings accounts with their financial institutions. Here are the recommended security steps by the Security Summit:

• Learn to recognize phishing emails, especially those pretending to be from the IRS, e-Services, your tax software provider or your cloud storage provider. Never open a link or any attachment from a suspicious email. Remember: The IRS never initiates an email.
  
  
• Create a data security plan using IRS Publication 4557, Safeguarding Taxpayer Data, and Small Business Information Security – The Fundamentals, by the National Institute of Standards and Technology. 
  
  
• Review internal controls:
• Install anti-malware/anti-virus security software on all devices (laptops, desktops, routers, tablets and phones) and keep software automatically updated.
  
  
• Use strong and unique passwords of 10 or more mixed characters, password protect all wireless devices, use a phrase or words that you can remember and change your password periodically.
  
  
• Encrypt all sensitive files/emails and use strong password protections.
  
  
• Back up sensitive data to a safe and secure external source not connected fulltime to your network.
  
  
• Wipe clean or destroy old computer hard drives that contain sensitive data.
  
  
• Limit access to taxpayer data to individuals who need to know.
  
  
• Check IRS e-Services account weekly for number of returns filed with EFIN

 If you have a security incident or a breach resulting in data disclosure, report the incident to the IRS Stakeholder Liaison for your state.

Officials with the Iowa Dept. of Transportation in Sioux City report southbound Interstate 29 traffic between U.S. 77, Iowa 12, and Wesley Parkway and Floyd Boulevard (exit 147a) in the Sioux City area, will be shifted to the southbound frontage road near Wesley Parkway to accommodate reconstruction of the southbound I-29 lanes, beginning at 3 p.m. Friday, March 23, until Thursday, Oct. 11, weather permitting. The southbound Pierce Street on-ramp and southbound Floyd Boulevard off-ramp will be closed.

Southbound I-29 traffic exiting to Floyd Boulevard will be asked to exit at Hamilton Boulevard and follow the signed detour. Detour maps can be viewed at https://iowadot.gov/i29

MEBANE, N.C. (AP) — Nearly 500,000 smoke detectors that might not be able to detect smoke are being recalled by a company based in North Carolina. The News & Observer reports the company Kidde (KIH’-duh) has issued a recall for models PI2010 and PI9010 due to a manufacturer defect. These models were sold nationwide and online from September 2016 through this January for $20 to $40. Model numbers can be found on the back of the units.

Kidde also recalled 38 million fire extinguishers last year. They had a design flaw that could have prevented them from working and parts of the extinguisher could detach with enough force to pose an impact hazard. Those with affected smoke alarms can register for replacements by calling 833-551-7739 or visiting kidde-smoke-alarm-recallusen.expertinquiry.com .

Sheriff’s officials in Pottawattamie County report 36-year old Ryan Jeffrey Krause, of Carter Lake, appeared at the Sheriff’s Office Wednesday to turn himself-in on warrants out of Council Bluffs. The warrants were for Driving While Barred, Obedience to Peace Officers, and Open Container. Krause was transported to the Pott. County Jail and turned over to Corrections staff. And, a man from Carson was arrested Wednesday night, following a disturbance at a residence in Carson. 36-year old Gary Allen Kuper was arrested for Domestic Assault with Injury, in connection with an incident that involved his wife. She suffered apparent, minor injuries during the incident.

More area and State news from KJAN News Director Ric Hanson.

Podcast: Play in new window | Download (6.0MB)

Subscribe: RSS

Police in Nebraska need your help finding a missing veteran who suffers from Post Traumatic Stress Disorder. Authorities say 28-year old Niccolas Anthony Rados was last seen February 22, 2018 when he was discharged from the Bellevue Medical Center in Omaha, Nebraska.

Niccolas Rados

Niccolas goes by the nickname “Nick,” and is a former 82nd Airborne Division paratrooper who suffers from PTSD.  His family is worried, as Nick  has not contacted his children or parents since his discharge from the medical center. In addition, his phone is out of service and there has been no social media activity. If you see him, or know where he is, please contact your local law enforcement agency.

CEDAR RAPIDS, Iowa (AP) — A federal magistrate won’t free before trial an Iowa youth basketball coach who’s accused of secretly recording some of his players undressing. U.S. Magistrate Kelly Mahoney ruled after video hearing Wednesday that 42-year-old Greg Stephen didn’t pose a flight risk but did pose a danger to the community. Prosecutors had asked the judge to keep the ex-Iowa Barnstormers co-director in custody. Stephen was arrested last week on a charge of knowingly transporting child pornography.

Court documents say Stephen has admitted taking secret videos of three players disrobing in a hotel bathroom in Illinois in January. He’s told investigators he secretly recorded his adolescent players undressing in an attempt to monitor their physical development. A trial date hasn’t been set.

Thirty-four state senators have joined 54 members of the Iowa House in voting for a resolution that ultimately could add a gun rights amendment to the Iowa Constitution. The same proposal must pass the legislature again in 2019 or 2020 before it could be presented to voters who decide whether amendments are added to the state constitution. Senator Brad Zaun, a Republican from Urbandale, says this is a very important issue to him. “I am trying to protect, at the highest level, our Second Amendment rights,” Zaun said. Senator Matt McCoy, a Democrat from Des Moines, says backers of the proposal are “completely tone deaf” to public opinion. “Across America people have been dealing with the impact of a school shooting,” McCoy said. “Tonight, it’s as if we’re preparing for the zombie apocolypse.” McCoy was among 15 senators who voted no.

Critics argued the proposal’s call for courts to use “strict scrutiny” when reviewing gun laws would lead to upending reasonable gun regulations. “We’ve gone to the extreme of our the right to bear arms. We’re having multiple murders in our schools. People have thousands of rounds of ammunition.” That’s Senator Tony Bisignano, a Democrat from Des Moines, who called the proposed amendment “simply ridiculous.” Senator Jason Schultz, a Republican from Schleswig, says the proposal probably doesn’t go as far as “James Madison, the father of the Bill of Rights,” would go were he alive today.

“I would imagine that when he wrote ‘shall not be infringed,’ he meant higher than ‘strict scrutiny,'” Schultz said. “That he meant zero tolerance. That he said: ‘Hands off. Get away from our weapons. The law-abiding shall not be hampered in their ability to possess…arms.'” Schultz and other Republicans in the Senate rejected the idea of putting the language of the Second Amendment from the U.S. Constitution in Iowa’s Constitution. Instead, the more expansive language approved in the Iowa House this past Monday is what won Senate approval last (Wednesday) night.

(Radio Iowa)

The only company licensed to produce medical marijuana in Iowa is moving forward with the construction of the facility where the plants will be grown and the cannabidiol oil will be extracted. MedPharm is the company created in a partnership with Des Moines-based Kemin Industries to develop the medical marijuana. Lucas Nelson is the general manager of Kemin’s outsourcing services and oversees the MedPharm construction at the Kemin facility.  “That build out is going very well and we’re about two weeks from completing first phase. That phase involves some of the grow areas and also the office area. With that complete we’ll turn to the rest of our vegetative and flower rooms,” Nelson says.

He says the growing rooms should be done by June and construction of the lab and the rest of the facility wrap up in September. “That should put us on target with a couple of weeks to spare to hit our December 1st good to deliver product to dispensaries,” Nelson says. “We’re tracking very well, although that is a very aggressive deadline, we do anticipate hitting that — like I said — with few weeks to spare.” Some states like California have the climate to be able to grow the marijuana plants outdoors — but Nelson says Iowa’s climate requires growing everything indoors. “This is a very, very controlled environment that these plants will live in, really their entire life cycle,” Nelson explains. “They’ll start in a large mother room, they’ll then move to separate grow rooms throughout their life cycle. And those rooms are controlled for humidity, temperature and light. Very specific controls to prevent any sort of bio-hazard, mites, other pests, that sort of thing.”

The first plants will come from outside the facility. “For security reasons we are not discussing where the originals are coming from,” according to Nelson. “As many growers can tell you — the interesting things is that once we have our first batch — we actually will be able to take cuttings from there and come up with the rest of our plants.” It will take roughly 10 weeks to get a plant to maturity. “They’re actually shocked by changing the amount of light the plants are receiving, and that shocks the plant….into producing the flowers, the buds. And that process takes another 10 weeks for full flowering. Once we get to that stage, we’ll take the plants, we’ll harvest them and they’ll be dried for roughly a week, and that dried plant material is what’s ground and then the oil is extracted from there,” Nelson says.

The amount of oil derived from each plant varies. “For some of the trim and kind of the excess parts of the plants you can maybe get seven percent oil yield,” Nelson says. “For some of the other plants — especially if they are grown in some of the best conditions and monitored closely– we’re hoping to get possibly up to 20 to 25 percent oil yield.” Once the oil is extracted the product will be sent out to five distributors. The process to award distribution licenses is still underway. Nelson says they will be key to getting feedback on the product. “Those will be kind of the front line of understanding what patients are looking for, if they are receiving all the benefits. If they are clamoring for something else,” Nelson says. “Also, MedPharm is keeping a close eye on the industry across other states. As you can imagine, some of the more robust medical cannibus states have a lot more data coming out of them about what people are seeking.”

MedPharm does have an agreement with a Colorado company to share information on products and manufacturing techniques as it gets underway with producing the oil.

(Radio Iowa)

(updated w/an additional arrest) Creston Police arrested four people on separate charges, Wednesday. Among them was 48-year old Victor Thatcher, of Creston, who was arrested just before 1-a.m. Wednesday at his home, for Domestic Abuse Assault by strangulation. Thatcher was being held in the Union County Jail on a $2,000 bond. At around 9:30-a.m., Wednesday, 33-year old Jared James Wilmeth, of Creston, was arrested on multiple Union County warrants for Probation Violation and Willful Injury. Wilmeth was being held in the Union County Jail on $18,000 bond.

Just before Noon, Wednesday, 21-year old Paul Albrechtsen, of Creston, was arrested for Driving While Suspended. His bond was set at $300. And, at around 3-p.m., Wednesday, 23-year old Blade Fox, of Creston, was arrested on a Union County warrant for Violation of Probation, on an original – Possession of a Controlled Substance – charge. Fox was released from the Union County Jail on a $1,000 bond.