The deadline to file your taxes is rapidly approaching, but cyber criminals have already been hard at work trying to cash in with fraudulent tax returns. This tax season, experts say instead of targeting individual tax payers, scam artists are targeting tax professionals. "One of the challenges that we're seeing this year is that as tax professionals and the I.R.S. have become more and more sophisticated, so too have the adversaries," said Caleb Barlow, IBM Security's vice president of threat intelligence. Tax fraud is big business for cyber criminals. Last year Internet crimes netted the perpetrators $445 billion, with tax fraud as a primary focus, according to IBM Security, which monitors cyber crimes. "We had about 75 tax professionals report that they had been victims of some sort of a tax payer breach. So that unfortunately is a 60 percent increase for the same period of time last year," said Cecilia Barreda, an I.R.S. spokeswoman. The I.R.S. can recognize if a computer of an individual is filing too many tax returns, and will stop them for likely being fraudulent. But the agency expects tax professionals to file dozens, if not hundreds of tax returns on behalf of their clients. "If they [cybercriminals] can compromise a tax professional, they get access to two key things. One is the private information of that tax professional's clients that can be used to file tax returns on their behalf," Barlow said. "And in addition to that, they can use the IP address and the computer of the tax professional to actually do the filing with the I.R.S.," he added.

'Owned by the adversary'

Here is how the scam works: Cyber criminals target tax professionals with what is known as phishing — spam email that seems legitimate, but contains links or attachments laden with malware. "The minute that you click on that link, well, then you're owned by the adversary. And what this often means is that they can take control of that system that's normally used by that tax professional," Barlow said. Once a tax professional's computer is compromised, an attacker can steal the numbers and log-in information they use to file. "It's an I.P. address we seen before, it's a signature of a computer we seen before. We know it's a tax professional, so they are going be submitting lots of returns," said Barlow.

This is kind of a perfect storm where you have a lot of misinformation, a dearth of information, and these new techniques that are being widely used by these criminals looking for compromised computers belonging to tax prep professionals. Roman Sannikov director, Flashpoint

This year's tax season may be the perfect storm. With a new tax code coming in this year, there has been extra confusion. "This is kind of a perfect storm where you have a lot of misinformation, a dearth of information, and these new techniques that are being widely used by these criminals looking for compromised computers belonging to tax prep professionals," said Roman Sannikov, the director of European research and analysis for Flashpoint, a cybersecurity company. He added that "they can use to not only steal information, but also to file these returns in a much more successful way." However, the I.R.S. says tax fraud happens all the time. "I wouldn't go as far as saying the changes in tax law or tax reform are necessarily contributing to this problem. This is something that we see all the time," said the IRS's Barreda. Fraudsters often sell the tax pro information on the Dark Web. Flashpoint's Sannikov showed CNBC forums where cyber criminals share tax fraud information. "There are thousands, probably hundreds of thousands, of services that are selling this information on the deep and dark web," he said. And catching the scam artists is difficult. "It's kind of a no lose crime a lot of times for these individuals because a lot of times the individuals who are actually perpetrating the fraud are located outside of the United States, frequently outside of jurisdictions that work with the United States. So it's much harder for the long arm of the law to get these individuals to apprehend these individuals," Sannikov said.

Practice good 'cyber-hygiene'