IRS Warns Americans Beware Dangerous Tax Scams This Season

Lead: Tax season warning as IRS unveils 2026 Dirty Dozen

The Internal Revenue Service kicked off the 2026 filing season with a fresh reminder: criminals are upping their game as they pursue money and personal data. The agency released its updated Dirty Dozen list to flag the scams most likely to surface this year, from phony emails to AI-powered phone tactics. Officials say the threat isn’t going away, and taxpayers should stay on guard as the season begins.

In a statement tied to a broader awareness drive, IRS Commissioner Danny Werfel urged vigilance, noting that scammers continuously adapt their pitches to exploit busy taxpayers. “This is a year-round challenge, and crooks keep adjusting their methods to steal money and personal information,” Werfel said, underscoring the importance of steady caution beyond the April deadline.

The IRS emphasizes that the Dirty Dozen is not a one-time list but a dynamic alert system designed to flag emerging threats before they cause real harm. As filing season opens, the agency also points to broader cyber threats that can intersect with tax fraud, including data breaches and social media impersonation that prey on trust and urgency.

What’s new in the 2026 Dirty Dozen

The 2026 edition adds a notable shift toward digital channels, reflecting how fraudsters blend email, text, social media, and voice technology to reach their targets. The agency stresses that threats come from both individual scammers and organized rings that operate across borders. A new warning for this year centers on the ease with which criminals can spoof legitimate channels and mislead taxpayers into surrendering credentials or refunds.

The IRS notes that scammers have refined their playbooks to look and sound like official communications, but researchers say the basic warning signs remain consistent: urgency, threats of penalties, and requests for immediate action. The message is clear: the easiest way to stay safe is to slow down, verify, and never disclose sensitive information in response to an unsolicited outreach.

How scammers are evolving this year

• AI-assisted phone scams: Callers use computer-generated voices and spoofed numbers to imitate official entities, pressing victims to share Social Security numbers, tax IDs, or bank details.
• Phishing via text and email: Messages push recipients to click links or open attachments that install malware or lead to fake IRS portals.
• Social media impersonation: Fraudsters create pages and posts that mimic official accounts to lure people into providing data or clicking harmful links.
• Fake refund requests: Scammers imitate refund notifications or celebrate due amounts to coax immediate action.
• Imposter agents and return preparers: Fraudsters pose as legitimate preparers or IRS specialists to gain trust and access to accounts.
• Ransomware and data theft: Clicking malicious links can lock files or expose personal information, complicating tax filings and finances.
• QR code traps: Scammers use QR codes to direct victims to counterfeit sites or to install malware on mobile devices.
• Charity and disaster-related scams: Fraudulent drives claim to support relief efforts, diverting donations and personal data to thieves.
• Fake notices about penalties: Urgent threats of penalties or arrest push people toward immediate payments or credential sharing.
• Third-party payment scams: Phony billers attempt to collect taxes via unfamiliar payment apps or wire transfers.
• Data breach fallout: Breached employer or financial portal data is used to craft targeted tax scams that look credible.
• Vehicle and payroll fraud links: Fraudsters exploit payroll and fringe-benefit misstatements to confuse taxpayers about withholdings.

Notably, the IRS reported more than 600 social media impersonators in fiscal year 2025, illustrating how social channels have become a major battleground for identity theft and fraud. The agency says the impersonators are not always easy to spot, because they imitate familiar logos, color schemes, and even public responses from government accounts.

Key scams taxpayers should watch for

While the Dirty Dozen covers a broad range of tricks, several scam types merit extra scrutiny this season:

• Phishing emails that look official: Messages demand verification of accounts and prompt recipients to enter personal data on counterfeit websites.
• Phone calls that threaten immediate action: Robocalls or live calls claim tax penalties or urgent refunds awaiting confirmation.
• SMS and social media links: Texts and posts direct users to fake portals or ask them to download malicious apps.
• Refund and stimulus-style schemes: Scammers promise larger refunds or credits for quick action, then steal credentials.
• Return preparer fraud: Nonexistent or unscrupulous preparers misrepresent filings to steal fees or refunds.
• Charitable donation traps: Fraudulent charities channel funds to criminals instead of the intended cause.
• Fake notices about audits or collections: Threatening letters or emails pressure taxpayers into unnecessary payments.
• Data breach exploitation: Personal data obtained from breaches is used to tailor highly believable scams.
• Rogue payment apps and wire transfers: Payment requests come from unfamiliar apps that don’t offer recourse or security.
• Document forgery: Fraudsters present counterfeit IRS letters to appear legitimate and trick victims into sharing data.
• Credential stuffing: Reused passwords or weak credentials become entry points for filing fraud and identity theft.
• Fake tax relief schemes: Promises of guaranteed credits or special relief trigger trust and premature filings.

The IRS stresses that no one should make sudden payments or share credentials without verifying the source through official channels. The agency also reminds taxpayers to visit IRS.gov for official guidance and to contact the IRS directly if something smells off. “Always verify by calling or emailing through official channels,” Werfel emphasized, noting that most legitimate IRS contacts will arrive by mail first and will never demand immediate payment through a prepaid card or cryptocurrency.

How to protect yourself this filing season

The IRS offers a practical playbook for individuals and small businesses to reduce risk during tax season. Here are the steps that top risk managers and consumer advocates say work best:

• Think before you click: Don’t open unexpected emails, DMs, or text messages. Hover over links to check the domain, and never enter sensitive data on a site reached via an unsolicited message.
• Use official channels only: Access IRS services by typing IRS.gov into your browser, not by following a link from an email or text.
• Verify before you pay: If someone says you owe money, pause, and verify the claim via IRS.gov or a trusted tax professional.
• Protect your credentials: Use strong, unique passwords, enable multi-factor authentication, and monitor accounts for unusual activity.
• Report suspicious activity: Forward phishing emails to the IRS at phishing@irs.gov and report scams through the official portal.
• Guard your personal data: Do not share Social Security numbers, bank details, or copies of ID unless you initiated the contact and know the recipient.
• Be wary of urgency: Scammers use threats of penalties or timing pressure to speed decisions; take time to verify claims.

For small businesses, the risk is amplified by payroll and data-sharing practices. The IRS advises: audit trails, employee training on fraud indicators, and regular reviews of vendor invoices and credentials. Businesses should also keep a keen eye on fake tax calculators or fake relief portals aimed at corporate filers and contractors.

Why this matters for markets and consumers

Tax-related fraud can have a broad knock-on effect on consumer confidence and financial stability. When individuals worry about identity theft or delayed refunds, they may cut back on spending or alter investment plans. Market watchers say the phishing landscape, if left unchecked, can affect not just personal finances but the credibility of digital channels used across commerce and government services.

Analysts note that phishing, AI-assisted impersonation, and data breaches are not isolated tax issues; they reflect a broader shift in fraud trends that intersects with payment systems, online banking, and e-government tools. As such, the 2026 Dirty Dozen serves as a bellwether for how quickly scams adapt to new technology—and how quickly consumers and small businesses must adapt in response.

Public reaction and what comes next

Taxpayer advocates welcomed the emphasis on education and proactive warning. They say the real punch comes from combining the Dirty Dozen with clear, easily accessible consumer guidance and stronger reporting channels. The IRS has signaled it will expand outreach through social media, public service announcements, and partnerships with states and major tax industry groups to reach at-risk communities.

As the filing season heats up, the agency cautions that the climate remains volatile. The evolving tactics ensure that the message must be ongoing. In a recent framing of the year ahead, an IRS spokesperson summarized: warns americans beware dangerous scams will continue to evolve as criminals seek new ways to exploit trust, fear, and financial need.

Bottom line for readers

Taxpayers should treat the Dirty Dozen as a living warning, not a one-off list. If you receive an unexpected message about your taxes, pause, verify, and report if necessary. The IRS’s overarching goal is to reduce losses, preserve personal data, and keep the tax system functioning smoothly during a busy season that already tests wallets and nerves alike.

For more tips and up-to-date alerts, bookmark IRS.gov and follow official IRS channels. The 2026 filing season is underway, and staying informed is the best defense against increasingly sophisticated scams that threaten your finances this year.