Don’t Get Scammed! Top IRS Tax Scams to Watch for in 2024
Written by: Thomas Orsolya
Published on:
The Internal Revenue Service (IRS) warns taxpayers to be vigilant against increasingly sophisticated tax scams every year. As scammers find new ways to trick taxpayers into divulging personal information or making payments, knowing how to identify scams is critical.
This article will provide an overview of the top 5 IRS tax scams likely to target taxpayers, explain how the scams work, offer advice for those who may have fallen victim, and provide key takeaways to avoid becoming a victim.
This article contains:
Overview
Tax scams pose a serious threat, allowing criminals to steal money and identities from unsuspecting taxpayers. The IRS reported a massive surge in scam attempts during the COVID-19 pandemic, as government relief payments created new opportunities for fraudsters.
While scam tactics evolve each year, common schemes include phishing emails and texts designed to mimic legitimate IRS communications. Criminals request personal information or install malware that steals data for identity theft. Bogus calls threaten arrest, deportation, or license revocation if immediate payment is not made.
Knowing the latest scams and the red flags can help taxpayers identify improper or suspicious contacts before falling victim. The following overview outlines four of the top expected IRS tax scams, providing details on how they work and advice to avoid becoming a target.
#1 IRS Tax Refund Scam
One of the most ubiquitous scams each tax season involves emails, texts, and social media messages related to an unclaimed tax refund. Criminals pretend to be from the IRS, telling the recipient that they qualify for a tax refund. Scammers then provide instructions to claim the refund, typically directing victims to click on a link to submit personal details.
How the Tax Refund Scam Works
This scam starts when a taxpayer receives an unexpected message regarding an IRS tax refund. Emails, social media messages, and texts are common strategies.
The message appears credible on the surface. It may:
Reference the potential victim by name and include their email address or phone number. Criminals buy and sell personal information online or make educated guesses after data breaches.
Use IRS logos, images, or header formatting mimicking a legitimate agency communication.
Provide a case number, refund amount, and steps to claim the funds. Refund amounts of a few hundred to several thousand dollars are common to entice action.
Direct the taxpayer to click on a link to complete a form, provide bank details, or confirm eligibility. The link leads to a fake IRS website controlled by scammers.
Once on the fraudulent site, taxpayers are prompted to enter sensitive data like Social Security numbers, bank account information, or copies of personal documents. Criminals use this data for identity theft or directly steal any refund owed to the taxpayer.
This scam is effective because it takes advantage of a situation familiar to most taxpayers – waiting on an expected tax refund. Guarding personal data is key to avoiding this scam.
What to Do if You Fell Victim to the Tax Refund Scam
If you provided sensitive information or clicked on links in a suspicious tax refund contact, take these steps quickly:
Contact banks and credit cards: Alert your financial institutions to the potential data compromise. Freeze accounts as warranted and watch for fraudulent charges.
Change passwords: Update passwords for email, financial accounts, IRS accounts, and other login portals that use the same password. Make passwords long and complex.
Check credit reports: Request free annual credit reports from Equifax, Experian and TransUnion to check for signs of new accounts or addresses opened by identity thieves. Consider placing a credit freeze with each bureau.
File an IRS ID Theft Affidavit: Notify the IRS that a scammer attempted to claim your refund by filing an Identity Theft Affidavit (Form 14039). This alerts them for special screening of your return.
Report to the Treasury Inspector General for Tax Administration: Report IRS imposter scams to help stop ongoing schemes and prosecute criminals.
By reporting the scam attempt and taking precautions, you can reduce the chances of refund theft or identity compromise. But acting swiftly after engaging with a suspicious contact is critical.
#2 IRS “Offer in Compromise” Scam
Debtors learning about the IRS “Offer in Compromise” program for tax debt reduction often become targets of a related scam. Criminals pretend to represent legitimate Offer in Compromise services to deceive vulnerable taxpayers.
How the Offer in Compromise Scam Works
With this scam, victims typically receive an email or see an online advertisement promoting tax debt relief through the IRS Offer in Compromise (OIC) program. Tactics to appear credible include:
Using the IRS logo and official program name.
Citing experienced tax attorneys or enrolled agents who can renegotiate tax debt.
Promising to lower owed balances by 70% to 90%.
Providing realistic-looking websites with application forms and payment portals.
Taxpayers struggling with liabilities are enticed to contact the advertised company for help applying for relief. The scammers then exaggerate eligibility and push victims to pay large upfront fees of several thousand dollars for the OIC process. Payments are requested via wire transfer, gift card, cryptocurrency, or prepaid debit card to enable quick theft.
Once payments are collected, scammers take the money without filing an Offer in Compromise. The compromised personal data also facilitates future identity theft.
What to Do if You Fall for an OIC Scam
Those tricked by an Offer in Compromise scam should take these steps right away:
Alert your bank: If you paid by credit card, have the issuer reverse the charges for fraudulent transactions. For wire transfers, contact the originating bank to try stopping or reversing the payment.
Report the fraud: File complaints with the Federal Trade Commission and your state attorney general regarding the deceptive business practices. Provide any available details on the scam company.
Place fraud alerts: Contact credit bureaus to request fraud alerts on your credit files and order credit reports to check for misuse. Consider freezing credit records to block thieves from opening new accounts.
Assess tax impacts: Talk to a legitimate tax professional to understand if and how the scam impacts your actual tax liability and IRS repayment options like the real OIC program. Ensure future filings are accurate.
Report to TIGTA: Notify the Treasury Inspector General for Tax Administration about IRS scams to help warn others and stop ongoing schemes.
#3 Fake IRS Tax Assistance Program
Another common ruse tricks taxpayers into paying for fake tax assistance or services to lower their tax bills. Scam artists pretend to represent new IRS tax relief, payment, or filing programs to appear credible.
How the Tax Assistance Scam Operates
This scam starts with an unsolicited phone call, email, text, or social media message promoting some urgent new IRS tax break or filing option. Criminals typically pretend to be affiliated directly with the IRS versus a tax prep company. Common scam tactics include:
Citing a new law or COVID-19 relief program providing tax credits or requiring special filings. This hooks worried taxpayers needing updated information.
Using threats of audits or penalties to make taxpayers think they missed important changes or compliance items.
Including real IRS phone numbers in emails or telling taxpayers to call for eligibility verification. The numbers connect to scammers posing as IRS help desk agents.
Directing victims to a website seeking personal data to “pre-qualify” for benefits or register for tax assistance.
Charging a fee of $50+ to establish eligibility, register for the fake program, or receive direct assistance with filing, back taxes, audits or levies.
Once payments are collected, scammers disappear without providing services. Compromised information also enables future fraud.
What to Do if You Paid for Phony Tax Assistance
Taxpayers scammed into paying for useless tax help services should take these steps to mitigate losses and damages:
Alert banks and credit cards: Report fraudulent charges and monitor accounts for other suspicious charges.
Verify filing details: Talk to a legitimate tax professional to ensure no issues with past returns or payments claimed through the scam. Confirm any details provided to scammers have not compromised your tax accounts.
Report tax identity theft: If concerns about personal data compromise, file an IRS ID Theft Affidavit (Form 14039) to flag your account for credit monitoring.
File FTC and state complaints: Report deceptive business practices and details on the scam company to consumer protection agencies. Provide any company names, websites, addresses, or contact information.
Monitor credit reports: Order free annual credit reports to watch for signs of new accounts or addresses opened by ID thieves. Place fraud alerts or credit freezes if concerned about data misuse.
#4 Fake IRS Unpaid Taxes Notice
One long-running scam tactic is to contact taxpayers claiming they owe back taxes to the IRS. Criminals threaten penalties or arrest if immediate payment is not made, creating fear to trick urgency.
Here’s the continuation of the article:
How the Unpaid Taxes Scam Works
This scam starts with contact by phone, email, text or letter claiming the recipient has unpaid back taxes and serious consequences are coming if immediate payment is not made. Tactics to scare taxpayers include:
Phone calls from individuals claiming to be IRS agents and referencing badge numbers or employee IDs. Calls may also come from numbers spoofed to appear as IRS offices.
Letters sent via postal mail with IRS letterhead and officer names and signatures. Details like addressed from actual IRS campuses add legitimacy.
Emails with IRS logos and headers linking to official-looking sites controlled by scammers.
Text messages providing case numbers and threats of penalties or arrests if funds are not remitted quickly.
Once contacted, taxpayers are told they owe sometimes tens of thousands in unpaid taxes, though amounts can vary. Scammers threaten consequences like property liens, bank levies, asset forfeiture, or arrest if immediate payment is not made.
Victims are instructed to pay purported tax debts via difficult-to-recover methods like gift cards, wire transfers, cryptocurrency, or prepaid debit cards. Scammers also request sensitive data like Social Security numbers and bank details to facilitate identity theft.
Frightened taxpayers end up scammed out of large sums, though no back taxes were actually owed. This scam persists given the innate fear of IRS penalties and enforcement action.
What to Do if You Paid Fake Back Taxes
Taxpayers tricked by back taxes scams should take the following steps:
Verify with the IRS: Contact the IRS directly to validate if any unpaid balances truly exist or confirm any enforcement actions initiated. Often scammers fabricate the debts.
Alert banks and card issuers: Report unauthorized charges paid toward the scam debts and monitor accounts closely for follow-on fraud.
File reports: Submit detailed scam reports to the Treasury Inspector General for Tax Administration, Federal Trade Commission, and state attorney general.
Address possible ID theft: Pull credit reports and place fraud alerts or a credit freeze if the compromise of personal data could enable identity theft.
Seek legal and tax help: Consult a tax professional and lawyer to address damages from bogus payments, ensure no pending issues with the real IRS, and pursue refund of any fraudulent payments if possible.
#5 Fake IRS Audit Notification Scam
Scammers often try to take advantage of taxpayers’ fears of being audited by sending fake IRS audit notices. The notices threaten dire penalties and try to trick people into paying fake fees or “fines.”
How the Fake Audit Scam Works
This scam typically starts with the taxpayer receiving a letter, email, or phone call claiming to be from the IRS auditor’s office. The communication will:
Allege discrepancies or problems identified on a recent tax return. Scammers often say taxes were underreported or something was suspicious.
Threaten the taxpayer with steep civil or criminal penalties for tax evasion if the ambiguous issues are not addressed.
Provide a short deadline of 2-3 weeks to contact the IRS and begin “audit proceedings.” This is meant to incite panic.
Include a fake case number, IRS letterhead, and officer’s name/signature for legitimacy. Calls will reference badge numbers.
Once contacted, the scammers will request personal information to “verify identity” and bank account details to process “fines.” Victims may also be told to pay gift cards or other unusual means. The data enables future identity theft.
What to Do if You Get a Fake IRS Audit Notice
If you receive a suspicious audit notification, take these steps:
Call the IRS to verify if any real audits or issues with past returns exist. Often the notices are complete fakes.
Do not provide any personal or financial information to the scammers who contact you.
Save emails or letters as evidence and report the scam attempt to the Treasury Inspector General for Tax Administration.
If concerned about identity theft, request credit reports and consider placing fraud alerts or a credit freeze with credit bureaus.
The IRS will not call or email about audits out of the blue. Any legitimate inquiries will arrive by mail and through established processes giving taxpayers rights to appeal findings.
Is Your Device Infected? Check for Malware
If your device is running slowly or acting suspicious, it may be infected with malware. Malwarebytes Anti-Malware Free is a great option for scanning your device and detecting potential malware or viruses. The free version can efficiently check for and remove many common infections.
Malwarebytes can run on Windows, Mac, and Android devices. Depending on which operating system is installed on the device you’re trying to run a Malwarebytes scan, please click on the tab below and follow the displayed steps.
Malwarebytes For WindowsMalwarebytes For MacMalwarebytes For Android
Scan your computer with Malwarebytes for Windows to remove malware
Malwarebytes stands out as one of the leading and widely-used anti-malware solutions for Windows, and for good reason. It effectively eradicates various types of malware that other programs often overlook, all at no cost to you. When it comes to disinfecting an infected device, Malwarebytes has consistently been a free and indispensable tool in the battle against malware. We highly recommend it for maintaining a clean and secure system.
Download Malwarebytes for Windows
You can download Malwarebytes by clicking the link below.
After the download is complete, locate the MBSetup file, typically found in your Downloads folder. Double-click on the MBSetup file to begin the installation of Malwarebytes on your computer. If a User Account Control pop-up appears, click “Yes” to continue the Malwarebytes installation.
Follow the On-Screen Prompts to Install Malwarebytes
When the Malwarebytes installation begins, the setup wizard will guide you through the process.
You’ll first be prompted to choose the type of computer you’re installing the program on—select either “Personal Computer” or “Work Computer” as appropriate, then click on Next.
Malwarebytes will now begin the installation process on your device.
When the Malwarebytes installation is complete, the program will automatically open to the “Welcome to Malwarebytes” screen.
On the final screen, simply click on the Open Malwarebytes option to start the program.
Enable “Rootkit scanning”.
Malwarebytes Anti-Malware will now start, and you will see the main screen as shown below. To maximize Malwarebytes’ ability to detect malware and unwanted programs, we need to enable rootkit scanning. Click on the “Settings” gear icon located on the left of the screen to access the general settings section.
In the settings menu, enable the “Scan for rootkits” option by clicking the toggle switch until it turns blue.
Now that you have enabled rootkit scanning, click on the “Dashboard” button in the left pane to get back to the main screen.
Perform a Scan with Malwarebytes.
To start a scan, click the Scan button. Malwarebytes will automatically update its antivirus database and begin scanning your computer for malicious programs.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check the status of the scan to see when it is finished.
Quarantine detected malware
Once the Malwarebytes scan is complete, it will display a list of detected malware, adware, and potentially unwanted programs. To effectively remove these threats, click the “Quarantine” button.
Malwarebytes will now delete all of the files and registry keys and add them to the program’s quarantine.
Restart your computer.
When removing files, Malwarebytes may require a reboot to fully eliminate some threats. If you see a message indicating that a reboot is needed, please allow it. Once your computer has restarted and you are logged back in, you can continue with the remaining steps.
Your computer should now be free of trojans, adware, browser hijackers, and other malware.
If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future. If you are still having problems with your computer after completing these instructions, then please follow one of the steps:
Scan your computer with Malwarebytes for Mac to remove malware
Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Mac.
You can download Malwarebytes for Mac by clicking the link below.
When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.
When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.
Select “Personal Computer” or “Work Computer”.
The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
Click on “Scan”.
To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
Wait for the Malwarebytes scan to complete.
Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
Your Mac should now be free of adware, browser hijackers, and other malware.
If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future. If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.
Scan your phone with Malwarebytes for Android to remove malware
Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.
Download Malwarebytes for Android.
You can download Malwarebytes for Android by clicking the link below.
In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.
When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process
When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options. This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue. Tap on “Got it” to proceed to the next step. Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue. Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android
You will now be prompted to update the Malwarebytes database and run a full system scan.
Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.
Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
Your phone should now be free of adware, browser hijackers, and other malware.
If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future. If you are still having problems with your phone after completing these instructions, then please follow one of the steps:
Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
1. How can I tell if a call, email, text or letter from the IRS is a scam?
The IRS will never initiate contact by phone, email, text or social media to discuss your tax affairs. Any unexpected calls or messages claiming to be the IRS should be treated as suspicious. The IRS nearly always starts communication via postal mail.
Legitimate IRS staff will not threaten you or demand immediate payment without chance to question or appeal the amounts owed. Threats of arrest, deportation or asset seizure are common scare tactics scammers use but are not how the IRS operates. Requests for strange payment types like gift cards or wire transfers are also clear red flags of fraud.
2. I received an email/text/call about a tax refund I wasn’t expecting. What should I do?
Unexpected communication instructing you to claim a tax refund is almost surely a scam attempt to steal your personal information. Do not click links, provide data, or engage in any way. Forward suspicious emails pretending to be from the IRS to phishing@irs.gov. Report unsolicited texts or social media contacts to the IRS.
Call the IRS directly if you have any doubt about expected refunds or tax documents. The IRS will never request your full SSN, bank details, or copies of sensitive information over email to release a refund. Beware phone numbers in suspicious emails as they typically connect to scam call centers.
3. Are threats of arrest or asset seizure for unpaid taxes common?
Threats of immediate arrest or asset seizure are a frequent scare tactic used by IRS imposter scams via phone, email, text and letter campaigns. However, the IRS cannot legally enforce criminal charges for unpaid taxes and does not conduct raids on homes or businesses. Financial penalties and interest are more likely results of tax underpayment or delinquency.
If contacted with threats of legal action or asset seizure, report the incident to TIGTA and local law enforcement. Call the IRS directly regarding any purported tax bills to avoid being swindled by the threats of scammers.
4. What are signs of the “Offer in Compromise” scam?
Misuse of the IRS “Offer in Compromise” program is a common scam tactic. Warning signs include unsolicited promotions via email or online ads for guaranteed tax debt relief through an OIC. Scam companies also request large upfront fees of several thousand dollars to prepare or submit an OIC application for you.
The real IRS OIC program does not work with or endorse any private companies. All official guidance on the program is available free on the IRS website. Applications involve rigorous eligibility reviews and not guarantees of approval. Never pay any company substantial fees prior to preparing or filing an Offer in Compromise.
5. Are there legitimate IRS tax assistance programs that help taxpayers?
Yes, the IRS provides several programs to help taxpayers with tax preparation, filing, payments, and navigating audits or collections. However, assistance is limited for most initiatives and
The Bottom Line: Protecting Yourself from IRS Tax Scams
IRS impersonation scams arise each tax season and evolve as scammers find new ways to take advantage of taxpayers. Whether via fake refunds, relief programs, or unpaid tax bills, their goal is to steal money and data.
Taxpayers can avoid becoming victims by understanding common scam tactics and red flags. Legitimate IRS contacts will not:
Threaten arrest, deportation, revocation of licenses, or seizure of property for nonpayment.
Demand immediate payment via gift cards, wire transfer, or cryptocurrency. The IRS provides multiple payment options, none of which involve these obscure methods.
Request sensitive data like Social Security numbers or bank account details via email, text or social media.
Use email, text, or social media to discuss tax bills or refunds. IRS rarely initiates contact outside postal mail.
Staying vigilant against scams and understanding how to respond if you fall victim can protect from tax identity theft and financial losses. Report any suspected IRS scams to the Treasury Inspector General for Tax Administration to assist enforcement efforts targeting these criminal operations.
How to Stay Safe Online
Here are 10 basic security tips to help you avoid malware and protect your device:
Use a good antivirus and keep it up-to-date.
It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.
Keep software and operating systems up-to-date.
Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.
Be careful when installing programs and apps.
Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."
Install an ad blocker.
Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.
Be careful what you download.
A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.
Be alert for people trying to trick you.
Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.
Back up your data.
Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.
Choose strong passwords.
Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.
Be careful where you click.
Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.
Don't use pirated software.
Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.
To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.
Meet Thomas Orsolya
Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.
