Tax Mediation and Resolution Agency Scam Calls: The “Flagged Account” Voicemail Con

It usually arrives when you are not looking for it.

A missed call, a voicemail, and a transcript that sounds like it came from a serious office with a serious file in front of them.

“Resolution escalation… flagged for immediate follow up… unresolved activity…”

For a second, your mind does the work for them. IRS. Garnishment. Trouble.

That brief spike of panic is the opening the scammers want, because once you call back, the conversation is no longer about facts. It becomes about pressure, urgency, and getting you to do something you would never do on a normal day.

Scam Overview

What the “Tax Mediation and Resolution Agency” phone scam is

The “Tax Mediation and Resolution Agency” phone call scam is a common impersonation-style fraud that uses official-sounding language, vague threats, and a fast-moving script to push you into calling back, sharing personal information, and in many cases sending money.

The name itself is part of the trick. “Tax Mediation and Resolution Agency” sounds plausible, but it is usually either completely made up or designed to resemble legitimate tax relief services without being tied to any verifiable organization. Scammers rotate names constantly:

• Tax Mediation and Resolution Agency
• Tax Solutions and Review Agency
• Resolution Escalation Office
• Tax Resolution Team
• Tax Relief Department
• Compliance Review Unit

They often include a confident caller name, sometimes something that sounds formal and specific, like “Monica Fairchild,” plus a “department line” callback number. That detail is intentional. It creates the feeling that this is a real office with a real workflow, not a random scam call.

Why the voicemail is vague on purpose

A real tax issue comes with specifics: tax year, notice numbers, a clear amount, and written documentation that you can verify. Scammers avoid all of that.

Instead, they use phrases that trigger fear without giving you anything concrete to check:

• “Your account has been flagged”
• “Unresolved activity”
• “Immediate follow up required”
• “Resolution options available”
• “Enforcement action may proceed”

Vagueness is not a mistake, it is a strategy. If they provide details, you can fact-check them quickly. If they stay vague, your imagination fills in the worst-case scenario, and you call back to stop the discomfort.

The reality check most people do not know

One of the strongest safeguards is also the simplest: the IRS typically contacts taxpayers by mail first, not by a surprise robocall demanding urgent action.

That does not mean you will never receive a legitimate call about tax matters, but it does mean that an unsolicited voicemail claiming your account is “flagged” and pushing you to call a random “department line” should immediately be treated as suspicious.

The IRS also warns that it does not call demanding immediate payment using specific methods like gift cards, prepaid debit cards, or wire transfers.

So when a “Tax Mediation and Resolution Agency” caller starts steering you toward urgent payment, unusual payment methods, or secrecy, you are no longer in the world of tax resolution. You are in the world of fraud.

What the scammers are really selling

This scam generally takes one of two forms, and sometimes it blends both.

1) IRS impersonation style pressure
They imply consequences like garnishment, levy, lien, or “enforcement,” and they frame themselves as the last step before things get worse.

2) Tax relief style enrollment pitch
They claim you qualify for special programs, debt reduction, or a settlement solution, and they want you to pay a fee to “start” or “lock in” the process.

In both cases, the emotional engine is the same: urgency plus fear, followed by a promise of relief if you cooperate.

Common scripts and how they are structured

A typical voicemail transcript sounds like this:

“Hi, it’s [Name], calling from the resolution escalation office at the Tax Mediation and Resolution Agency. Our department line is [number]. I’m contacting you because your account has been flagged for immediate follow up due to unresolved activity…”

The script is designed to do three things quickly:

1. Sound official with titles like “resolution escalation office.”
2. Create urgency with words like “flagged” and “immediate follow up.”
3. Trigger uncertainty with “unresolved activity” instead of real details.

Once you call back, the scam becomes interactive, and that is where the real manipulation begins.

The red flags that show up again and again

If you are trying to spot this scam quickly, here are the most common warning signs.

Voice and messaging red flags

• Prerecorded or robotic voicemail tone
• A script that feels generic, with no tax year or notice number
• Pressure to act “today,” “before it escalates,” or “before enforcement”
• Threat language that jumps straight to consequences

Process red flags

• They ask you to verify identity using sensitive data right away
• They discourage you from calling the IRS directly
• They want you to stay on the phone while you take actions
• They claim there is a narrow window to “qualify” for relief

Payment red flags

• They request payment through gift cards, wire transfers, prepaid cards, crypto, or payment apps
• They claim the method is “required” to stop escalation
• They demand immediate payment before any documentation

The IRS explicitly warns that it does not demand immediate payment using specific payment methods such as gift cards, prepaid debit cards, or wire transfers, and that it generally mails a bill first.

The twist many victims do not expect: the tech support pivot

A growing number of “tax resolution” scams now include a second stage that looks like tech support fraud.

Here is what that can look like in the real world:

• You call back, they “verify” you, then claim they see suspicious activity.
• They say your identity was used to file something, or your device is compromised.
• They insist they must “secure your account” or “complete verification.”
• They push you to install remote access software like AnyDesk or similar tools.

Once a scammer has remote access, the situation can escalate fast. They can watch you log in to your bank, steer you into transfers, and pressure you into reading out verification codes. The entire thing is framed as help, which is why it is so effective.

Why smart, cautious people still get pulled in

This scam does not rely on stupidity. It relies on timing and emotion.

• Most people are not tax experts.
• Most people fear government consequences.
• Most people want problems resolved quickly.
• Most people do not expect a scam to sound so calm and procedural.

The script is engineered to feel like a “process,” not a threat. It gives you an action step, call back, press a number, “speak to an agent,” and that sense of structure can make the whole thing feel legitimate.

Who they target, and why it feels personal

These calls are often blasted out widely, but the scammers are skilled at making them feel personalized once you engage.

If you sound anxious, they become reassuring.
If you sound skeptical, they become more “official.”
If you mention a past issue, they lock onto it and build a story around it.

The goal is not to prove anything. The goal is to keep you talking long enough that compliance starts to feel easier than resistance.

What to do if you receive a suspicious tax-related call, even if you are unsure

The IRS’s guidance for suspicious IRS-related calls is straightforward: record the number and hang up, then report it to TIGTA, and report the number to phishing@irs.gov with “IRS Phone Scam” in the subject line.

Even if the call claims to be “tax debt relief” rather than IRS, the IRS also recommends recording the number and hanging up, and reporting suspicious tax debt relief calls to consumer protection agencies like the FCC and FTC.

That advice exists for a reason. The fastest way to lose money to this scam is to stay on the line.

How The Scam Works

Step 1: The voicemail drop that creates urgency without details

The scam begins with a voicemail that feels official but contains no verifiable specifics.

You will hear terms like:

• flagged
• unresolved activity
• escalation
• enforcement
• resolution options

The purpose is not to inform you. It is to create a feeling that you must act now to avoid consequences.

The wording is carefully chosen to hit your nervous system first and your logic second.

Step 2: The call-back connects you to a confident “agent” with a rehearsed process

When you call the number, the tone often shifts from threatening to helpful.

They may introduce themselves as:

• a resolution specialist
• a compliance agent
• a case manager
• an escalation officer

They speak quickly and confidently, like they handle these cases all day. That confidence is part of the con. The more normal they sound, the more likely you are to follow instructions.

This is also where they start gathering information.

Step 3: The “verification” questions that quietly collect valuable data

Early questions can seem harmless, but they are often designed to build a profile that can be used for identity theft, account takeover attempts, or future scams.

Common asks include:

• full name and address
• date of birth
• last 4 digits of SSN
• employer name
• estimated tax debt, even if you say you do not know
• banking institution name, framed as “confirming payment options”

This stage also serves another goal: compliance training. Once you answer five questions in a row, it becomes psychologically easier to answer the sixth, even if it is more sensitive.

Step 4: The fear squeeze, consequences get louder if you hesitate

If you question them, they often respond with pressure:

• “This is time-sensitive.”
• “Your file is being escalated.”
• “We are trying to stop enforcement.”
• “If you wait, you may lose eligibility for resolution options.”

Some will go further into threats, including law enforcement language, which the IRS has repeatedly identified as a scam pattern.

Even without explicit threats, the emotional message is the same: act now, or regret it.

Step 5: The “solution” pitch, special programs, fast-track enrollment, guaranteed outcomes

Now comes the relief.

They claim you qualify for a program that can reduce or eliminate the problem quickly. They often misuse real tax terms, or invent programs that sound like real ones.

Typical promises include:

• settling for a fraction of what you owe
• stopping wage garnishment immediately
• putting your account into a protected status within 24 hours
• wiping penalties or debt through a “resolution option”

The red flag is certainty. Real tax outcomes are not guaranteed over the phone by someone who has not reviewed your documents.

Step 6: The money ask, fees, payments, and methods designed to be irreversible

This is the moment where the scam turns into theft.

They may ask for an “enrollment” or “processing” payment, sometimes framed as a small amount to get started, then escalating later.

They may also push payment methods that are hard to reverse:

• gift cards
• prepaid debit cards
• wire transfers
• crypto

The IRS warns that it does not call to demand immediate payment using these specific methods. (IRS)

If the caller is directing you away from normal, traceable payment channels and toward gift cards or wires, that is the clearest signal you are dealing with a scam.

Step 7: The tech support pivot, remote access, and “security” as a cover for deeper theft

If they want more than a quick payment, they may pivot into device security.

They claim:

• your device is infected
• your identity is compromised
• your banking is at risk
• they need to “secure” you before proceeding

Then they instruct you to install remote access software. Once they can see your screen, they can:

• guide you into logging into your bank
• pressure you into sending money “to a safe account”
• trick you into approving transfers
• capture sensitive information and verification codes

This stage can be devastating because it feels cooperative. Victims often realize what happened only after money is missing or accounts are locked.

What To Do If You Have Fallen Victim to This Scam

1. Stop all contact immediately.
   Hang up, do not call back, and do not respond to additional calls or texts. Block the number if possible.
2. Write down the details while they are fresh.
   Note the callback number, what they claimed, what you shared, what they asked you to do, and any payment instructions. If you installed anything, write down the exact app name.
3. If you paid, contact your bank or card issuer right away.
   Explain that you were scammed and ask what can be done to stop or reverse the transaction.
   If you paid by wire, ask about a wire recall immediately.
   If you paid by gift cards, contact the gift card issuer right away. If the codes have not been redeemed, there may be a short window to freeze funds.
4. If you installed remote access software, disconnect and remove it immediately.
   Turn off WiFi and mobile data, uninstall the remote access tool, and restart the device.
   If you used online banking during the session, assume the device was exposed and move quickly to secure accounts.
5. Change passwords from a clean device, starting with email and banking.
   Use a device you trust. Start with your email account first, then banking and payment apps, then your Apple ID or Google account. Turn on 2-factor authentication wherever possible.
6. Run a full security scan and strengthen your browser protection.
   If this scam involved downloads, links, or remote access, run a scan with Malwarebytes to check for malware and unwanted programs.
   Install AdGuard to reduce malicious ads, scam pop-ups, and redirect pages that often push fake support numbers and “urgent” warnings.
7. Report the scam to the right places.
   The IRS recommends recording the number and hanging up, then reporting IRS-related scam calls to TIGTA, and reporting the number to phishing@irs.gov with “IRS Phone Scam” in the subject line.
   If the call presented itself as tax debt relief rather than IRS, the IRS also suggests reporting suspicious tax debt relief calls to agencies like the FCC and FTC.
8. If you shared sensitive personal information, take identity theft precautions.
   If you provided SSN, ID photos, or banking details, consider a fraud alert or credit freeze with major credit bureaus. Monitor for new accounts, password reset attempts, and unusual activity.
9. Verify your real tax situation safely, using official channels.
   Do not use the number from the voicemail. If you are concerned about taxes, use official IRS resources and verified contact paths. The IRS provides guidance on how to recognize tax scams and how it contacts taxpayers.

Is Your Device Infected? Scan for Malware

If your computer or phone is slow, showing unwanted pop-ups, or acting strangely, malware could be the cause. Running a scan with Malwarebytes Anti-Malware Free is one of the most reliable ways to detect and remove harmful software. The free version can identify and clean common infections such as adware, browser hijackers, trojans, and other unwanted programs.

Malwarebytes works on Windows, Mac, and Android devices. Choose your operating system below and follow the steps to scan your device and remove any malware that might be slowing it down.

After cleaning your device, it’s important to protect it from future infections and annoying pop-ups. We recommend installing an ad blocker such as AdGuard. AdGuard blocks malicious ads, prevents phishing attempts, and stops dangerous redirects, helping you stay safe while browsing online.

The Bottom Line

The “Tax Mediation and Resolution Agency” phone call scam is designed to feel urgent, official, and procedural, while giving you almost nothing you can verify.

That is not a bug in the script. It is the point.

If you receive a voicemail saying your account is “flagged” or there is “unresolved activity,” treat it as suspicious, do not call back, and verify independently. Remember the anchors the IRS repeats: it generally contacts people by mail first, and it does not demand immediate payment using gift cards, prepaid cards, or wire transfers.

If you already engaged, you can still shut it down. Step away from the scammer, secure accounts, scan your device, and report the attempt. The faster you move from panic to practical steps, the less damage this script can do.

FAQ

What is the “Tax Mediation and Resolution Agency” phone call scam?

It’s a scam where callers pretend to be from an official-sounding “tax help” or “resolution” agency. They use urgent language like “your account has been flagged” or “unresolved activity” to push you into calling back, sharing personal information, paying fees, or installing software.

Is “Tax Mediation and Resolution Agency” a real government agency?

In these scam calls, the name is usually made up or intentionally vague. Real government agencies do not handle tax enforcement through generic robovoicemails with random callback numbers.

Why do these voicemails say my account was “flagged”?

Because it creates panic without giving details you can verify. Scammers want you to imagine the worst, then call back quickly before you check official sources.

Are these calls actually from the IRS?

Almost always, no. Scammers may mention the IRS directly or imply IRS involvement. A big red flag is urgency combined with vague claims and a push to call a “department line” that you cannot independently verify.

Would the IRS leave a voicemail like this if I really owed taxes?

Real tax issues usually come with written notices that include specific information, like the tax year, notice numbers, and clear instructions. A vague “flagged account” voicemail is not how legitimate tax collection is typically started.

What are the biggest red flags that it’s a scam?

Common red flags include:

• Prerecorded voicemail or robocall
• Vague phrases like “unresolved activity” with no tax year or notice number
• Pressure to act immediately or “today”
• Threats of garnishment, levy, arrest, deportation, or police involvement
• Requests for sensitive info right away (SSN, banking info, photos of ID)
• Demands to pay using gift cards, wire transfers, crypto, or prepaid cards
• Instructions to install remote access tools to “secure” your device

They mentioned “Offer in Compromise.” Does that make it legitimate?

No. Offer in Compromise is a real IRS program, but scammers misuse the term to sound credible. Real eligibility requires documentation and review, not a quick phone call with guaranteed promises.

Can the IRS demand payment using gift cards or wire transfers?

No. Gift cards, prepaid cards, and urgent wire transfers are classic scam payment methods. If anyone asks for gift cards or the codes on the back, treat it as fraud and stop contact immediately.

Should I call back “just to confirm”?

No. Don’t call back and don’t press any keypad options. If you want to verify your tax situation, use official IRS contact methods you look up yourself, not the number in the voicemail.

I called back and gave them my name, address, or SSN. What should I do now?

Take action quickly:

• Stop contact and block the number
• Change your email password first, then banking and payment passwords
• Turn on 2-factor authentication
• Watch for password reset attempts and suspicious logins
• Consider a fraud alert or credit freeze if you shared SSN or ID images

They told me my phone or computer is hacked and asked me to install AnyDesk. What does that mean?

That is a common escalation into remote access theft. If you install remote access software, scammers can see your screen, control your device, and guide you into logging into bank accounts or approving transfers.

I installed remote access software. What should I do immediately?

Do this in order:

1. Disconnect from the internet (WiFi and mobile data)
2. Uninstall the remote access app
3. Restart the device
4. Run a full scan with Malwarebytes
5. Change passwords from a different, trusted device
6. Contact your bank if you accessed financial accounts while scammers had access

I paid them. Can I get my money back?

It depends on how you paid:

• Card payments: call your bank and ask about chargebacks and fraud claims
• Wire transfers: ask immediately about a wire recall
• Gift cards: contact the card issuer right away, there may be a chance to freeze funds if codes were not redeemed yet
  Acting fast gives you the best chance.

How can Malwarebytes and AdGuard help after a scam call?

• Malwarebytes can scan for malware, adware, and unwanted programs, especially if you installed anything or allowed remote access.
• AdGuard can reduce malicious ads, scammy pop-ups, and redirect pages that often push fake “support” numbers and urgent warnings.

Where should I report this scam?

Report it to:

• TIGTA (Treasury Inspector General for Tax Administration)
• phishing@irs.gov (include the phone number and details, and use a subject like “IRS Phone Scam”)
  You can also report the number as spam to your phone carrier and file reports with consumer protection agencies.

How can I reduce scam calls like this in the future?

A few practical steps:

• Let unknown numbers go to voicemail
• Block repeat scam numbers
• Enable spam call filtering on your phone
• Never call back numbers left in suspicious voicemails
• Keep devices updated, use AdGuard to reduce malicious ad exposure
• Run periodic scans with Malwarebytes, especially after any suspicious interaction

What should I tell a friend or family member who received the same voicemail?

Tell them: do not engage. Don’t press buttons, don’t call back, don’t share personal info, and don’t install anything. If they are worried about taxes, verify using official IRS resources and independently found contact information.