Tax season is prime time for scammers. And, while the tactics change from year to year, most tax scams rely on the same playbook: urgency, impersonation, and pressure to act before you’ve had time to think. To avoid costly mistakes, the IRS recommends you brush up on the core warning signs.
How to recognize a tax scam
Tax scammers typically try to create panic. Their messages may claim you owe back taxes, are about to lose a refund, or must act immediately to avoid penalties. These fraudsters may pretend to be from the IRS, a tax preparation service, or even your credit union.
Be cautious if you receive unsolicited emails, texts, or calls claiming to be from the IRS, and treat all of the following as major red flags:
- Threats of arrest, deportation, or account seizure
- Requests for payment via gift cards, wire transfers, or cryptocurrency
- Demands for sensitive information like your Social Security number or account logins
- Pressure to act fast or keep the situation secret
Know how the IRS will (and won’t) contact you
Understanding how the IRS communicates makes it much easier to spot a fake. The IRS typically contacts taxpayers by mail first, not by phone, text, or email. In limited cases, the IRS may send emails or texts, but only if you’ve opted in or given permission, and those messages won’t include demands for payment or sensitive information.
If the IRS does call you, it will usually be to follow up on a letter they’ve already sent and will not use threats or high-pressure tactics.
They will also not:
- Demand immediate payment
- Request payment or details on social media
- Request payment through gift cards, prepaid cards, or digital wallets
- Ask for personal or financial information via unsolicited messages
- Threaten to call law enforcement or immigration officials
- Take your citizenship status, driver’s license, or business license
Any message that breaks these rules should be treated with suspicion.
Use an IRS Identity Protection PIN
An IRS Identity Protection PIN (IP PIN) is a six-digit number that helps prevent scammers from filing a tax return in your name. It is available to anyone with a Social Security Number (SSN) or Taxpayer Identification Number (ITIN). Once enabled, the IP PIN is known only to you and the IRS and serves as an added layer of security, ensuring that only you or an authorized tax professional can file your return.
An IP PIN is:
- A six-digit number required to file your federal tax return
- Valid for one calendar year.
- Reissued annually once you’re enrolled
- Generally available in your online account starting in mid-January through mid-November
- Required for identity theft victims whose accounts have been compromised
- Not something the ORS will ever ask you to share by phone, email, or text
An IP PIN is especially helpful if you’ve experienced identity theft before, but anyone can opt in. It’s a simple step that can block fraudulent returns before they’re filed.
What to do if you think you’ve been scammed
If something feels off, stop engaging with the message or caller. Scammers rely on urgency to push people into quick decisions, so pause and verify before taking action. Avoid clicking links or downloading attachments in emails and text, and above all, avoid giving out personal details via email, text, or social media. If someone contacts you by phone, hang up and verify the request using a trusted phone number before sharing any information. Then, take the following steps to protect yourself.
If you suspect a tax scam:
- Report suspicious IRS-related emails or texts to the IRS
- Monitor your accounts and credit for unusual activity
- Reach out to your financial institution if you’re concerned about your accounts
When in doubt, trust your instincts. Scammers may change their tactics, but a little caution goes a long way toward protecting both your refund and your peace of mind.
Want more tips on avoiding scams?
- Learn about the top tax-season scams (a.k.a., the IRS Dirty Dozen)
- Check your risk for identity theft and learn how to protect yourself.
- Find out how to give yourself a cybersecurity makeover.