IR-2024-84, March 28, 2024 WASHINGTON — The Internal Revenue Service today kicked off the annual Dirty Dozen list with a warning for taxpayers to be aware of evolving phishing and smishing scams designed to steal sensitive taxpayer information. With taxpayers continuing to be bombarded by email and text scams, the IRS and the Security Summit partners warned individuals and businesses to remain vigilant against these attacks. Fraudsters and identity thieves attempt to trick the recipient into clicking a suspicious link, filling out personal and financial information or downloading a malware file onto their computer. "Scammers are relentless in their attempts to obtain sensitive financial and personal information, and impersonating the IRS remains a favorite tactic,” said IRS Commissioner Danny Werfel. “People can be anxious to get the latest information about their refund or other tax issues, so scammers frequently try using the IRS as a way to trick people. The IRS urges people to be extra cautious about unsolicited messages and avoid clicking any links in an unsolicited email or text if they are uncertain.” Started in 2002, the IRS' annual Dirty Dozen campaign lists 12 scams and schemes that put taxpayers, businesses and the tax professional community at risk of losing money, personal information, data and more. While the Dirty Dozen is not a legal document or a formal listing of agency enforcement priorities, the education effort is designed to raise awareness and protect taxpayers and tax pros from common tax scams and schemes. As a member of the Security Summit, the IRS has worked with state tax agencies and the nation’s tax industry for nine years to cooperatively implement a variety of internal security measures to protect taxpayers. The collaborative effort by the Summit partners also has focused on educating taxpayers about scams and fraudulent schemes throughout the year, which can lead to tax-related identity theft. Through initiatives like the Dirty Dozen and the Security Summit program, the IRS strives to protect taxpayers, businesses and the tax system from cyber criminals and deceptive activities that seek to extract information and money. Phish or smish: Don’t take the bait The IRS continues to see a barrage of email and text scams targeting taxpayers and others. These schemes frequently peak during tax season but they continue throughout the year. Taxpayers face a wide variety of these scams and schemes. And tax professionals, payroll providers and human resource departments remain favorite targets of email and text scams since they have sensitive personal and financial information. One common example remains the “new client” scam that can target tax pros and others. That means taxpayers and tax professionals should be alert to fake communications posing as legitimate organizations in the tax and financial community, including the IRS and state tax agencies. These messages arrive in the form of unsolicited texts or emails to lure unsuspecting victims to provide valuable personal and financial information that can lead to identity theft. There are two main types: Phishing: An email sent by fraudsters claiming to come from the IRS. The email lures the victims into the scam with a variety of ruses such as enticing victims with a phony tax refund or threatening them with false legal or criminal charges for tax fraud. Smishing: A text or smartphone SMS message where scammers often use alarming language such as, "Your account has now been put on hold," or "Unusual Activity Report," with a bogus "Solutions" link to restore the recipient's account. Unexpected tax refunds are another potential lure for scam artists. Never click on any unsolicited communication claiming to be the IRS as it may surreptitiously load malware. It may also be a way for malicious hackers to load ransomware that keeps the legitimate user from accessing their system and files. In some cases, phishing emails may appear to come from a legitimate sender or organization that has had their email account credentials stolen. Setting up two-factor or multi-factor authentication with their email provider can reduce the risk of individuals having their email account compromised. Posing as a trusted organization, friend or family member remains a common way to target individuals and tax preparers for various scams. Individuals should verify the identity of the sender by using another communication method, for instance, calling a number they independently know to be accurate, not the number provided in the email or text. The IRS initiates most contacts through regular mail and will never initiate contact with taxpayers by email, text or social media regarding a bill or tax refund. What to do Individuals should never respond to tax-related phishing or smishing or click on the URL link. Instead, report all unsolicited email - including the full email headers - claiming to be from the IRS or an IRS-related function to phishing@irs.gov. If someone experienced any monetary losses due to an IRS-related scam incident, they should report it to the Treasury Inspector General for Tax Administration (TIGTA), the Federal Trade Commission and the Internet Crime Complaint Center (IC3). If a taxpayer receives an email claiming to be from the IRS that contains a request for personal information, taxes associated with a large investment, inheritance or lottery. Don't reply. Don't open any attachments. They can contain malicious code that may infect the computer or mobile phone. Don't click on any links. If a taxpayer inadvertently clicked on links in a suspicious email or website and entered confidential information, visit the IRS’ identity protection page. Send the full email headers or forward the email as-is to phishing@irs.gov. Don't forward screenshots or scanned images of emails because this removes valuable information. Delete the original email. If a taxpayer receives a text claiming to be from the IRS that contains a request for personal information, taxes associated with a large investment, inheritance or lottery. Don't reply. Don't open any attachments. They can contain malicious code that may infect the computer or mobile phone. Don't click on any links. If a taxpayer clicked on links in a suspicious SMS and entered confidential information, they should visit Identity Theft Central. Report the message to 7726 (SPAM). Include both the Caller ID and the message body in an email and send to phishing@irs.gov. Copy the Caller ID from the message by pressing and holding on the body of the text message, then select Copy, paste into the email. If the taxpayer is unable to copy the Caller ID or message body, forward a screenshot of the message. Delete the original text. For more information see the IRS video on fake IRS-related text messages. The Report phishing and online scams page at IRS.gov provides complete details. The Federal Communications Commission's Smartphone Security Checker is a useful tool against mobile security threats. Report fraud As part of the Dirty Dozen awareness effort regarding tax schemes and unscrupulous tax return preparers, the IRS urges individuals to report those who promote abusive tax practices and tax preparers who intentionally file incorrect returns. To report an abusive tax scheme or a tax return preparer, people should use the online Form 14242 – Report Suspected Abusive Tax Promotions or Preparers, or mail or fax a completed Form 14242 PDF and any supporting material to the IRS Lead Development Center in the Office of Promoter Investigations. Mail: Internal Revenue Service Lead Development Center Stop MS5040 24000 Avila Road Laguna Niguel, California 92677 3405 Fax: 877-477-9135 Taxpayers and tax professionals can also submit this information to the IRS Whistleblower Office, where they may be eligible for a monetary award. For details, refer to the sections on Abusive tax schemes and abusive tax return preparers. More information: Reporting phishing and online scams Here's how to avoid IRS text message scams Identity Theft Central Federal Communications Commission's Smartphone Security Checker Federal Trade Commission: How to recognize and report spam text messages