Don't Let Tax Time Be the Perfect Time for Scammers to Steal Your Identity and Tax Refund
Image: NCCC

Don't Let Tax Time Be the Perfect Time for Scammers to Steal Your Identity and Tax Refund

Criminals are ever-evolving and steal sensitive data from hard-working people, who then lose their identities and money in the process

March 2, 2025

As we begin preparing 2024 returns, be especially vigilant: scam activity spikes now through the April 15 filing deadline. Phishers, spoofers and malware operators prey on last-minute rushes and confusion over new tax forms. Protect yourself by knowing how they operate and what the IRS will, and won’t—do.

Scams peak as the deadline nears

Fraudsters step up calls, texts and emails in March and early April, hoping you’ll panic about a “late filing penalty” or last-minute information request. Stay calm and confirm any urgent messages by logging directly into IRS.gov or your tax-software account, never by clicking a link in an unsolicited message.

Watch for fake IRS emails and phishing sites

Phishing schemes pose as IRS communications, complete with bogus letterhead and urgent “action required” banners. They often ask you to verify your Identity Protection PIN, Adjusted Gross Income or bank account information. The real IRS will never initiate contact by email, text, or social media to request personal or financial data.

Beware of fraudulent software-update alerts

Cyber-crooks target both preparers and DIY filers with fake “software updates” or “critical patches” for popular tax applications. Downloading these can install key-logging malware that steals Social Security numbers, passwords and financial credentials. Always update tax software from within the official application or by visiting the vendor’s website directly.

Scam phone calls impersonating IRS agents

Caller ID spoofing lets scammers display “IRS” or even your local law-enforcement number. They recite partial personal details, name, address, last filing year—to seem genuine, then demand immediate payment via gift cards, prepaid debit cards, or cryptocurrency. The IRS never demands payment by these methods, nor will it threaten arrest or deportation.

Protect vulnerable family and friends

Elders, non-native English speakers and those unfamiliar with online filing are prime targets. Remind them that the IRS communicates first by mail. Encourage enrollment in the IRS’s Identity Protection PIN program, which adds an extra six-digit code to every return—and in IRS Two-Factor Authentication when using e-Services.

Warning signs of a scam

  • Threats of arrest, license revocation or deportation
  • Demands for immediate payment without mailed notice
  • Requests for gift cards, prepaid debit cards or cryptocurrency
  • Links to unfamiliar websites or attachments in email
  • Unsolicited texts or social-media messages claiming to be from the IRS

If you receive a suspicious message

  • Do not click any links or download attachments
  • Do not call numbers provided in the message
  • If it claims to be IRS, hang up and call 800-829-1040 (individual taxpayer helpline)
  • Report phishing emails to phishing@irs.gov
  • Forward suspicious texts or social-media DMs to TIGTA via https://tips.tigta.gov

How to access IRS resources safely

Always type IRS.gov directly into your browser. Bookmark that page for easy reference. Use the IRS2Go mobile app (officially published by the IRS) if you prefer a phone interface.

By staying alert to these red flags and using official IRS channels, you’ll keep your refund, and your identity—secure throughout tax season.