Dirty Dozen tax scams for 2026: IRS reminds taxpayers to watch out for dangerous threats

Annual list highlights evolving schemes; agency spotlights National Slam the Scam Day

IR-2026-30

The Internal Revenue Service today announced its annual Dirty Dozen list of tax scams for 2026 that threaten the tax and financial information of taxpayers, businesses, and tax professionals.  The Dirty Dozen is part of a broader campaign conducted through the Security Summit, a partnership among the IRS, state tax agencies, and the nation’s tax industry, and reinforced by outreach efforts tied to National Slam the Scam Day on March 5.  These initiatives educate taxpayers about identity theft schemes and other forms of fraud, particularly during filing season.

“Today, Slam the Scam Day, provides a great opportunity to remind everyone to remain vigilant and watch out for scams because thieves continuously adjust the pitches they use to take advantage of honest taxpayers,” said IRS Chief Executive Officer Frank J. Bisignano.  “For more than two decades, the IRS has used the Dirty Dozen list to flag emerging scams that taxpayers should watch out for.”

A notable change to this year’s list is the addition of abusive undistributed long-term capital gains claims as item #6, replacing prior fuel tax credit concerns, as the IRS sees an increase in overstated or fabricated claims tied to Form 2439, Notice to Shareholder of Undistributed Long-Term Capital Gains.  The IRS advises all taxpayers to remain cautious year-round, as criminals will always be on the lookout for new ways to obtain money, personal identifiable information, and data.

The 2026 Dirty Dozen: 12 key scams to watch for

1.  IRS impersonation by e-mail and text (phishing + smishing).  Scammers send e-mails, direct messages (DMs), and texts that appear to be from the IRS, often using alarming language and QR codes that direct taxpayers to fake IRS websites to “verify” accounts, enter personal information, or claim refunds.  The IRS urges taxpayers not to click links or open attachments from unexpected messages and to report suspicious IRS-related e-mails, DMs, and texts.  The IRS reported over 600 social media impersonators during fiscal year 2025.

As a reminder, never click any unsolicited communication claiming to be from the IRS, as it may install malware surreptitiously.  These links may install malicious software, including ransomware, on a taxpayer’s personal device, potentially preventing access to their files or personal information.

2.  AI-enabled IRS impersonation by phone (robocalls, voice mimicry, spoofed caller ID).  Phone scams continue to evolve, including calls that use computer-generated tactics and spoofed caller ID to appear legitimate.  The IRS reminds taxpayers that it generally contacts taxpayers by mail first and does not leave urgent, threatening prerecorded messages, call to demand immediate payment, or threaten arrest.  Taxpayers should not rely on AI-generated responses to complex tax questions, and they should verify any calculations or information provided by artificial intelligence.
3.  Fake charities.  Fraudsters often exploit tragedies and disasters by creating fake charities to collect donations and personal information.  The IRS is committed to preventing fraudulent nonprofits from taking advantage of the American taxpayer.

Taxpayers who give money or goods to a charity may be able to claim a deduction on their federal tax return if they itemize deductions, but charitable donations only count if they go to a qualified tax-exempt organization recognized by the IRS.

4.  Misleading tax advice on social media.  Viral “tax hacks” can push taxpayers to file returns with false information or claim credits they don’t qualify for, leading to refund delays, audits, penalties, or worse.  The IRS continues to warn that social media-driven misinformation and disinformation remain a major driver of tax scams.

The IRS and the Coalition Against Scam and Scheme Threats warn taxpayers not to fall for these scams, and urge them to follow trusted advice from the IRS, tax professionals, and other reputable sources.  The IRS reminds taxpayers who knowingly file fraudulent tax returns that they could potentially face significant civil and criminal penalties.

5.  Identity theft involving IRS Online Account access.  Criminals may attempt to use stolen personal information to gain unauthorized access to a taxpayer’s IRS online account or may pose as helpers to collect sensitive information during account setup.  Taxpayers should create their account directly through IRS.gov and should not rely on unsolicited third parties offering assistance.  The IRS provides official guidance to help taxpayers securely establish and protect their accounts.
6.  Abusive undistributed long-term capital gains claims.  The IRS identified an increase in the abuse of Form 2439.  This form allows shareholders of certain investment funds or real estate trusts to claim a refundable credit for taxes paid on undistributed capital gains.  Identified schemes involve overstated or fabricated Form 2439 claims, including claims tied to organizations that are not legitimate investment funds or real estate trusts.  The IRS has also seen fake claims falsely linked to real, well-known organizations.  Improper claims may result in refund delays, audits, penalties, or enforcement action.
7.  Bogus “Self-Employment Tax Credit” promotion.  Scammers use misleading claims about a broad “self-employment tax credit” to encourage inaccurate filings and generate improper refunds.  The IRS reminds taxpayers to rely on trusted sources and qualified tax professionals, not social media promotions, when determining eligibility for credits.

Many taxpayers do not qualify for these credits, and the IRS is closely reviewing claims coming in under this provision, so taxpayers filing claims do so at their own risk.

8.  Ghost preparers.  A “ghost” preparer prepares a return but refuses to sign it and/or refuses to include a Preparer Tax Identification Number (PTIN).  When a preparer refuses to sign or provide a PTIN, that is a major red flag; the taxpayer is legally responsible for what is filed.  The IRS urges taxpayers to avoid preparers who will not sign the return and to choose reputable help.  Taxpayers should never sign a blank or incomplete return.  Instead, the IRS reminds taxpayers to use a trusted tax professional for help.
9.  Non-cash charitable contribution schemes.  Some schemes involve inflated appraisals of donated property using syndicated conservation easements or art.  Promoters often promise to eliminate or substantially reduce tax liability.  The IRS warns taxpayers not to file returns with made-up information and reminds taxpayers that it can hold refunds while verifying claims.
10.  Overstated withholding schemes (fabricated wage/withholding data).  Scammers encourage taxpayers to inflate withholding amounts (sometimes described as “other withholding”) to manufacture a larger refund by reporting zero or little income on incorrect forms.  The IRS may delay processing while it verifies wages and withholding against third-party records.  Inaccurate claims can lead to penalties and enforcement action.

There are multiple variations of the overstated withholding credit scheme, including those involving Forms W-2 and W-2G; Forms 1099-R, 1099-NEC, 1099-DIV, 1099-OID, and 1099-B, as well as the Alaska Permanent Fund Dividend, Schedule K-1 with Withholding Reported, and Unspecified Source of Withholding Credit Claimed.

11.  Spear-phishing and malware campaigns targeting tax professionals.  Tax professionals and businesses remain targets of “new client” or “document request” e-mails that deliver malicious links or attachments to steal client data or access systems.  The IRS and the Security Summit urge preparers to remain vigilant and to strengthen their security practices.

Businesses and individuals, including tax pros, should always be cautious and look out for any suspicious requests or unusual behavior before sharing any sensitive information or responding to an e-mail.  Warning signs may include unexpected requests for sensitive information, mismatched or unfamiliar sender addresses, urgent payment demands, or links directing users to websites that do not clearly originate from IRS.gov.  Be aware that by gaining access to a hacked e-mail account, scammers can locate a genuine e-mail from a previous victim's e-mail account sent to their tax professional.

12.  Aggressive or misleading Offer in Compromise marketing (“OIC mills”).  The Offer in Compromise program can help certain eligible taxpayers resolve tax debt when they are unable to pay in full, but “OIC mills” often overpromise results and charge high fees to taxpayers who don’t qualify.  Taxpayers can check eligibility using free IRS tools to avoid high-pressure sales tactics.

How to protect yourself and what to do if you get a suspicious message or call

• Don’t click unexpected links or open unexpected attachments.
• If you get a suspicious IRS-related call, hang up.  The IRS provides guidance on what to do next, including how to report scams.
• To report suspected IRS-related phishing e-mails or messages, send them to phishing@irs.gov and follow IRS reporting instructions.
• If you think your tax identity has been compromised, visit IRS.gov/idtheft for steps to protect your account and recover.

Report abusive tax schemes and suspicious activity

The IRS encourages taxpayers, tax professionals, and the public to report suspected tax fraud, scams, identity theft, or other tax-related wrongdoing by visiting IRS.gov/SubmitATip.  The new online tool allows individuals to confidentially submit information using a smartphone, tablet, or computer.  It consolidates IRS fraud-reporting options into one location and routes tips to the appropriate IRS office.  Prompt reporting helps protect taxpayers and quickly stop abusive activity.