{"id":5481,"date":"2025-12-22T07:58:05","date_gmt":"2025-12-22T07:58:05","guid":{"rendered":"https:\/\/www.acobloom.com\/us\/?p=5481"},"modified":"2025-12-30T13:07:06","modified_gmt":"2025-12-30T13:07:06","slug":"irs-dirty-dozen-tax-scams","status":"publish","type":"post","link":"https:\/\/www.acobloom.com\/us\/blog\/irs-dirty-dozen-tax-scams\/","title":{"rendered":"Understanding the IRS&#8217;s Dirty Dozen Tax Scams List 2025\u00a0"},"content":{"rendered":"\n<p>In 2002, the IRS launched&nbsp;the&nbsp;first&nbsp;<strong>IRS Dirty Dozen Tax Scams <\/strong>List.&nbsp;The aim was to raise awareness among taxpayers, financial institutions, and tax professionals about the increasing threat of&nbsp;scams&nbsp;and fraudulent schemes. At that time, the most prevalent&nbsp;scam&nbsp;was&nbsp;\u201cSlavery Reparations.\u201d It typically involved promoters charging fees to file fake tax forms that requested non-existent refunds or credits. These promoters created fake &#8220;reparations&#8221; for slavery, often claiming a specific tax credit, such&nbsp;as&nbsp;&#8220;black investment taxes.&#8221; This was just a small part of the landscape of&nbsp;scams&nbsp;in the early 2000s.&nbsp;<\/p>\n\n\n\n<p>In 2025, the landscape&nbsp;completely changed, and at a pace far&nbsp;greater&nbsp;than Regulatory Bodies&nbsp;could&nbsp;keep up. For example, today, a CPA firm could be managing its client\u2019s invoices and then be approached by a legitimate Accounts Payable request, only to be revealed as an impersonator using AI for a phishing&nbsp;scam. CPA firms and tax professionals are primary targets of these schemes because they have access to sensitive client financial data.&nbsp;&nbsp;<\/p>\n\n\n\n<p>Financial and tax&nbsp;scams&nbsp;have only become more advanced and sophisticated over the decades.&nbsp;That\u2019s&nbsp;why the IRS keeps updating the Dirty Dozen Tax Scams List to raise awareness about new and evolving&nbsp;scams.&nbsp;&nbsp;<\/p>\n\n\n\n<p>This blog will outline which&nbsp;scams&nbsp;in the latest&nbsp;<strong>IRS Dirty Dozen Tax Scams <\/strong>List&nbsp;impact CPA firms, describe how these&nbsp;scams&nbsp;might appear to CPA firms, and explore how to respond if they&nbsp;encounter&nbsp;them.&nbsp;<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_50 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\" role=\"button\"><label for=\"item-69f407a18cead\" aria-hidden=\"true\"><span style=\"display: flex;align-items: center;width: 35px;height: 30px;justify-content: center;direction:ltr;\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/label><input  type=\"checkbox\" id=\"item-69f407a18cead\"><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.acobloom.com\/us\/blog\/irs-dirty-dozen-tax-scams\/#IRS_Dirty_Dozen_Tax_Scams_%E2%80%93_What_CPA_firms_need_to_know_about_the_List\" title=\"IRS Dirty Dozen Tax Scams &#8211; What CPA firms need to know about the&nbsp;List&nbsp;&nbsp;\">IRS Dirty Dozen Tax Scams &#8211; What CPA firms need to know about the&nbsp;List&nbsp;&nbsp;<\/a><ul class='ez-toc-list-level-3'><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.acobloom.com\/us\/blog\/irs-dirty-dozen-tax-scams\/#Email_Phishing_and_Smishing_Scams\" title=\"Email Phishing and Smishing Scams&nbsp;\">Email Phishing and Smishing Scams&nbsp;<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.acobloom.com\/us\/blog\/irs-dirty-dozen-tax-scams\/#New_Client_Scams_and_Spear-Phishing\" title=\"New Client Scams and Spear-Phishing&nbsp;\">New Client Scams and Spear-Phishing&nbsp;<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.acobloom.com\/us\/blog\/irs-dirty-dozen-tax-scams\/#IRS_Online_Account_Help_Scams\" title=\"IRS Online Account Help Scams&nbsp;\">IRS Online Account Help Scams&nbsp;<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.acobloom.com\/us\/blog\/irs-dirty-dozen-tax-scams\/#The_Overstated_Withholding_Scam\" title=\"The Overstated Withholding Scam&nbsp;\">The Overstated Withholding Scam&nbsp;<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.acobloom.com\/us\/blog\/irs-dirty-dozen-tax-scams\/#Ghost_Tax_Return_Preparers\" title=\"Ghost Tax Return Preparers&nbsp;\">Ghost Tax Return Preparers&nbsp;<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.acobloom.com\/us\/blog\/irs-dirty-dozen-tax-scams\/#Concluding_Thoughts\" title=\"Concluding Thoughts&nbsp;\">Concluding Thoughts&nbsp;<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"IRS_Dirty_Dozen_Tax_Scams_%E2%80%93_What_CPA_firms_need_to_know_about_the_List\"><\/span>IRS Dirty Dozen Tax Scams &#8211; What CPA firms need to know about the&nbsp;List&nbsp;&nbsp;<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Email_Phishing_and_Smishing_Scams\"><\/span><strong>Email Phishing and Smishing Scams&nbsp;<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Email phishing and smishing remain one of the most&nbsp;common&nbsp;threats to CPA firms because they directly target practitioners&#8217; access to IRS systems, tax software, and confidential client information. The&nbsp;scams&nbsp;often arrive via email or text, designed to appear to come from the IRS, a tax software vendor, a bank, a payroll processor, or even an existing client.&nbsp;<\/p>\n\n\n\n<p>These schemes often take the form of emails or&nbsp;calls&nbsp;from&nbsp;purported legitimate&nbsp;sources within a CPA firm,&nbsp;seeking&nbsp;to &#8220;verify your account,&#8221; &#8220;update E-Services credentials,&#8221; or &#8220;review the attached tax documents.&#8221; Once a staff member opens an attachment or clicks a link, malware can install itself, or credentials can be stolen, which might allow unauthorized e-filing or widespread client identity theft.&nbsp;<\/p>\n\n\n\n<p>Against this, CPA firms should institute strict verification processes for any unsolicited email or text. Staff members should never access a link or open an attachment from an unknown or&nbsp;unverified source, and firms should deploy MFA across all tax software, e-mail platforms, and client portals. Ongoing phishing simulations and cybersecurity training keep teams alert to potential risks, and&nbsp;maintaining&nbsp;a zero-tolerance policy for bypassing security procedures is crucial to preventing compromise.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"New_Client_Scams_and_Spear-Phishing\"><\/span><strong>New Client Scams and Spear-Phishing&nbsp;<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Spear-phishing is a more focused version of phishing, and scammers often pose as \u201cnew clients\u201d needing help with their taxes. They craft an effective introductory email, mentioning some personal situation, and then attach&nbsp;supposed tax&nbsp;documents&nbsp;containing&nbsp;malware.&nbsp;<\/p>\n\n\n\n<p>These&nbsp;scams&nbsp;turn up most often at CPA firms during&nbsp;the busy&nbsp;season, when staff are apt to open new-client files rapidly. Since these messages seem customized and pertinent, it increases the possibility that one of the people in your firm will open the attachment, thereby providing access to firm information, credentials, or client data.&nbsp;<\/p>\n\n\n\n<p>The best defense is to require formal identity verification before opening any files from prospective clients. Firms should adopt a secure workflow in which all documents must be uploaded through encrypted portals rather than&nbsp;email. Additionally, firms can instruct staff to treat all unsolicited new-client emails as suspicious until verified, and to involve IT\/security before interacting with files that originate outside the firm&#8217;s normal intake process.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"IRS_Online_Account_Help_Scams\"><\/span><strong>IRS Online Account Help Scams&nbsp;<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Another item&nbsp;in the&nbsp;<strong>IRS Dirty Dozen Scams <\/strong>List&nbsp;involves scammers offering to \u201chelp\u201d taxpayers&nbsp;to set&nbsp;up their IRS online accounts. CPA firms&nbsp;encounter&nbsp;this when&nbsp;clients&nbsp;forward emails or ads from third parties claiming they can create or \u201coptimize\u201d IRS accounts on the client\u2019s behalf.&nbsp;<\/p>\n\n\n\n<p>The scammers ask for Social Security numbers,&nbsp;birthdates&nbsp;and photo identification-all the information needed to commit identity theft or file fraudulent returns. If clients follow these instructions,&nbsp;it&#8217;s&nbsp;possible that a CPA later discovers that their client&#8217;s online IRS account has been hijacked.&nbsp;<\/p>\n\n\n\n<p>Meanwhile, in combating these&nbsp;scams, it is&nbsp;observed&nbsp;that&nbsp;CPA firms must educate clients not to share&nbsp;sensitive information with unverified third parties and clearly instruct them on how to set up their IRS accounts safely.&nbsp;<\/p>\n\n\n\n<p>Firms may offer to&nbsp;guide clients through the legal setup process or provide an official IRS link. Communication during tax season via a newsletter, portal, or engagement letter can reinforce that&nbsp;CPAs will never outsource the IRS account setup to unfamiliar services.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_Overstated_Withholding_Scam\"><\/span><strong>The Overstated Withholding Scam&nbsp;<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>The overstated withholding&nbsp;scam&nbsp;works by fabricating W-2 or 1099 forms that inflate the filer&#8217;s income and&nbsp;withholding&nbsp;a return to create an artificial refund.&nbsp;CPA firms encounter this when clients provide unusually large or suspicious W-2s prepared by some promoter or printed&nbsp;off of&nbsp;dubious &#8220;refund maximization&#8221; websites.&nbsp;Even unintentionally filing such returns exposes the CPA firm to&nbsp;possible scrutiny&nbsp;for&nbsp;failing to validate&nbsp;client information.&nbsp;<\/p>\n\n\n\n<p>The solution for document validation is rigorous: employers&#8217; information should be verified, original tax forms requested, and filings compared with prior-year records or payroll transcripts, if necessary. A firm&#8217;s internal policies should provide that it will not file any return&nbsp;containing&nbsp;unverifiable or patently incorrect wage or withholding data.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Ghost_Tax_Return_Preparers\"><\/span><strong>Ghost Tax Return Preparers&nbsp;<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Ghost preparers are those who prepare returns but will not sign them with a valid PTIN. They at times impersonate legitimate CPA firms or steal firm identities to make themselves look legitimate. CPA firms may find their firm\u2019s&nbsp;name on returns they never&nbsp;prepared or&nbsp;may find clients who believe they \u201cworked with your firm online,\u201d when&nbsp;actually they&nbsp;have&nbsp;been&nbsp;dealing&nbsp;with an impersonator.&nbsp;<\/p>\n\n\n\n<p>To defend against this threat, firms should&nbsp;monitor&nbsp;PTIN filings,&nbsp;immediately&nbsp;report impersonation incidents to the IRS, and educate clients on how to verify that a tax preparer is truly associated with the firm.&nbsp;Encouraging clients to contact the firm directly through its official website before receiving information helps ensure that no fraudulent impersonation occurs.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.acobloom.com\/us\/contact-us\/?utm_medium=orgnc&amp;utm_source=blog&amp;utm_campaign=us&amp;utm_content=consulting&amp;utm_term=in-content-cta-blog-banner\" target=\"_blank\" rel=\" noreferrer noopener\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"367\" src=\"https:\/\/www.acobloom.com\/us\/wp-content\/uploads\/2024\/07\/Outsource-Accounting-Services-CTA-1024x367.jpg\" alt=\"Outsourcing Revenue Cycle Management\" class=\"wp-image-2783\" srcset=\"https:\/\/www.acobloom.com\/us\/wp-content\/uploads\/2024\/07\/Outsource-Accounting-Services-CTA-1024x367.jpg 1024w, https:\/\/www.acobloom.com\/us\/wp-content\/uploads\/2024\/07\/Outsource-Accounting-Services-CTA-300x108.jpg 300w, https:\/\/www.acobloom.com\/us\/wp-content\/uploads\/2024\/07\/Outsource-Accounting-Services-CTA-768x276.jpg 768w, https:\/\/www.acobloom.com\/us\/wp-content\/uploads\/2024\/07\/Outsource-Accounting-Services-CTA-1536x551.jpg 1536w, https:\/\/www.acobloom.com\/us\/wp-content\/uploads\/2024\/07\/Outsource-Accounting-Services-CTA.jpg 1920w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Concluding_Thoughts\"><\/span>Concluding Thoughts&nbsp;<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Although the&nbsp;<strong>IRS Dirty Dozen Tax Scams <\/strong>List&nbsp;covers a lot of&nbsp;important information&nbsp;about modern&nbsp;scams, CPA firms need to implement security measures against&nbsp;scams&nbsp;beyond those listed. The scammer often evolves&nbsp;way quicker&nbsp;than the IRS\u2019s yearly list can keep up.&nbsp;&nbsp;<\/p>\n\n\n\n<p>For CPA firms, having strong, well-structured background checks enables&nbsp;a higher level of client vetting and reduces exposure to fraudulent activities. Proactively investing in cybersecurity infrastructure, ongoing staff training, and vigilant client communication creates multiple layers of defense. Ultimately, staying informed,&nbsp;remaining&nbsp;skeptical of unsolicited requests, and&nbsp;maintaining&nbsp;rigorous internal controls will empower firms to protect their clients, their reputations, and their businesses&nbsp;from increasingly sophisticated&nbsp;scams.&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In 2002, the IRS launched&nbsp;the&nbsp;first&nbsp;IRS Dirty Dozen Tax Scams List.&nbsp;The aim was to raise awareness among taxpayers, financial institutions, and tax professionals about the increasing threat of&nbsp;scams&nbsp;and fraudulent schemes. At that time, the most prevalent&nbsp;scam&nbsp;was&nbsp;\u201cSlavery Reparations.\u201d It typically involved promoters charging fees to file fake tax forms that requested non-existent refunds or credits. These promoters [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":5484,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[42],"tags":[83,82],"class_list":["post-5481","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tax","tag-dirty-dozen-tax-scams","tag-irs-dirty-dozen-tax-scams"],"_links":{"self":[{"href":"https:\/\/www.acobloom.com\/us\/wp-json\/wp\/v2\/posts\/5481","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.acobloom.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.acobloom.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.acobloom.com\/us\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.acobloom.com\/us\/wp-json\/wp\/v2\/comments?post=5481"}],"version-history":[{"count":0,"href":"https:\/\/www.acobloom.com\/us\/wp-json\/wp\/v2\/posts\/5481\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.acobloom.com\/us\/wp-json\/wp\/v2\/media\/5484"}],"wp:attachment":[{"href":"https:\/\/www.acobloom.com\/us\/wp-json\/wp\/v2\/media?parent=5481"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.acobloom.com\/us\/wp-json\/wp\/v2\/categories?post=5481"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.acobloom.com\/us\/wp-json\/wp\/v2\/tags?post=5481"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}