It’s tax time—again! As we all work hard to ensure our taxes are adequately prepared, cybercriminals use this time to claim their own returns through “IRS-related” scams. Hackers know people are rushing to get their returns and are more likely to fall victim to tax-related scams than at any other time of the year.

It’s essential for everyone, not just business owners, to stay up to date on the latest scams and best practices to avoid becoming one of the estimated 15 million people that will fall victim to identity theft in the U.S. this year.

Why Do You Need to Worry About Tax Scams?

Cybercriminals are looking for a quick payday, and the tax season offers ample opportunities for hackers to intercept the personal data needed to properly file taxes, such as social security numbers, EINs if you’re a business owner, addresses, bank account information, and more.

If hackers can get their hands on that data, it can have devastating effects, such as waking up to find they’ve drained your bank account, sold your information on the dark web, or even opened credit cards in your name and then maxed them out.

Although tax scams occur year-round, they peak during tax season in the United States. Last year, 61% of the tax scams reported to the BBB's Scam Tracker were discovered in the first four months, with identity fraud being the most common type. More than 650,000 identity theft reports were submitted to the FTC last year.

3 Common Scams Hackers Use During Tax Season

Let's look at 3 of the most common types of tax scams you may encounter and how you can avoid becoming a victim this tax season.

1. Tax-Related Identity Theft

Cybercriminals are looking to claim your tax refund for themselves, and all they need is your personal information to do it. Once they have information like your social security number, birth date, and address (which they can likely buy off the dark web if you haven’t been careful), they can file a tax return in your name and collect the refund.

Hackers get this information through different means, but one popular way is sending you fake emails that look like they're from the IRS, asking you to update tax filing information so they can process your return quickly.

Once you enter your correct information, they will turn around and use it to file your tax return.

This isn’t just a pre-filing scam, either! Hackers will also send emails suggesting that you have a larger return than expected—all they need to send it to you is a copy of your passport and a utility bill or credit card statement with a correct address. Always enter information through the secure portal on the IRS website.

There are a few ways you can tell if this has happened to you:

  • The IRS sends you a transcript that you never requested.
  • You create an account online and are told there has already been an account created with your social security number, but you didn’t make the account.
  • These events require immediate action! You can report it to IRS using Form 14039. There is more information on how to handle this at

Remember this—do not fill out any forms online from an email. If the IRS needs your information, it can be updated through a secure platform on the official website.

2. Phishing Scams

This is the easiest way for hackers to get into your network. Hackers will send emails claiming that your account or tax return is locked or restricted, and to release your refund and have it processed, you need to “click the link and follow the instructions.” They also occasionally pose as tax software such as TurboTax! Once you click these links looking for further instructions, hackers have the power to install malware onto your computer.

If that doesn’t work, hackers will test out the attachment method. One popular way they do this is by sending an email saying that your payment has been deducted from your account, and they can download the attachment outlining the transaction. When you download the document, it installs malicious software onto your computer. 

The IRS will not email you asking you for this information. Do NOT click on any links like this or download any reports. Make sure all email addresses are legit! Hackers are known to change letters in the address to make it look like it’s the official site.

For example, instead of ‘’, they might use ‘’ or switch the ‘i’ for an ‘l’ that looks like a capital ‘i'. They are sneaky, so you must be wary.   

3. Gift Card Scams

Hackers know that people are fearful about getting in trouble with the IRS, so they use this to their advantage. If you receive an email saying that you didn’t file correctly and now owe money or that you’ve missed a deadline and owe a penalty and must send a gift card with the owed amount immediately—it is a scam.

The IRS will never ask you to pay using gift cards. If you get a letter like this, report it immediately.

How to Remain Safe From Hackers During Tax Season?

Here are a few tips to keep in mind when dealing with unsolicited communications this year and every year moving forward.

  1. Taxpayer communications with the IRS are never initiated via email. They will send you notices in the mail.
  2. Whenever you are addressed as "taxpayer", "sir", "madam," or “US citizen”, you can be sure that an email is fake. The IRS will use your name.
  3. Be cautious of ALL tax-related emails, not just IRS scams. Hackers will also pose as popular tax software like TurboTax.
  4. The IRS never sends links or attachments asking you to pay the extra money, download a payment transaction, or update filing information.
  5. Personal documents should never be scanned in response to unsolicited emails.
  6. If you receive an email from the IRS purporting to be from the IRS, forward that email to

If you’re looking for ways to stay safe from cybercriminals this tax season, get in touch with our team today. We can assist you with security systems for your network, spam filtering, and monitoring your network to make sure anything that slips through the cracks is resolved immediately.

Share this blog post with your colleagues and friends. Follow The TNS Group on Facebook, Twitter, Instagram, or LinkedIn.

Categories: Managed Service Provider, MSP Blogs, Solution Blogs