How to Spot Scams That Mimic the IRS or Charities

Fraud is a year-round activity, but tax season brings an uptick in calculated schemes to steal money and personal information through spoofed messages and other means. Cybersecurity firms have also reported an increase in fraud attempts that exploit the conflict in Ukraine — a situation that has increased fears of potential cyberattacks on American companies through ransomware and other malicious software. You can better protect yourself if you know what’s out there. Here’s a guide.

The Internal Revenue Service doesn’t make first contact with taxpayers by email, text messages or social media channels to request personal and financial information — including bank-account or credit-card numbers, passwords or PIN codes. Messages asking for that information are deceptive “phishing” attempts to steal money and identities.

If the I.R.S. needs your attention, it starts with a notice by regular mail via the United States Postal Service in most cases.

The I.R.S. will not send unexpected messages about auditing returns, sending stimulus payments, collecting your taxes or “canceling your Social Security number.” An I.R.S. representative may call or visit when a taxpayer has an overdue bill or has other tax-related issues. But even then, written notification is typically sent first, according to the agency.

Scam telephone calls and voice messages using spoofed agency numbers and forged I.R.S. agent identification are common. Again, the agency typically first sends a notice by mail. It does not call unexpectedly to discuss tax refunds, threaten arrest by local law enforcement or demand immediate payment in a specific form. Tax bills are paid to the U.S. Treasury and not directly to “agents” requiring funds in iTunes or Amazon gift cards, prepaid debit cards, electronic cash or wire transfer.

The Tax Scams/Consumer Alerts page on the official site has a lengthy list of current and classic scams. And the site has a guide for verifying real I.R.S. agents and identifying legitimate debt collectors.

Opportunistic scammers are quick to take advantage of natural disasters and humanitarian crises, including the Covid-19 pandemic and the war in Ukraine. Be leery of messages from unfamiliar organizations requesting donations by credit card or cryptocurrency — or purporting to be from refugees or members of the military. Crowdfunding campaigns should be avoided or heavily scrutinized unless you know the organizer.

Most fraud attempts are easy to spot. Typo-laden messages, impersonal “official correspondence” from Gmail and Yahoo accounts, and voice mail messages left in robotic computer speech are instant red flags. Fake invoices and forged PayPal notices remain popular phishing lures.

You can avoid many phishing lures by fine-tuning your mail program’s junk filters and blocking unwanted calls and text senders. Let unknown callers go to voice mail. Wirecutter, a Times-owned site, has a guide to fighting spam calls.

Make sure your browser is set to block pop-up messages and warn about malicious sites. Don’t install apps from unknown developers, and keep antivirus software enabled on your computer. If spam gets through, don’t call the number and don’t open the attachment — it’s likely to be malware. If you have concerns about an account, open your browser and go to the company’s website, avoiding links in messages.


The Consumer Financial Protection Bureau’s site has detailed page on frauds and scams currently going around. And even if you’ve been practicing safe computing for years, you probably have a friend or relative who isn’t as tech savvy — and could use your help.