Despite Major Progress, Identity Theft Still on IRS ‘Dirty Dozen’ Tax Scams List


March 7, 2018

WASHINGTON — Even though reports of tax-related identity theft have declined markedly in recent years, the Internal Revenue Service warns that this practice is still widespread and remains serious enough to earn a spot on the agency’s annual “Dirty Dozen” list of tax scams.

The Dirty Dozen is compiled each year by the IRS and outlines a variety of common scams taxpayers may encounter any time during the year. Many of these cons peak during filing season as people prepare their tax returns or hire tax professionals.

Tax-related identity theft occurs when someone uses a stolen Social Security number or Individual Taxpayer Identification Number (ITIN) to file a fraudulent tax return claiming a refund.

The IRS, the states and the tax industry began working together in 2015 as the Security Summit to fight tax-related identity theft. Security Summit partners enacted a series of safeguards that are making inroads against identity thieves.

For example, the number of taxpayers reporting themselves as identity theft victims declined by 40 percent in 2017 from 2016. In 2017, the IRS received 242,000 reports from taxpayers compared to 401,000 in 2016. This was the second year in a row this number fell, dropping from 677,000 victim reports in 2015. Overall, the number of identity theft victims has fallen nearly 65 percent between 2015 and 2017.

Because of these successes, criminals are devising more creative ways to steal more in-depth personal information to impersonate taxpayers. Taxpayers and tax professionals must remain vigilant to the various scams and schemes used for data thefts.

Business filers should be aware that cybercriminals also file fraudulent Forms 1120 using stolen business identities and they, too, should be alert.

Security Reminders for Taxpayers

The IRS and its partners remind taxpayers and tax professionals that they can do their part to help in this effort. Taxpayers and tax professionals should:

  • Always use security software with firewall and anti-virus protections. Make sure the security software is always turned on and can automatically update. Encrypt sensitive files such as tax records stored on the computer. Use strong passwords.
  • Learn to recognize and avoid phishing emails, threatening phone calls and texts from thieves posing as legitimate organizations such as banks, credit card companies and government organizations, including the IRS. Do not click on links or download attachments from unknown or suspicious emails.
  • Protect personal data. Don’t routinely carry a Social Security card, and make sure tax records are secure. Treat personal information like cash; don’t leave it lying around.
  • The Security Summit has worked to increase awareness among taxpayers and tax professionals about tax-related identity theft and security steps through its “Taxes. Security. Together.” and “Protect Your Clients; Protect Yourself” campaigns.

The IRS understands that reversing the damage caused by identity theft is a frustrating and complex process for victims. While identity thieves steal information from sources outside the tax system, the IRS is often the first to inform a victim that identity theft has occurred. The IRS is working hard to resolve identity theft cases as quickly as possible. For more information, see the special identity theft section on

Related Items: