Next batch of 'Dirty Dozen' warns of personal info scams

By Dave Strausfeld, J.D.

In the second installment of this year’s IRS “Dirty Dozen” list, which highlights common tax-related scams, the IRS cautioned taxpayers to be on the lookout for deceptive schemes in the form of emails, text or social media messages, and phone calls (IR-2021-137).

In what has become an annual ritual, the Service each year highlights 12 of what it calls “the worst of the worst tax scams.” This year’s Dirty Dozen list is being released in four installments over four days.

Monday’s installment raised awareness of scams related to the COVID-19 pandemic, while Tuesday’s focuses on what the Service calls “personal information cons,” specifically:


The IRS warned individuals to be vigilant for sham emails or websites looking to steal victims’ personal data and potentially infect their devices by convincing them to download malicious programs.

“These phishing schemes can be tricky and cleverly disguised to look like they’re from the IRS or from others in the tax community,” the IRS said in its news release.

The Service noted that some phishing scams target tax professionals, such as by seeking to trick practitioners to click on innocent-looking attachments in emails purportedly from a new client. Another ploy mimics verification of electronic filing identification numbers (EFIN) and Centralized Authorization File (CAF) numbers, the IRS said.


The IRS said that “vishing,” or voice-related phishing, is on the rise, particularly scams related to federal tax liens. Individuals should be wary of unexpected phone calls asking for personal financial information.

Fortunately, there has been a decline in the number of reports of telephone con artists claiming to be from the IRS, the Service said. Nonetheless, taxpayers are urged to remember, among other things, that:

  • The IRS will never request personal or financial information by email, text, or social media.
  • The IRS generally first contacts people by mail, not by phone, about unpaid taxes.

Social media scams

Taxpayers also should be aware of tax scams that rely on social media, the IRS said. Some con artists send emails impersonating the victim’s family, friends, or co-workers, relying on information extracted from an individual’s social media accounts.

One way to protect against these schemes is to review privacy settings and limit data that is publicly shared, the Service said.


Financial institutions need to be especially aware of trends involving ransomware, the IRS noted. Ransomware is a form of malicious software (malware) used to extort ransom payments from victims in exchange for decrypting the information and restoring victims’ access to their systems or data.

Unfortunately, ransomware criminals are becoming increasingly sophisticated. “Many cybercriminals are sharing resources to enhance the effectiveness of ransomware attacks, such as ransomware exploit-kits that come with ready-made malicious codes and tools,” the Service noted. “Some ransomware groups are also forming partnerships to share advice, code, trends, techniques, and illegally obtained information over shared platforms.”

Bad actors seeking to mount ransomware attacks on an organization often resort to “wide-scale phishing and targeted spear-phishing campaigns that induce victims to download a malicious file or go to a malicious site,” the IRS pointed out.

Ransomware attacks continue to rise across various sectors, particularly governmental entities as well as financial, educational, and health care institutions, the Service noted.

The IRS urges all taxpayers to be on guard against these scams.

In the next installment of the Dirty Dozen list, the Service will highlight certain ruses focusing on unsuspecting victims, and the final installment will draw attention to schemes that entice taxpayers into taking “unscrupulous” actions.

See the Dirty Dozen page at

Dave Strausfeld, J.D., ( is a JofA senior editor.


Get your clients ready for tax season

Upon its enactment in March, the American Rescue Plan Act (ARPA) introduced many new tax changes, some of which retroactively affected 2020 returns. Making the right moves now can help you mitigate any surprises heading into 2022.


Black CPA Centennial, 1921–2021

With 2021 marking the 100th anniversary of the first Black licensed CPA in the United States, a yearlong campaign kicked off to recognize the nation’s Black CPAs and encourage greater progress in diversity, inclusion, and equity in the CPA profession.