Summary (continued narrative)

Scammers are stepping up efforts to impersonate the IRS during tax season, using robocalls, texts and phishing emails more frequently than in past years, according to the consumer protection bureau of the Federal Trade Commission. The FTC also warned that artificial intelligence is likely helping fraudsters increase the number and sophistication of their attempts.

The IRS has warned that scammers often start by imitating the agency through phone calls, text messages and messages that push targets to click links, open attachments or follow instructions that can lead to fake websites. Officials say the fake sites can be designed to capture personal information and may also deliver malicious software.

The FTC and other consumer advocates urged people to treat unexpected contact as a red flag and to slow down before responding to any message that appears to be from the IRS. They emphasized that the IRS will not reach out to taxpayers directly by phone or text and that it does not leave threatening prerecorded messages to demand immediate payment.

In an IRS “Dirty Dozen” list of tax scams, the agency has put impersonation of the IRS by email, text and phone at the top of the list aimed at taxpayers. The IRS also said it urges people not to “click links or open attachments from unexpected messages,” and the agency reiterated that it “does not leave urgent, threatening prerecorded messages, call to demand immediate payment, or threaten arrest.”

Tax scammers, consumer advocates say, often rely on fear-based language and QR codes to route people to fraudulent sites where victims are prompted to “verify” accounts or enter personal information. The IRS also warned that links can install malware, including malicious software such as ransomware, which could lock victims out of their files and expose private information.

Artificial intelligence is increasingly part of the technique mix, with the IRS saying “AI-enabled IRS impersonation by phone (robocalls, voice mimicry, and spoofed caller ID)” is also increasing. As phone scams evolve, officials said, AI can be used to generate messages and to make spoofed caller identification appear more credible.

Identity theft is one of the most common tax-season fraud outcomes, according to Rosario Mendez, an attorney for the FTC’s bureau of consumer protection. Mendez said identity theft involves the misuse of a Social Security number or other personal information, often to collect a tax refund. “People usually discover this when they go to file their tax returns and discover someone else has already filed,” she said. “For the records of the IRS, that is, it’s already happened. But it’s not the person — it’s an identity thief.”

Eva Velasquez, chief executive of the Identity Theft Resource Center, said her organization has tracked an increase in phishing emails, fake texts and phone calls over the past several years, which she said has likely been aided by AI-generated messaging. “We’re seeing an uptick in phishing emails, fake texts, and even phone calls,” Velasquez said. “Scammers are trying to get you to engage in any manner - talk to them, click the link, share your personal data, or share access to your devices or accounts.” She added that “The ‘sheer volume and level of sophistication’ suggests AI is being leveraged,” and she described the pace of fraud attempts as “relentless.”

Velasquez said that when people receive suspicious messages, a key defense is to avoid interacting with links and instead type the official address for the IRS, IRS.gov. “Go to the source. Don’t click any of those links,” she said. “If you didn’t initiate the contact, don’t engage.”

Kathy Stokes, director of fraud prevention programs for AARP, said younger people more frequently report scams, while older individuals report losing more money. “That’s because they have more money to lose,” she said. Stokes urged people to pause and talk to someone they trust when they receive a message that feels strange, scary or urgent, saying it can help them recognize the scam and also protect others through warning and discussion. “That’s also going to inoculate the people you share it with from falling for the scam,” she said.

If someone believes their identity has already been compromised through misuse of their Social Security number, Mendez said they should notify the IRS and report the theft at IdentityTheft.gov to receive a personal recovery plan. She said it can also help prevent further misuse because “If a scammer has used your social security number to file a tax return, it’s possible the same thief could use it to open bank accounts, credit cards, or file for unemployment.” She added: “Another worthwhile step is to monitor your credit report and freeze credit accounts so they can’t be misused.”

Alan Butler, executive director of the Electronic Privacy Information Center, echoed the need for monitoring after theft and warned consumers not to pay high costs for identity-protection services without verifying them. “People can be victimized not only once with the theft of their identity, but a second time, because the monitoring services are trying to up-sell them,” Butler said. He urged people to vet those offerings thoroughly.

Stokes said people who lose money to a scam may also want to file a report with local police. She said, “Even if you get pushback from local law enforcement, you should insist on the report.” She added that it could provide documentation that might be relevant for restitution later, saying, “There may be a means of restitution for fraud victims down the road, and they would want that as a point of proof of what happened.”

AI-generated AI impersonation and the rapid spread of phishing tactics are making it harder to distinguish legitimate tax communications from scams, but consumer advocates said the core defenses remain straightforward: do not click unexpected links, verify by going directly to official websites, and act quickly to report identity theft.