If the last month before Tax Day this year is anything like the last few weeks of tax season 2024, expect a significant surge in tax-related scams as cybercriminals try to exploit unsuspecting taxpayers, warns security software company DNSFilter.
To gain insight into what taxpayers should be wary of during the remaining weeks of tax season, DNSFilter combed its extensive datasets to discover how scammers operated last year.
Among the findings:
- Bad actors are increasingly using tax terminology to trick individuals: DNSFilter’s researchers found that traffic to malicious domains with “tax” in the name peaked on the DNSFilter network in the 30 days before Tax Day last year; in fact, there was a 693% rise in traffic to these domains between March 15 and April 15, 2024, compared to the rest of the 2024 tax season. In 2024, cybercriminals increasingly impersonated well-known tax software providers like TurboTax; these phishing attempts peaked in mid-March and continued throughout the tax season, as hackers sought to deceive users into sharing sensitive personal information.
- In 2024, scam activity remained high even after the April 15 deadline: This indicates bad actors likely preyed on fear and anxiety by targeting those taxpayers who either missed the deadline or filed extensions.
- Scams targeting fuel tax credits are on the rise: In a recent IRS warning about fuel tax credit scams, from 2024 to 2025, threat domains with “fuel” in their names increased by 121%, highlighting a growing concern around these fraudulent offers.
- Related: Average Tax Refund Amount Up 6.3% From This Time Last Year
- Related: How the 50 States Rank By State and Local Tax Rates in 2025
- Related: Online Tax Advice Can Lead to IRS Trouble and Criminal Charges
- Related: The Biggest Tax Credit Many People Miss: The EITC
- Related: Taxes for Gig Workers: Many Are Unprepared for Lower 1099-K Reporting Threshold
The IRS recently issued its latest “Dirty Dozen” tax scams list, and several of these scams remain prevalent, while others are emerging as major threats this 2025 season. The list includes:
- Phishing and smishing: These tactics remain the most common forms of tax-related scams, where attackers impersonate legitimate entities like the IRS via email, text, or phone calls to steal personal information.
- Fake charities: Scammers continue to exploit taxpayers’ goodwill by creating fraudulent charity websites to steal donations. DNSFilter said it sees this risk on its network all year-round.
- Misleading offers in compromise and ghost tax preparers: Scam websites promising to reduce tax liabilities or providing unlicensed tax preparation services continue to surface. These threats remain on the radar for continued monitoring.
- New client spear phishing: Cybercriminals are increasingly focusing on targeted phishing attempts aimed at consumers seeking tax services.
“Tax season is stressful enough for Americans without having to be wary of fraudsters. Our data shows that malicious tax-related traffic increases this time of year, meaning people need to exercise extra caution to avoid phishing and related scams,” Ken Carnesi, CEO and co-founder of DNSFilter, said in a statement. “Our mission is to keep people, businesses, and organizations secure against the many web-related dangers lurking on the internet. We’re presenting this data to help organizations and taxpayers avoid scams and malicious sites during this often-stressful time.”
Thanks for reading CPA Practice Advisor!
Subscribe Already registered? Log In
Need more information? Read the FAQs
