Cyber Security News

Fake Tax Claims Scam Stealing Over $10,000 from Victims

Tax season has become a breeding ground for sophisticated AI-powered scams, with nearly half of Americans reporting fraudulent IRS-related communications, according to McAfee’s 2025 survey.

Cybercriminals are leveraging deepfake audio, phishing emails, and spoofed websites to steal identities and funds, costing victims up to $10,000 in losses—and in some cases, far more.

Escalating Threats Across Generations

Gen Z adults (18–24) face the highest rate of attempted fraud, with 40% encountering scams.

However, older demographics bear the brunt of financial devastation: 40% of men aged 65–74 lost $751–$1,000, while half of women in the same cohort lost $2,501–$5,000.

The most severe losses occurred among 45–54-year-olds, with 10% reporting damages exceeding $10,000.

AI tools enable hyper-realistic phishing campaigns, with 55% of respondents noting increased scam realism compared to prior years.

Deepfake voice clones mimicking IRS agents and AI-generated emails replicating tax software branding (e.g., TurboTax, H&R Block) have blurred the line between legitimate and fraudulent communications.

Anatomy of a Modern Tax Scam

A typical attack begins with urgent SMS or email alerts claiming rejected refunds or back taxes owed.

These messages often include malicious links to credential-harvesting pages or fake helplines.

For example:

xml<!-- Example phishing link embedded in a scam email -->  
<a href="http://irs-tax-refund-claim[.]com">Click to Verify Your Refund</a>  

Once victims engage, fraudsters exploit stolen Social Security numbers (SSN) or bank details to file fraudulent returns or drain accounts.

Cryptocurrency payment demands—three times more likely to target men—add layers of anonymity for criminals.

Defensive Strategies for Taxpayers

To mitigate risks, cybersecurity experts recommend:

  1. Early Filing: Submit returns before cybercriminals can hijack W-2 data.
  2. Dark Web Monitoring: Use services like McAfee+ to track SSNs, bank accounts, or email addresses exposed in breaches.
  3. Phishing Vigilance: Scrutinize URLs in unsolicited messages. Legitimate IRS communications exclusively use IRS.gov domains and never initiate contact via text or social media.
  4. Multi-Factor Authentication (MFA): Enable MFA on tax software accounts to block unauthorized access.
  5. Spoofing Countermeasures: Manually type tax platform URLs instead of clicking embedded links to avoid spoofed sites like TurboTax-refund[.]net.

Regulatory and Technological safeguards

The IRS continues to enforce its Taxpayer First Act protocols, requiring biometric verification for tax preparer accounts.

Meanwhile, AI-powered tools now flag suspicious communications by analyzing linguistic patterns (e.g., urgency-driven keywords like “immediate action” or “account suspension”).

Despite these measures, 87% of Americans remain concerned about AI’s role in amplifying fraud.

As tax scams evolve, proactive defense—combining human skepticism with advanced cybersecurity—is critical to safeguarding refunds and identities in 2025.

Collect Threat Intelligence on the Latest Malware and Phishing Attacks with ANY.RUN TI Lookup -> Try for free

Anupriya

Recent Posts

Over 100 Malicious Chrome Extensions Exploiting Users to Steal Login Credentials and Execute Remote Code

Cybersecurity researchers have uncovered a sprawling network of over 100 malicious Chrome extensions actively exploiting…

11 minutes ago

Ivanti EPMM 0-Day RCE Vulnerability Under Active Attack

Ivanti's Endpoint Manager Mobile (EPMM) contains a critical vulnerability chain that has been actively abused.…

23 minutes ago

Atlassian Alerts Users to Multiple Critical Vulnerabilities Affecting Data Center Server

Atlassian has released its May 2025 Security Bulletin addressing eight high-severity vulnerabilities affecting multiple enterprise…

45 minutes ago

Cybercriminals Could Leverage Google Cloud Platform for Malicious Activities

A Research by Tenable and Cisco Talos has shed light on a critical vulnerability in…

1 hour ago

Malicious Hackers Create Fake AI Tool to Exploit Millions of Users

A concerning development in the field of cybersecurity is the initiation of a sophisticated campaign…

1 hour ago

New Phishing Attack Uses AES & Malicious npm Packages to Office 365 Login Credentials

Fortra’s Suspicious Email Analysis (SEA) team uncovered a highly sophisticated phishing campaign targeting Microsoft Office…

1 hour ago