For cybercriminals, tax season means open season. And in 2025, they’ve upgraded their playbook. AI-generated phishing emails. Deepfake IRS agents. Voice-cloned tax professionals threatening you with arrest. What used to be laughably obvious scams are now chillingly realistic. If you’re still expecting scams to come in broken English from a sketchy Gmail address, you’re behind the times.
According to IRS statistics, more than $37 billion in tax and financial crimes were identified in fiscal year 2023. And that’s just what they caught. Behind those numbers is a growing wave of fraud that’s smarter, faster, and ruthlessly effective. Cybercriminals are tapping into artificial intelligence to create scams so convincing that even seasoned professionals are second-guessing themselves.
“We’re seeing a sharp rise in AI-driven attacks, particularly around tax season,” says Casey Ellis, founder and advisor at Bugcrowd. “Generative AI and deepfake technologies are being weaponized to create highly convincing phishing emails, voice calls, and even video messages that impersonate trusted entities like the IRS or tax preparers.”
What’s changed is scale and believability. AI allows attackers to craft personalized scams that look and sound real. In 2025, according to Adam Khan, VP of Global Security Operations at Barracuda, fake IRS calls using voice cloning have jumped by 150%. And it’s not just individuals at risk—small businesses, tax professionals, and even large firms are being targeted with spear-phishing campaigns that bypass traditional defenses.
“Threat actors look to impersonate key personnel such as Finance and HR officers or executives in order to phish personal information from employees,” explains Alain Constantineau, VP North America at Hornetsecurity. For tax professionals, the stakes are even higher. “Potential” new clients often send malicious attachments designed to compromise entire networks.
The New Face of Fraud: Synthetic Identities and Deepfakes
These scams don’t stop at fake emails or calls. Attackers are using AI to construct synthetic identities—blending real stolen data with fabricated details to create entirely new taxpayer profiles. James Turgal, vice president at Optiv, warns that foreign adversaries and organized crime groups are taking this tactic to new heights. They’re submitting fraudulent returns, claiming illegitimate refunds, and rerouting them to accounts controlled by criminals.
Meanwhile, deepfake videos and AI-powered chatbots are impersonating tax advisors and IRS agents. They promise instant refunds or issue threats of arrest—both designed to push victims into making impulsive decisions. Dustin Brewer, senior director at BlueVoyant, cautions that it’s harder than ever to spot these scams. “Some key indicators of written scams, such as bad grammar and incorrect spelling, are becoming harder to spot due to the accessibility of large language models.”
The days of relying on gut instinct or outdated red flags are over. “Cybercriminals can now create realistic video and audio impersonations of IRS agents, tax professionals, or even family members,” says Patrick Tiquet, vice president at Keeper Security. “To spot AI-generated content, look for subtle mismatches in tone, unnatural speech patterns, or slight inconsistencies in the video.”
What Happens When You’re the Target?
Unfortunately, many people don’t realize they’ve been targeted until it’s too late. By the time a fraudulent return has been filed using your Social Security number, the damage is done. And it’s not just about your refund—identity theft opens the door to credit fraud, unauthorized loans, and years of headaches.
For businesses, the implications can be even worse. CPA firms and tax preparers are increasingly under siege. “Attackers are targeting payroll systems, looking for W-2 data,” says Khan. “Ransomware attacks are specifically focusing on small businesses during tax season.” These attacks can lock firms out of critical data at the height of their busiest time of year.
And cybercriminals aren’t just using cutting-edge tech. They’re exploiting human behavior—our willingness to trust, to click, to believe that something is urgent. Ira Winkler, CISO of CYE, sums it up simply: “Nobody is going to call or text you for a tax emergency, and skepticism is your best defense.”
Practical Guidance to Stay Protected
The threats are sophisticated, but the best defense isn’t about complex technology. It’s about smart, consistent habits that put you one step ahead. Here’s a streamlined guide to protecting yourself—whether you’re filing as an individual or running a business.
- Be Skeptical of All Unsolicited Communication: The IRS will never initiate contact by phone, email, or text. If someone claims otherwise, it’s almost certainly a scam.
- Verify Before You Trust: If you get a suspicious message, don’t engage. Contact the organization directly through official channels.
- Use an IRS Identity Protection PIN (IP PIN): This six-digit number helps protect your tax filings from being hijacked.
- Freeze Your Credit: It’s one of the simplest, most effective ways to prevent new accounts from being opened in your name.
- Enable Multi-Factor Authentication (MFA): Use MFA on all tax-related accounts and portals. Avoid SMS-based MFA—opt for authenticator apps instead.
- Use Strong, Unique Passwords: Employ a password manager to generate and store passwords. Never reuse credentials.
- Encrypt and Secure Sensitive Documents: Store files in encrypted cloud storage and shred outdated physical documents.
- Limit Data Exposure: Be mindful of what you share on social media. Scammers mine personal data to create believable scams.
- Conduct Regular Security Audits: For businesses and tax professionals, bi-annual audits and penetration tests are essential.
- Stay Informed and Aware: Follow trusted cybersecurity experts and resources to stay updated on the latest threats.
The Bottom Line: Your Best Defense Is You
AI and deepfake technology have given cybercriminals a massive advantage—but they haven’t changed one fundamental fact: scams still rely on people being too rushed, too stressed, or too trusting to question what’s happening.
As Chad Cragle, CISO at Deepwatch, puts it, “Cybersecurity must be a year-round habit.” It’s not just about installing software or setting strong passwords; it’s about making smart decisions every single day.
Tax season shouldn’t be a time of fear and uncertainty. It should be about wrapping up the year and moving forward. But staying ahead of cybercriminals requires vigilance. “There are no IRS emergencies,” says Winkler. “Contact the IRS directly, or go through your tax preparer. It really is that simple.”
If it feels rushed, urgent, or just a little too good to be true—step back. Take a breath. And remember: the best refund is the one you actually get to keep.
