The Business & Technology Network
Helping Business Interpret and Use Technology
Home
Newswire > IRS Warns of Most Dangerous 2026 Tax Scams Targeting SMBs
IRS Warns of Most Dangerous 2026 Tax Scams Targeting SMBs
«  

March

  »
S M T W T F S
1
 
2
 
3
 
4
 
5
 
6
 
7
 
8
 
9
 
10
 
11
 
12
 
13
 
14
 
15
 
16
 
17
 
18
 
19
 
20
 
21
 
22
 
23
 
24
 
25
 
26
 
27
 
28
 
29
 
30
 
31
 
 
 
 
 

IRS Warns of Most Dangerous 2026 Tax Scams Targeting SMBs

Tags: digital finance media revenue technology
DATE POSTED:March 17, 2026
PYMNTS.com
Original article

The “Dirty Dozen” list of tax scams released by the IRS this year reads less like a seasonal advisory and more like a snapshot of a rapidly professionalizing fraud economy.

The tax agency wants small and medium-sized business (SMB) owners to know that criminals are increasingly targeting entrepreneurs, independent contractors and startups with schemes designed to steal data, trigger fraudulent refunds or push illegitimate tax credits.

What has changed is not simply the volume of fraud, but its structure. The modern scam ecosystem has shifted from opportunistic, low-effort schemes into a layered, technology-enabled industry that mirrors legitimate business practices.

For small businesses, this means exposure is no longer limited to tax filing errors or questionable deductions. It extends to operational vulnerabilities embedded in payroll systems, vendor relationships and internal communications.

Read more: Middle East Conflict Raises Cyber Risk for Businesses 

From Opportunistic Fraud to Engineered Deception

Unlike large enterprises, which often have dedicated compliance teams and formalized controls, small businesses rely on a small number of individuals to manage finance, HR and operations. This concentration of responsibility creates single points of failure. A compromised email account or a single erroneous decision can have outsized consequences.

There is also an asymmetry of expertise. Tax regulations are inherently complex, and many business owners depend on external advisors. This reliance creates opportunities for impersonation and misinformation, especially when communication channels are not tightly controlled.

Key takeaways from the 2026 IRS Dirty Dozen List reveal that SMBs should:

  • Expect more phishing targeting business finances
    Emails impersonating the IRS, payroll providers, or banks often aim to capture employee tax records or payment details.
  • Watch for bogus tax credit promoters
    Scams tied to credits like the Employee Retention Credit (ERC) or fuel tax credits remain a major enforcement priority.
  • Guard payroll and contractor records
    W-2 and 1099 data are prime targets for identity theft and fraudulent filings.
  • Be skeptical of “too good to be true” tax strategies
    Promoters marketing obscure deductions or trusts often leave business owners liable for penalties.
  • Train staff to spot scams
    Finance and HR teams are frequent entry points for fraud attempts.

Research by PYMNTS Intelligence shows that accounts payable (AP) departments have become major targets for these advanced fraud techniques, with 68% of organizations encountering at least one fraud attempt last year. AP fraud manifests in various forms, including phishing attacks, account takeovers and invoice fraud.

“If you think about the blind spots for companies, it’s often very hard to figure out exactly their digital footprint in the modern age,” Johan Gerber, executive vice president of security solutions at Mastercard, told PYMNTS. “And if CISOs can’t see these things, they can’t protect [their organizations].”

See also: From Faked Invoices to Faked Executives, GenAI Has Transformed Fraud 

Navigating a More Professionalized Threat Environment

Scammers are adopting advanced technologies, refining their targeting strategies, diversifying their revenue models, and expanding their distribution channels. They are, in many respects, operating like sophisticated service providers.

Advances in generative artificial intelligence (AI) have fundamentally altered the risk profile. Fraudulent communications now replicate the tone, formatting, and cadence of legitimate institutions, meaning that emails that once contained obvious red flags like misspellings, generic greetings and inconsistent branding are now becoming indistinguishable from authentic correspondence, at least at first glance.

Potentially more concerning, scammers are beginning to integrate voice cloning and synthetic media, allowing them to impersonate tax professionals, financial advisors or even internal executives.

“When you can do fake face, voice and normal behavior in one motion, it tests the processes and can expose gaps in many organizations’ defenses,” Zac Cohen, chief product officer at Trulioo, told PYMNTS during a discussion for the March edition of the “What’s Next In Payments” series, “How Will AI Change Identity?”

“Point solutions will always fail against a multidimensional attack,” Cohen said.

For small businesses, the challenge is no longer confined to securing email and payroll systems. It can require a broader awareness of how information flows across platforms and how trust is established in each. The takeaway is not simply to be more cautious, but to be more systematic. The question is no longer whether a scam attempt will occur, but whether existing processes are designed to withstand one.

Fortunately, SMBs can increasingly leverage the same AI-powered capabilities that the fraudsters have access to. Research from the PYMNTS Intelligence report “The AI MonitorEdge Report: COOs Leverage GenAI to Reduce Data Security Losses” showed that 55% of companies are employing AI-powered cybersecurity measures.

The post IRS Warns of Most Dangerous 2026 Tax Scams Targeting SMBs appeared first on PYMNTS.com.

PYMNTS.com
Original article
Tags: digital finance media revenue technology
Newswire > IRS Warns of Most Dangerous 2026 Tax Scams Targeting SMBs

All Rights Reserved. Copyright , Central Coast Communications, Inc.