The IRS “Dirty Dozen”: What CPA Firms Should Be Warning Clients About in 2026

By Yiddy Lemmer, CEO – CompuConnect, Inc.

Every year, the IRS releases its “Dirty Dozen” list to spotlight the most common scams targeting taxpayers, businesses, and financial professionals.

For CPA firms, this is not just another government warning. It is a practical reminder that protecting clients now goes far beyond preparing returns and meeting deadlines. Many of the biggest risks facing clients today happen outside the tax return itself, through email, text messages, fake payment requests, login theft, and increasingly sophisticated impersonation scams.

At CompuConnect, we work with CPA firms across Brooklyn, Manhattan, New York City, Brick, South Jersey, and the Tri-State Area, and we see the same issue again and again: clients assume financial threats will be caught at the accounting level, but many scams happen much earlier, before anything ever reaches the books.

That is what makes these scams so dangerous. They are built to look familiar, feel urgent, and catch people off guard.

Why These Scams Still Work

Most IRS-related scams do not succeed because they are technically advanced. They succeed because they are believable.

A message looks official. A request feels urgent. A caller sounds convincing. A client or employee reacts quickly before stopping to verify what they are seeing.

That pattern continues to drive many of the most successful scams affecting CPA firms and their clients, including:

• IRS impersonation
• phishing emails and text messages
• urgent requests for payment
• fake refund or tax-credit notices
• attempts to collect financial or personal information
• messages that appear to come from trusted professionals

Now, with AI-generated messages and voice impersonation becoming more realistic, these scams are getting even harder to identify. That means CPA firms need more than awareness. They need stronger processes, more secure systems, and a proactive IT and cybersecurity strategy that supports the work they do every day.

The Most Common “Dirty Dozen” Scam Types to Watch in 2026

While the IRS updates its warnings each year, several scam categories remain consistent because they continue to be effective.

1. Phishing and Smishing Attacks

These remain some of the most common threats facing businesses and individuals.

Scammers send emails or text messages that appear to come from the IRS, tax software providers, financial institutions, or other trusted sources. The goal is usually to trick the recipient into clicking a link, giving up login credentials, downloading malware, or sharing sensitive information.

Clients may receive messages about:

• tax account issues
• refund updates
• identity verification
• urgent notices requiring immediate action

For CPA firms, this matters because clients may turn to you after the damage is already done. In some cases, the scam may even appear to come from your firm.

2. IRS Impersonation Scams

These scams are designed to pressure people into acting fast.

A fraudster poses as an IRS representative and demands immediate payment, often threatening legal action, penalties, or enforcement. They may request unusual forms of payment such as wire transfers, gift cards, or cryptocurrency.

Even now, these scams still work because fear overrides judgment. A stressed business owner or individual taxpayer may act before verifying whether the request is legitimate.

3. Business Email Compromise

This is one of the most disruptive scams for CPA firms and their clients.

An attacker impersonates someone familiar, such as:

• a client
• a business owner
• a partner
• a payroll contact
• a vendor
• someone from leadership

The request may involve updated banking details, a wire transfer, sensitive tax documents, or financial account information. Because the message looks routine, it may not raise immediate concern.

For firms handling confidential financial data every day, this is where strong email security, access controls, and verification processes become essential.

4. Fake Charities

These scams often increase after natural disasters, public emergencies, or high-profile news events.

Fraudsters create fake charitable organizations with names that sound credible and then solicit donations from people who want to help. Clients may believe they are giving to a real cause when they are actually sending money to a scammer.

CPA firms are often asked for guidance around charitable giving, which makes this another area where proactive client education matters.

5. Employee Retention Credit and Tax Credit Scams

The IRS has repeatedly warned businesses about misleading promotions tied to tax credits and refund opportunities.

These schemes often promise:

• large refunds
• guaranteed eligibility
• quick approvals
• minimal documentation

Clients may come to their accountant convinced they qualify because of something they heard from a third party, a marketing email, or a social media ad. That creates additional pressure on CPA firms to correct misinformation before it becomes a filing issue, audit risk, or penalty.

6. Social Media Tax Advice

This has become a growing source of confusion for both businesses and tax professionals.

Short-form videos and viral posts often promote questionable deductions, misuse of credits, or overly simplified tax strategies that leave out the real legal and financial context. Clients may then approach their CPA firm asking to implement something they “saw online.”

The problem is not just bad information. It is how confidently that bad information is presented.

7. Identity Theft and Account Takeovers

Cybercriminals do not just target taxpayers. They target CPA firms directly.

If attackers gain access to email accounts, tax portals, business systems, or client records, they may be able to:

• steal confidential data
• redirect refunds
• file fraudulent returns
• impersonate the firm
• compromise client trust

This is where cybersecurity for CPA firms becomes a business issue, not just a technical one. When client information is at stake, the impact is operational, financial, and reputational.

8. AI-Driven Scams

This is one of the fastest-growing risks heading into 2026.

Scammers are increasingly using AI to generate more realistic emails, more natural language, and even voice calls that sound like trusted people. A client or staff member may receive a message that seems to come from a known contact, a colleague, or even a leader inside the firm.

These scams are harder to spot because they sound more polished and less obviously suspicious than traditional phishing attempts.

For CPA firms, this raises the bar. It is no longer enough to look for bad spelling or strange formatting. Security now depends on layered protection, better monitoring, and clearer internal verification practices.

Where CPA Firms Are Most Vulnerable

The issue is usually not a complete lack of tools. More often, it is a lack of visibility, consistency, and structure.

We often see CPA firms dealing with gaps like:

• email systems without advanced phishing protection
• weak or inconsistent password and account security
• no formal process for verifying sensitive requests
• outdated access permissions
• limited monitoring for unusual login behavior
• staff uncertainty around suspicious emails or messages
• fragmented IT support that reacts after issues occur

Each of these may seem manageable on its own. Together, they create more exposure than many firms realize.

This is especially important for accounting firms that want reliable IT support, stronger cybersecurity, and a more proactive managed services provider relationship rather than reactive, break-fix support.

What CPA Firms Should Be Doing Now

The goal is not to turn your firm into a cybersecurity company.

The goal is to make your environment harder to exploit and easier to manage.

That means taking practical steps like:

• strengthening email and phishing protection
• improving account security and access controls
• verifying all financial and data-related requests
• monitoring systems for suspicious activity
• reviewing how client data is stored and accessed
• training staff to recognize warning signs
• keeping systems updated and maintained

Most importantly, it means treating cybersecurity as part of your firm’s daily business operations, not something that only gets attention during tax season or after an incident.

For CPA firms, that kind of consistency is what helps reduce disruption, protect client confidence, and keep the business running smoothly.

How CompuConnect Helps CPA Firms Stay Protected

At CompuConnect, we help CPA firms build a stronger IT and cybersecurity foundation so they can operate with more confidence and less risk.

We understand that accounting firms need more than generic IT support. They need a responsive, knowledgeable partner who understands the importance of secure client communication, reliable systems, and practical protection that supports everyday work without slowing the business down.

Our team helps CPA firms with:

• proactive managed IT services
• cybersecurity support and layered protection
• email and phishing defense
• secure access to client systems and data
• account security and access control review
• ongoing monitoring and maintenance
• real live human support when something needs attention
• strategic guidance that helps firms stay ahead of issues

This is where CompuConnect stands apart.

We do not wait for problems to escalate. We help firms create a more stable, secure, and predictable IT environment that supports long-term productivity and client trust. For CPA firms in Brooklyn, Manhattan, New York City, Brick, South Jersey, and across the Tri-State Area, that means having a managed IT and cybersecurity partner who understands both the operational side of the business and the security challenges that come with it.

Why This Matters for Client Trust

CPA firms are built on trust.

Clients trust you with sensitive financial information, personal records, deadlines, and important decisions. When scams become more believable and cyber threats become more polished, that trust depends not just on expertise, but on the systems and safeguards supporting your firm behind the scenes.

The stronger your email security, access controls, monitoring, and internal processes are, the better positioned your firm is to protect that trust.

This is why proactive business IT support and cybersecurity matter so much in the accounting space. They support not only your operations, but your client relationships as well.

The Key Takeaway

The IRS Dirty Dozen is not just a list of scams. It is a reminder that fraud continues to evolve, and that even small gaps in awareness, process, or protection can create serious consequences for CPA firms and the clients they serve.

For accounting firms, client protection now goes beyond the return itself. It also means making sure your firm’s technology, communication channels, access controls, and security practices are strong enough to support the work you do every day.

If your firm is not fully confident in how protected your systems, email, client data, and user access really are, now is the right time to take a closer look.

Schedule a discovery call with us to talk through your current IT environment, your cybersecurity concerns, and practical ways to reduce risk while keeping your firm secure, productive, and client-ready.