IRS Dirty Dozen 2026: Tax Scams Targeting Startup Founders

Every spring, the IRS releases its Dirty Dozen list — the worst tax scams targeting taxpayers. Startup founders face unique exposure because they combine complex filings with limited tax expertise and often control both operational and treasury functions.

Key Takeaways

• The IRS Dirty Dozen identifies the worst tax scams each year, with many peaking during filing season when founders hire preparers or claim credits
• Startup founders are prime targets due to complex requirements like foreign ownership forms, payroll credits, and contractor payments
• ERC mills, phishing attacks, and ghost preparers create audit risk, repayment obligations, and potential criminal liability
• Verifying preparer credentials, recognizing urgency tactics, and maintaining systematic filing hygiene reduce fraud exposure
• Non-filing of foreign ownership forms like Form 5471 leaves statute of limitations open indefinitely

What Is the IRS Dirty Dozen and Why Startup Founders Should Care

The IRS Dirty Dozen is an annual list that identifies the worst tax scams targeting taxpayers, particularly during filing season when people prepare their returns or hire tax help. Compiled annually by the IRS, the list warns of schemes designed to steal data, trigger fraudulent refunds, or push illegitimate tax credits — and small and medium-sized business owners, including startup founders, are increasingly targeted by these fraud operations.

The IRS Dirty Dozen: Definition and Historical Patterns

The Dirty Dozen represents the worst of the worst tax scams, listing a variety of common schemes that taxpayers may encounter anytime, though many peak during filing season. At its core, the IRS warns of a consistent pattern: scammers mislead you about tax refunds, credits and payments, then pressure you for personal, financial or employment information or money. IRS impersonators try to look like the agency, threatening arrest or deportation while refusing to let you question or appeal the amount of tax you owe. This playbook — impersonation, urgency, and data theft — recurs across the fraud economy year after year.

Why Early-Stage Founders Are High-Value Targets

Startup founders combine limited tax knowledge with complex filing requirements, foreign ownership structures, payroll tax credits, contractor payment forms, and often act as both taxpayer and treasury controller. The tax agency wants small and medium-sized business owners to know that criminals are increasingly targeting entrepreneurs with schemes designed to steal data, trigger fraudulent refunds or push illegitimate tax credits. Founders without dedicated finance staff rely on external advisors, making them vulnerable to ghost preparers and phishing that exploits gaps in internal controls. The modern scam ecosystem has shifted into a layered, technology-enabled industry, raising the stakes for founders who file complex returns under tight deadlines.

Preview: the 5 Scam Categories Most Relevant to Startups

This article focuses on five fraud patterns the IRS has consistently warned about, adapted to startup contexts:

• Phishing and IRS Impersonation, fake emails, texts, and calls that mimic IRS communications to harvest EINs, bank details, and founder credentials.
• Employee Retention Credit (ERC) Fraud, aggressive promoters filing inflated or fabricated ERC claims for startups that never qualified.
• Identity Theft and Synthetic Business Filings, criminals using stolen founder SSNs to file fraudulent returns or open business accounts.
• Ghost Tax Preparers, unlicensed preparers who file returns without signing, leaving founders liable for errors and penalties.
• Filing-Penalty Traps, schemes that promise penalty abatement or tax relief in exchange for upfront fees, then disappear.

It's important to note that the IRS has not yet published the 2026 Dirty Dozen list, this article provides preventative guidance based on historical patterns the IRS has consistently warned about in prior years. Each of the sections that follow details how these scams operate, what red flags founders should watch for, and how to verify legitimate IRS contact before responding.

Understanding the broad fraud landscape helps founders recognize patterns that appear across multiple scam categories. The following section examines the most common schemes historically targeting business owners.

Common Tax Scams Historically Targeting Business Owners

Phishing and IRS Impersonation Schemes

Scammers send urgent communications by email or text message, often including QR codes and links to fake IRS websites designed to trick victims into verifying accounts or claiming refunds. The IRS reported hundreds of these impersonators last year, many of which installed ransomware or malware on personal devices. Founders managing banking and payroll face high exposure because urgent payment or compliance requests appear credible in fast-moving startup workflows. The IRS never demands immediate payment or threatens arrest by phone or email.

Illustration for: Common Tax Scams Historically Targeting Business Owners

Employee Retention Credit (ERC) Mills and Fraudulent Claims

Promoters persuade ineligible businesses to file for ERC refunds, creating criminal liability and repayment exposure when the IRS audits amended returns. Venture-backed companies filing Form 1120 are particularly vulnerable because aggressive advisors pitch ERC as "free money" without verifying eligibility thresholds. Founders who rush filings during fundraising cycles may sign documents without independent review, leaving the business liable for penalties and interest when the credit is clawed back.

Ghost Preparers and Unlicensed Tax Advisors

Ghost preparers refuse to sign returns or provide Preparer Tax Identification Numbers (PTINs), leaving founders liable for errors and penalties. Automated filing systems like Inkle reduce exposure by ensuring PTIN verification and e-signature trails on every submission. Unlicensed advisors exploit founders who rush filings during fundraising, charging fees while providing no recourse when the IRS rejects or audits the return.

While general business scams affect all taxpayers, startup founders face additional exposure tied to their specific operational structures. Cross-border ownership and payroll credits create attack surfaces that general taxpayers rarely encounter.

Startup-Specific Vulnerabilities: Foreign Ownership and Payroll Credits

Founders operating cross-border startups face fraud exposure that general taxpayers rarely encounter. Abusive tax schemes threaten our tax system's integrity and contribute to the tax gap, the difference between taxes owed and paid. Scammers exploit the complexity of international filing requirements, foreign ownership structures, and pandemic-era payroll credits to target venture-backed companies with aggressive refund claims and filing shortcuts that create audit and repayment risk.

Identity Theft Risks for Founders With Foreign Ownership Structures

Identity-theft risk is amplified by founder workflows. Many founders control treasury accounts, tax filings, and payroll systems with limited segregation of duties. Phishing emails impersonating the IRS or state tax agencies exploit this centralized access, one compromised credential can expose multiple compliance accounts. Founders who manage both U.S. And foreign entities often juggle Employer Identification Numbers, Individual Taxpayer Identification Numbers, and Social Security Numbers across jurisdictions. IRS impersonation scams specifically target these founders with fake notices about "foreign account discrepancies" or "overdue international filings," prompting credential handover or fraudulent wire transfers. When a founder's identity is stolen, attackers can file false Forms 5472, 5471, or FBAR reports, creating compliance chaos and potential penalties.

Payroll Credit Fraud: How ERC Mills Target Venture-Backed Companies

Employee Retention Credit promoters, often called "ERC mills", specifically target startups with aggressive refund claims. These promoters promise five- or six-figure refunds by recharacterizing ordinary payroll as COVID-19-qualified wages, even when the startup never suspended operations or experienced the required revenue decline. Venture-backed companies are particularly vulnerable because their rapid hiring and evolving payroll structures create plausible cover for incorrect claims. The IRS has flagged thousands of improper ERC refunds, and companies that accepted these refunds now face audits, repayment demands, and interest charges. The Dirty Dozen consistently highlights ERC fraud because promoters continue to advertise "last-chance" deadlines and "guaranteed" refunds to startups unaware of the eligibility thresholds.

Filing-Penalty Traps: Form 5472, Form 5471, and FBAR Compliance

Non-filing or incorrect filing of foreign-ownership forms creates penalty exposure and indefinite statute-of-limitations risk. Form 5471's statute of limitations remains open indefinitely if not filed, meaning the IRS can audit and assess additional taxes at any time. Form 5472 must accompany the corporate return, and FBARs must be filed separately through the BSA E-Filing System, not with tax returns, a common filing-error vector. Inkle's Form 5472 compliance automation reduces non-filing risk by generating accurate reports tied to accounting data. Inkle also provides FBAR deadline reminders as part of filing hygiene, helping founders avoid the indefinite-audit trap that comes with missed international disclosures.

Recognizing scam tactics requires understanding both the message content and the sender behavior. The following framework contrasts legitimate IRS communication with phishing red flags.

How to Recognize Phishing and Fraudulent Tax Preparers

Red Flags in IRS Communications: Email, Text, and Phone

Scam communications display characteristic urgency markers. Look for threats of immediate legal action, demands for payment via gift cards or wire transfers, and requests for sensitive data such as PINs, passwords, or Social Security numbers. Legitimate IRS correspondence arrives by postal mail first and does not demand instant payment through untraceable channels. If a message pushes you to act within hours, that alone signals fraud.

How to Verify Legitimate Tax Preparers and Avoid Ghost Preparers

Before engaging a tax professional, verify their Preparer Tax Identification Number (PTIN) through the IRS directory. Confirm they hold current credentials (CPA, Enrolled Agent, or attorney license) and that they will sign your return with their PTIN clearly visible. Ghost preparers refuse to sign or provide identification, leaving you liable for errors. Platforms such as Inkle surface preparer credentials during onboarding, reducing ghost-preparer risk by ensuring compliance checks are automated and transparent.

Using the Startup Scam Exposure Index as a Triage Tool

The four-factor framework below contrasts legitimate IRS behavior with phishing tactics. Use this table to triage suspicious outreach in real time:

It's important to note that if a communication scores high on the scam column across two or more factors, treat it as fraudulent until independently verified through IRS.gov.

Detection alone is insufficient; founders must build proactive defenses. Systematic compliance hygiene and professional oversight provide layered protection against the scams outlined above.

Building a Compliance Defense: Filing Hygiene and Professional Oversight

Prevention Checklist for Early-Stage Company Workflows

Founders can reduce scam exposure by adopting systematic filing hygiene from day one. It's important to note that prevention requires consistent discipline, not one-time fixes.

• Verify preparer credentials, Confirm your tax professional holds a valid PTIN and appears in the IRS preparer directory before granting account access.
• Segregate access, Keep banking, payroll, and tax-account credentials separate; never provide full admin access to any single contractor or vendor.
• Review returns before signing, Read every line of your tax return before e-signing; extensions only extend time to file, not time to pay.
• Monitor IRS transcripts quarterly, Request account transcripts every quarter to catch unauthorized filings or identity theft early.
• File on time, Late filings trigger penalty traps scammers exploit; incorrect or incomplete records can lead to underpayment penalties and interest charges.

The Role of Automated Filing Systems in Reducing Fraud Exposure

Compliance automation provides defense layers manual workflows lack. Inkle generates a tax calendar to keep track of upcoming deadlines, reducing late-filing exposure that scammers exploit. Professional registered agent services include compliance calendars and reminders, ensuring statutory deadlines are visible before penalties accrue. Clean records make an IRS audit process smoother; platforms like Inkle's track every transaction, message, and filing to ensure the highest accuracy, creating audit trails that deter fraudulent preparer activity.

When to Escalate: Reporting Scams and Seeking Professional Help

If you receive a phishing email claiming to be from the IRS, forward it to phishing@irs.gov and delete it. If a preparer has already filed a fraudulent return under your EIN, contact the IRS Identity Protection Specialized Unit at 1-800-908-4490 immediately. Engage a CPA or tax attorney when facing penalties tied to preparer fraud; professionals can file amended returns, request abatement, and represent you before the IRS. Reach out to Inkle's support team if you have additional questions regarding filing.

Conclusion

Manual filing workflows offer more direct control but lack the PTIN verification, deadline reminders, and audit trails that automated compliance platforms provide, Inkle adds value when founders need to reduce ghost-preparer risk and filing-penalty exposure without hiring a full-time tax team. As AI-driven phishing becomes more sophisticated and the IRS increases enforcement around foreign-ownership filings and payroll credits, the gap between proactive compliance and reactive crisis management will only widen for early-stage companies.