Report fake IRS, Treasury or tax-related emails and messages

Report suspicious IRS, Treasury and tax-related emails, texts, social media accounts, phone calls and letters. You can help shut down scams and phishing attacks that trick people into sharing personal information online.

How you report depends on the contact:

If your money or identity was stolen: Report the fake message and follow the steps if you were scammed.

Report a fake message from another federal agency.

Email

Inform us if you get a suspicious email:

We never email without your permission. If you get a suspicious email, follow these steps:

  1. Don’t reply, click links or open attachments
  2. Send the email to phishing@irs.gov. Subject line: IRS or Treasury. Use one of these options:
    • Save the email as a file, then send it as an attachment
    • Select ‘Forward as attachment’ if your email provider has this option
    • Get the email header and send it to us
    • Forward the email. Note: this strips important data to identify and stop the scammer
  3. Report it to Treasury Inspector General for Tax Administration (TIGTA)
  4. Delete the email

You can also report to the Federal Trade Commission.

If your business received a phishing email attempting to steal Form W-2 data, take these steps:

If you replied and sent W-2 information

Report the data loss and the scam to us. Don’t attach any employee personally identifiable information. Follow these steps:

  1. Email dataloss@irs.gov. Enter “W-2 data loss” in the subject line and include:
    • Business name
    • Business employer identification number (EIN) related to the data loss
    • Contact name
    • Contact phone number
    • Summary of how the data loss occurred
    • Volume of employees impacted
  2. Report to phishing@irs.gov. Enter “W-2 scam” in the subject line and clarify you were a victim. Send the phishing email one of these ways:
    • Save the email as a file, then send it as an attachment
    • Select ‘Forward as attachment’ if your email provider has this option
    • Get the email header and send it to us
    • Forward the email. Note: this strips important data to identify and stop the scammer.

Form W-2/SSN data theft: Information for businesses and payroll service providers

If you didn’t reply

Send the W-2 email to phishing@irs.gov. Subject line: W-2 scam. Use one of these options:

  • Save the email as a file, then send it as an attachment
  • Select ‘Forward as attachment’ if your email provider has this option
  • Get the email header and send it to us
  • Forward the email. Note: this strips important data to identify and stop the scammer

You can also report to the Internet Crime Complaint Center.

If you’re a tax professional who received a phishing email, follow steps depending on what happened:

Data breach

If you had a security or data breach, contact your stakeholder liaison.

Data theft information for tax professionals

Identity theft information for tax professionals

Targeted phishing email

If you get a suspicious email, such as a new client email or EFIN scam email:

  1. Don't reply, click links or open attachments
  2. Send the email to phishing@irs.gov. Subject line: Spearphishing. Use one of these options:
    • Save the email as a file, then send it as an attachment
    • Select ‘Forward as attachment’ if your email provider has this option
    • Get the email header and send it to us
    • Forward the email. Note: this strips important data to identify and stop the scammer
  3. Report it to Treasury Inspector General for Tax Administration (TIGTA)
  4. Delete the email

You can also report to:

If you get an email about an investment or stock purchase involving advance fees, penalties, taxes or suspicious IRS or Treasury documents, report it.

If you’re a U.S. citizen:

  1. Don’t reply, click links or open attachments
  2. Send the email to phishing@irs.gov. Subject line: Stock. Use one of these options:
    • Save the email as a file, then send it as an attachment
    • Select ‘Forward as attachment’ if your email provider has this option
    • Get the email header and send it to us
    • Forward the email. Note: this strips important data to identify and stop the scammer
  3. Submit a tip or complaint to the U.S. Securities and Exchange Commission
  4. Delete the email
  5. Get identity theft help if your personal information was stolen

If you’re not a U.S. citizen and reside outside the United States:

  1. Don’t reply, click links or open attachments
  2. ​​​​Send the email to phishing@irs.gov. Subject line: Stock. Use one of these options:
    • Save the email as a file, then send it as an attachment
    • Select ‘Forward as attachment’ if your email provider has this option
    • Get the email header and send it to us
    • Forward the email. Note: this strips important data to identify and stop the scammer
  3. Submit a tip or complaint with the U.S. Securities and Exchange Commission.
  4. File a complaint with your country’s securities regulator
  5. If your money or identity was stolen, report to econsumer.gov

Social media

We never send direct messages by social media.

If you received a social media message from an account that claims to be the IRS:

  1. Report it to the social media provider
  2. Send the full URL of the social media account to phishing@irs.gov. Subject: Social media.
  3. Consider reporting it to:

Follow our social media accounts

IRS warning against taking social media tax advice

Text message

We don’t send text messages without your permission.

If you get a suspicious IRS or Treasury Department text message:

  1. Don't reply, click links or open attachments. 
  2. Send this information to phishing@irs.gov with the subject line “Text”:
    • Sender’s phone number and text message contents
    • Recipient’s phone number
    • Date, time and time zone received
  3. Delete the original text

You can also:

  • Forward the text to 7726 (SPAM). This helps your wireless provider spot and block similar messages.
  • Report it to the Federal Trade Commission. They’ll share your report with law enforcement.

Video: How to avoid IRS text message scams

Website

Employer identification number (EIN)

If a website charges you for an EIN:

You can get an EIN for free from the IRS.

Phone

IRS-related calls

We never call to demand payment now, threaten arrest or inform you of a refund. How to know it’s the IRS.

If you get a suspicious IRS-related call, record the number and hang up.

Report to the Treasury Inspector General for Tax Administration (TIGTA) Hotline or call 800-366-4484.

Tax debt relief calls

If you get a suspicious call about tax debt relief, record the number and hang up. Report it to:

Get help with tax debt

Mail

IRS and tax-related letters

If you get a letter claiming to be the IRS, verify it’s us. Search IRS notices and letters.

You can sign up to get notices in your IRS account.

If you get a letter about an unclaimed refund, tax lien, tax debt relief or other scam, report to:

You can also contact the office of consumer protection with your state attorney general.

The Federal Trade Commission provides guidance for reducing junk mail.

Private debt collection letters

We use private debt collection agencies for certain outstanding tax debts. We notify you by mail before the agency sends a letter. Know how it works.

Fax

Form W8-BEN

If you receive a suspicious fax, email or letter about Form W8-BEN, Certificate of Foreign Status of Beneficial Owner for United States Tax Withholding and Reporting (Individuals):

  1. Report to phishing@irs.gov. Subject line: W8-BEN.
  2. If the suspicious message is an email, use one of these options:
    • Save the email as a file, then send it as an attachment
    • Select ‘Forward as attachment’ if your email provider has this option
    • Get the email header and send it to us
    • Forward the email. Note: this strips important data to identify and stop the scammer
  3. Report to Treasury Inspector General for Tax Administration (TIGTA)

EFIN

If you’re a tax professional who received a suspicious email requesting that you fax your EFIN information:

  1. Report data theft as soon as possible to your stakeholder liaison.
  2. Report the fax to:

Don’t use IRS in phishing exercises

We don’t grant permission to use IRS or its logo in phishing exercises. This includes any colorable imitation (example: lRS, 1rs, etc.).

Related

 

Avoid Phishing Emails

Transcript  ASL

Page Last Reviewed or Updated: 21-Oct-2025