The tax agency wants small and medium-sized business (SMB) owners to know that criminals are increasingly targeting entrepreneurs, independent contractors and startups with schemes designed to steal data, trigger fraudulent refunds or push illegitimate tax credits.
What has changed is not simply the volume of fraud, but its structure. The modern scam ecosystem has shifted from opportunistic, low-effort schemes into a layered, technology-enabled industry that mirrors legitimate business practices.
For small businesses, this means exposure is no longer limited to tax filing errors or questionable deductions. It extends to operational vulnerabilities embedded in payroll systems, vendor relationships and internal communications.
Read more: Middle East Conflict Raises Cyber Risk for Businesses
From Opportunistic Fraud to Engineered Deception
Unlike large enterprises, which often have dedicated compliance teams and formalized controls, small businesses rely on a small number of individuals to manage finance, HR and operations. This concentration of responsibility creates single points of failure. A compromised email account or a single erroneous decision can have outsized consequences.
Advertisement: Scroll to Continue
There is also an asymmetry of expertise. Tax regulations are inherently complex, and many business owners depend on external advisors. This reliance creates opportunities for impersonation and misinformation, especially when communication channels are not tightly controlled.
Key takeaways from the 2026 IRS Dirty Dozen List reveal that SMBs should:
- Expect more phishing targeting business finances
Emails impersonating the IRS, payroll providers, or banks often aim to capture employee tax records or payment details.
- Watch for bogus tax credit promoters
Scams tied to credits like the Employee Retention Credit (ERC) or fuel tax credits remain a major enforcement priority.
- Guard payroll and contractor records
W-2 and 1099 data are prime targets for identity theft and fraudulent filings.
- Be skeptical of “too good to be true” tax strategies
Promoters marketing obscure deductions or trusts often leave business owners liable for penalties.
- Train staff to spot scams
Finance and HR teams are frequent entry points for fraud attempts.
Research by PYMNTS Intelligence shows that accounts payable (AP) departments have become major targets for these advanced fraud techniques, with 68% of organizations encountering at least one fraud attempt last year. AP fraud manifests in various forms, including phishing attacks, account takeovers and invoice fraud.
We’d love to be your preferred source for news.
Please add us to your preferred sources list so our news, data and interviews show up in your feed. Thanks!
“If you think about the blind spots for companies, it’s often very hard to figure out exactly their digital footprint in the modern age,” Johan Gerber, executive vice president of security solutions at Mastercard, told PYMNTS. “And if CISOs can’t see these things, they can’t protect [their organizations].”
See also: From Faked Invoices to Faked Executives, GenAI Has Transformed Fraud
Navigating a More Professionalized Threat Environment
Scammers are adopting advanced technologies, refining their targeting strategies, diversifying their revenue models, and expanding their distribution channels. They are, in many respects, operating like sophisticated service providers.
Advances in generative artificial intelligence (AI) have fundamentally altered the risk profile. Fraudulent communications now replicate the tone, formatting, and cadence of legitimate institutions, meaning that emails that once contained obvious red flags like misspellings, generic greetings and inconsistent branding are now becoming indistinguishable from authentic correspondence, at least at first glance.
Potentially more concerning, scammers are beginning to integrate voice cloning and synthetic media, allowing them to impersonate tax professionals, financial advisors or even internal executives.
“When you can do fake face, voice and normal behavior in one motion, it tests the processes and can expose gaps in many organizations’ defenses,” Zac Cohen, chief product officer at Trulioo, told PYMNTS during a discussion for the March edition of the “What’s Next In Payments” series, “How Will AI Change Identity?”
“Point solutions will always fail against a multidimensional attack,” Cohen said.
For small businesses, the challenge is no longer confined to securing email and payroll systems. It can require a broader awareness of how information flows across platforms and how trust is established in each. The takeaway is not simply to be more cautious, but to be more systematic. The question is no longer whether a scam attempt will occur, but whether existing processes are designed to withstand one.
Fortunately, SMBs can increasingly leverage the same AI-powered capabilities that the fraudsters have access to. Research from the PYMNTS Intelligence report “The AI MonitorEdge Report: COOs Leverage GenAI to Reduce Data Security Losses” showed that 55% of companies are employing AI-powered cybersecurity measures.
Add as Preferred Source
