Cases of online scams have been rising in recent years. While existing laws and IRS guidance suggest that victims can take a theft loss deduction on their income tax returns, it can get murky when investments and cryptocurrencies are involved. In the case of the latter, the IRS generally stuck with their position on Notice 2014-12 which states that any cryptocurrency related losses can only be eligible for a capital loss. Since capital losses can only offset up to $3,000 of ordinary income, it is of limited use to taxpayers, especially if they withdrew money from their tax-deferred retirement accounts.

Fortunately, a few months ago, the IRS issued Chief Counsel Memorandum 202511015 which stated that certain online scam victims can claim a theft loss as an itemized deduction. The memo gave examples of three scammed taxpayers who are eligible to claim a theft loss connected to the production of income.

The first taxpayer was the victim of a compromised account scam where an impersonator contacted the taxpayer and told him that his investment account has been compromised and attempts were made to withdraw funds from the account. The impersonator told the taxpayer to set up a new account controlled by the impersonator and transfer the money there. The taxpayer authorized distribution from IRA accounts and to transfer the distributed funds to the new account created by the scammer. After the taxpayer makes the transfer, the impersonator transfers the money to an overseas account.

The second taxpayer was a victim of a phishing scam. This taxpayer received an email that stated that his retirement accounts have been compromised. The email contained a link which would supposedly restore his account and provided a phone number to a so-called fraud specialist. The taxpayer contacted the fraud specialist who then instructed the taxpayer to click on the link. By doing so, the scammer was able to obtain the taxpayer’s login information to his retirement accounts and used it to transfer the funds to an overseas account. While the facts are similar to the first taxpayer, the second taxpayer did not authorize the scammer to transfer the taxpayer’s funds to the overseas account.

The third taxpayer is a victim of the pig-butchering scam. The taxpayer was contacted by someone online. After some conversation, the scammer told the taxpayer about a secret investment opportunity that has better-than-market-rate returns using a proprietary investment platform. The taxpayer relying on the scammer’s rate of return installed the investment platform to his phone and then transferred money into this platform. Soon after transferring the money, his account balance grew immensely and the taxpayer added even more money. At some point, the taxpayer attempted to withdraw the money but was unable to do so unless he paid additional fees or taxes to the platform. The taxpayer became suspicious and through an online search learned that the investment platform was fake.

The IRS stated that the three taxpayers mentioned above can take a theft loss deduction for the amount of money they lost. Also, since their theft was connected to a transaction entered into for profit, it is not considered a personal theft and thus not subject to the limitations imposed due to the Tax Cuts and Jobs Act.

While this is good news, those who are being audited will not win on this issue simply by sending a copy of this memo to the auditor. This is because the memorandum does not address two issues that might be scrutinized by tax auditors.

The first issue is whether there is a reasonable chance of recovery of the stolen funds. If there is a chance of recovery, the theft loss cannot be claimed until something happens to show that there is no longer a chance of recovery. In most cases, scam victims have a low chance of getting their money back, usually because the scammers are located overseas. Even filing a police report will not help, especially if the local agency does not have the adequate expertise or resources.

But if a victim files a civil lawsuit against the scammer and other parties, such as a bank or  cryptocurrency exchange platform, it is arguable that there is reasonable chance of recovery. Most scam victims having learned their lesson don’t want to pay for a lawsuit unless they are guaranteed to recover. And most attorneys will not take a case on contingency unless they are reasonably certain to recover. As these lawsuits tend to take months or years to settle, if the taxpayer has income from cashing out investments or retirement accounts, they may not be able to claim the theft loss on the same year to offset that income.

The IRS will look at the facts and circumstances of each case to see whether there is a reasonable chance to recover the stolen funds. However, certain events could show possible recovery, such as obtaining a prejudgment attachment against the defendant’s assets before a lawsuit is concluded.

The second issue is whether the scammer violated the theft laws in the state where the victim lived. In most states, scammers have committed theft by false pretenses. The elements usually are 1) a false statement made by the scammer; 2) transfer of money or property in reliance of the scammer’s false statements; and 3) the scammer had the specific intent to steal from the victim.

Proving specific intent will be the most difficult because in most cases, the scammer will not admit to stealing from the victim. Instead, circumstantial evidence will be needed to prove intent. This includes chat records, and in the case of pig butchering scam victims, screenshots of the scammer’s so-called investment platform showing fake gains.

Considering the tax auditor’s perspective might help. He or she might analyze whether the facts show a theft or simply a bad investment. A taxpayer who lost a large chunk of their investment will be inclined to argue there was a theft in order to get better tax benefits.  

One final note about the IRS memo is that it does not address those who lost money due to cryptocurrency failures (such as the Luna Stablecoin) and exchanges that have gone bankrupt such as FTX, Celsius, Three Arrows Capital, and Mt. Gox, to name a few. Some of the masterminds of these organizations have arguably committed theft by using customer deposit funds for lavish personal expenses or to pay early investors.

This recent IRS guidance should make taxpayers feel more comfortable about taking the theft loss deduction so long as the requirements are met. However, claiming a large loss can increase their chance of an audit and taxpayers will need to show more than a copy of this memo to prove their case.

On June 26, 2025, in coordination with Operation Shamrock, I will be giving a presentation explaining how to claim the theft loss and how to mitigate the tax consequences of withdrawing from investment and tax-deferred accounts due to scams. Operation Shamrock’s goal is to educate the public, mobilize collective action, and disrupt the operations networks of transnational organized criminals to prevent further harm. Please email me for more details.

Steven Chung is a tax attorney in Los Angeles, California. He helps people with basic tax planning and resolve tax disputes. He is also sympathetic to people with large student loans. He can be reached via email at [email protected]. Or you can connect with him on Twitter (@stevenchung) and connect with him on LinkedIn.



Source link