Phishing Scams: The One Click That Opens the Door

So far in this series, we’ve talked about scams where people think they’re taking the right steps—protecting accounts or chasing investments—and get scammed in the process. This time, we’re covering a quieter setup with just as much damage: phishing scams.

These usually start with an email that looks official—sometimes from a bank, sometimes a fake tech support person—warning you of suspicious activity and urging you to “log in immediately.”

In the IRS example, a taxpayer clicked the link, logged in to what they thought was their investment account, and unknowingly gave the scammer access to everything. By the next day, their retirement and brokerage accounts were drained and wired overseas.

Here’s the nuance: the taxpayer didn’t authorize the withdrawals, but the stolen property (investments) was part of accounts built for long-term growth. That profit motive is what qualifies the loss for a tax deduction under §165(c)(2).

Bottom line for taxes:

• If the investments were made with the intent to grow income, and you had no reasonable way to recover the funds, you may be eligible for a deduction.
• But you still owe tax on any retirement account withdrawals, even if the money was stolen.

KRS Tip: Never click on links in emails claiming to be from your financial institution. Instead, open a fresh browser and go directly to the institution’s site. Better yet—call your advisor.

Next in the series: the romance scam—how personal connections turn into financial disaster.

Source: IRS Memorandum #202511015, Allowance of Theft Losses for Victims of Scams Under I.R.C. Section 165, 3/14/202