The rise of online scams has become a significant concern in recent years, affecting countless individuals. Existing laws and IRS guidelines indicate that victims may be able to claim a theft loss deduction on their income tax returns; however, this process can become complicated when it comes to investments and cryptocurrencies. Regarding cryptocurrencies, the IRS has maintained its stance outlined in Notice 2014-12, which stipulates that losses related to cryptocurrencies are only eligible as capital losses. Since these capital losses can only offset a maximum of $3,000 from ordinary income, this limitation proves to be of little help to many taxpayers, particularly those who have withdrawn funds from tax-deferred retirement accounts.
Recently, however, the IRS released Chief Counsel Memorandum 202511015, which clarifies that certain victims of online scams may claim a theft loss as an itemized deduction. This memorandum provided specific examples of three taxpayers who successfully claimed a theft loss related to the generation of income, thus expanding the scope of eligibility and offering hope to those affected by scams.
The first taxpayer’s experience illustrates a compromised account scam. An impersonator contacted this individual, claiming that their investment account had been breached and that unauthorized attempts to withdraw funds were underway. Following the impersonator’s instructions, the taxpayer set up a new account under the scammer’s control and transferred funds there. Once the taxpayer authorized distributions from their IRA accounts, the impersonator promptly moved the funds to an overseas account, effectively stealing the taxpayer’s money.
The second taxpayer fell victim to a phishing scam. This individual received an email asserting that their retirement accounts had been compromised, featuring a link purportedly designed to restore access. Following the email’s instructions, the taxpayer contacted a so-called fraud specialist, who guided them to click the link. This action allowed the scammer to capture the taxpayer’s login information, leading to unauthorized transfers of funds to an overseas account. Unlike the first taxpayer, this individual did not authorize the transfer, raising questions about liability and recovery.
The third taxpayer was ensnared in a pig-butchering scam, where the scammer initiated contact online. After some discussions, the scammer presented a supposedly lucrative investment opportunity with extraordinary returns through a proprietary investment platform. Trusting the scammer’s claims, the taxpayer downloaded the platform and transferred money into it. Initially, the taxpayer saw a rapid increase in their account balance, prompting additional investments. However, when they tried to withdraw their funds, they were met with demands for extra fees or taxes, raising suspicions. Ultimately, the taxpayer discovered through online research that the investment platform was fraudulent.
The IRS has indicated that the aforementioned taxpayers can take a theft loss deduction corresponding to the amount they lost. Since these thefts were tied to profit-driven transactions, they do not fall under the personal theft limitations established by the Tax Cuts and Jobs Act, thus allowing victims a potential avenue for recovery.
While this guidance is promising, individuals facing an audit will not easily prevail by merely presenting a copy of this memorandum. The document does not address two significant concerns that auditors may scrutinize during their review.
The first concern revolves around whether there is a reasonable chance of recovering the stolen funds. If such a possibility exists, the theft loss cannot be claimed until it is demonstrated that recovery is no longer feasible. Typically, victims of scams have a minimal chance of recuperating their funds, particularly when the perpetrators are located overseas. Filing a police report often proves ineffective, especially if local law enforcement lacks the necessary resources or expertise to handle such cases.
However, if a victim takes legal action through a civil lawsuit against the scammer and other involved parties, such as a bank or cryptocurrency exchange platform, it can be argued that there is a reasonable chance of recovery. Many victims, having learned from their experiences, hesitate to finance a lawsuit without a reasonable assurance of recovery, and most attorneys will not accept cases on a contingency basis without confidence in the likelihood of recovery. Furthermore, as these legal processes can last months or even years, if the taxpayer has income from cashing out investments or retirement accounts, they may find it challenging to claim the theft loss in the same year to offset that income.
The IRS evaluates the specific facts and circumstances surrounding each case to determine the likelihood of recovering stolen funds. Certain events, such as obtaining a prejudgment attachment against the defendant’s assets prior to the resolution of a lawsuit, could demonstrate potential for recovery.
The second issue auditors may consider is whether the scammer violated theft laws in the victim’s state. In many jurisdictions, scammers are deemed to have committed theft by false pretenses, which generally involves three elements: 1) a false statement made by the scammer; 2) the victim’s reliance on that false statement leading to a transfer of money or property; and 3) the scammer’s intent to steal from the victim.
Establishing the specific intent of the scammer can be exceptionally challenging, as they are unlikely to admit to their wrongdoing. Consequently, circumstantial evidence, such as chat records or screenshots from victims of pig-butchering scams showing false gains on the scammer’s investment platform, may be necessary to substantiate claims of intent.
Gaining insight into an auditor’s perspective can be beneficial for taxpayers. They may analyze whether the presented facts indicate a theft or merely a poor investment decision. Taxpayers who have experienced substantial losses may be inclined to argue that a theft occurred to secure more favorable tax implications.
It is worth noting that the IRS memorandum does not address losses stemming from failures in the cryptocurrency market, such as those involving Luna Stablecoin, or exchanges that have declared bankruptcy, including FTX, Celsius, Three Arrows Capital, and Mt. Gox. In some cases, the leaders of these organizations may have committed theft by misusing customer deposits for personal expenses or to pay earlier investors.
This recent IRS guidance should empower taxpayers to feel more confident about claiming a theft loss deduction, provided they meet the outlined requirements. However, attempting to claim a substantial loss could increase their risk of audit, and taxpayers will need to present more than just a copy of the memorandum to substantiate their claims.
On June 26, 2025, as part of Operation Shamrock, I will deliver a presentation detailing how to effectively claim the theft loss and how to minimize the tax consequences associated with withdrawing from investment and tax-deferred accounts in the wake of scams. The goal of Operation Shamrock is to educate the public, foster collective action, and disrupt the networks of transnational organized criminals to prevent further victimization. For further details, please feel free to contact me via email.
Steven Chung is a tax attorney based in Los Angeles, California, specializing in tax planning and resolving tax disputes. He is also particularly sympathetic to individuals burdened with large student loans. You can reach him via email at stevenchungatl@gmail.com. Additionally, connect with him on Twitter (@stevenchung) and on LinkedIn.
For the latest updates in litigation, regulation, and trends in financial services, consider signing up for Finance Docket, a collaboration between Breaking Media publications Above the Law and Dealbreaker.
