Scam (or phishing) messages often seem credible but have a fraudulent purpose. The sender's aim is to have the recipient do something that is useful to the sender but harmful to the recipient: for example, to open a fraudulent link or attachment or provide personal information, such as credit card details.
You may receive scams, for example
- by email
- through social media channels
- by SMS
- through cloud services
- through mobile payment applications
- by telephone.
The sender's address often looks reliable. The sender may appear to be a telephone operator, an email service, a postal delivery service or an online shop. Also, messages are often camouflaged such that they appear to be sent by a bank or a public authority. Smishing messages may appear to be from the same sender and even be included in the same message chain as genuine text messages.
Typically, a fraudulent message may tell you about a problem relating to your bank account or credit card, or ask you to pick up a package, for example. A standard feature is urgency: the message urges you to act quickly. We recommend that you should destroy the message without opening it. If you have opened the message, do not click on any of the links or attachments. They may contain malware that contaminates your computer. Do not respond to the message, either, or give any personal information.
Note that phone scams are also possible. Telephone numbers can also be faked, and then the call may appear to arrive from a reliable number. Keep in mind that you can always end a suspicious call. If needed, contact the switchboard or customer service and find out whether the call was real or an instance of phishing.
Scam phone calls have been made and scam emails and text messages sent in the Finnish Tax Administration’s name. A scam message may urge you to pay overdue taxes, for example, or inform you of a tax refund that does not exist. In addition, the Tax Administration’s customers have been lured to fake sites through links provided by search engines.
Example of a smishing message
Example of a scam email
Example of a page that opens if you click on a phishing link
Example of a scam site in Google
If you receive a scam message
- Delete the message immediately. Do not open any of the links in the message.
- If you have disclosed your credit card information by mistake, cancel the card immediately either by calling your bank or contacting the company that issued the card.
- If you have disclosed your online banking codes by mistake, call your bank’s service number and ask them to close your codes.
- If you have paid a suspicious payment by mistake, contact your bank immediately.
- Report the scam to the Nation Cyber Security Centre operated by the Finnish Transport and Communications Agency Traficom.
Report the offence to the police
If you have disclosed your credit card information or online banking codes by mistake, you may have been exposed to fraud. First contact your bank and then report the offence to the police. It is also advisable to report attempted fraud to the police. More information on fraud is available on the website of the police.
How to recognise the Tax Administration’s e-service
The Tax Administration’s e-services displaying tax information to taxpayers or asking taxpayers to report such information are always provided on secure connections.
In general, access to our e-services requires identification. Individual taxpayers can identify themselves with their online banking codes, electronic ID cards or mobile certificates at https://tunnistautuminen.suomi.fi/. Corporate taxpayers can identify themselves with Suomi.fi authorisations.
Scam sites do not usually have such identification requirements, or other methods may be used for the purpose, such as credit card numbers. In the most recent scams, the identification page may also look real. It is therefore important that you log in to MyTax only from the Tax Administration's website (www.vero.fi/mytax). Enter the address in the address field yourself. Do not use a search engine to go to MyTax, for example.
Always check that the website address is spelled correctly.
A connection is secure if the website address in the browser’s address bar begins with the prefix https. Usually, you can also see a lock symbol.
Image of the address bar of the vero.fi website in the Chrome browser.
Image of the address bar of the vero.fi website in the Microsoft Edge browser.