A few notes on scam messages

Typical fraudulent messages (or phishing messages) you and many other users receive are: the many e-mails that arrive to your e-mail address, the spam or scam messages you see in your social media accounts, and the some unwanted text messages on your phone. The messages may promise to pay you money or frighten you with severe consequences if you do not do as the message says. The fraudster's goal is to send you a message that you will respond to by disclosing your online banking codes or credit card details.

Some fraudsters have not hesitated to use the Finnish Tax Administration – Verohallinto – Skatteförvaltningen name as the "sender". For example, some message texts that are fraudulent have talked about a tax refund that could supposedly be paid to you.

If a scam message arrives in your Inbox

  • We recommend that you delete the message immediately. Do not click open any of the links.
  • If, by mistake, you disclose your credit card information, you must have the card cancelled. Either call your bank or contact the company that issued the card.
  • If, by mistake, you disclose your e-bank codes, call the service number specified by your bank and have the codes cancelled.

It is normal to receive automatic notices from the Tax Administration's electronically provided services, for example, from MyTax. You may get them by e-mail and as text messages. 

However, the Tax Administration never asks for your personal information, such as your user ID, password, bank account information or personal ID, by e-mail or text message. We never ask any information about the taxpayer's bank codes or cards by phone or email or in any other way.

How to tell that an incoming message is an authentic message from the Tax Administration?

  • The Tax Administration never asks about taxpayers credit card information or about their online banking. The Tax Administration would have no use for that information.
  • Also, the Tax Administration never sends taxpayers e-mail that would contain their notice of assessment or any comparable tax information.
    • This means that any message that purports containing a tax decision cannot be real.
    • Similarly, the Tax Administration never sends e-mail that would contain a request to send us a bank account number.
  • A further tip is to look at the appearance, layout and language of the message in your Inbox. They are usually not up to standard.

How to recognize an e-service of the Tax Administration?

All our e-services that display amounts of money or involve taxpayers' input of numbers, values of money, for tax data are set up over a secure online connection.

  • You cannot access an e-Service without signing in securely. If you are an individual taxpayer, you sign in with your bank codes or with a microchip identity card. If you represent a corporate taxpayer, you sign in with a Katso ID and password.
  • Fraudulent sites have no secure login features and often they may ask you to enter your credit card number or PayPal password to sign in.
  • An indication of a secure internet connection is that you see the letters 'https' on the URL (address) line on the top of your browser window. Usually you can also see a padlock symbol.

    The URL address line of the tax.fi website, from a Chrome browser session.

    The URL address line of the tax.fi website, from an Internet Explorer session.

More information on the security of visitors to tax.fi

If you think there might be an information security problem in the Finnish Tax Administration's website and e-services or if you receive a scam message sent in the name of the Tax Administration, please phone us on 029 512 000 or +358 29 512 000 to let us know. Standard call rates apply.