Scam messages have been sent out in the Tax Administration’s name. Read more about scams.

Security of the Tax Administration's website

When you use the Tax Administration's website, you remain anonymous. We do not collect user data that would allow us to identify anyone among the users of our website.

Individual taxpayers and corporate taxpayers cannot deal with their taxes via our e-service unless they log in. You log in to these services with your personal e-bank codes or through When you are done, you should remember to log out and, if necessary, clear the browser's memory cache. E-services and more information about how to log in

Secure network access

Our e-services are protected by TSL encryption (Transport Layer Security). This encryption is automatically enabled when you are having a session in our e-services. It protects data communications so that outsiders cannot view your data transmitted over the connection. You can tell the connection is secure when the padlock icon appears on your browser near the address bar (in most browsers). However, even if the padlock is there, we still recommend that you re-check the e-service website address.

Please handle your personal tax information only in our e-services. Other communication channels – such as e-mail and the social media – are not protected, so do not use them to send us your tax or personal information.

Make sure your computer is safe

Keep your computer protected. Make sure that your computer has

  • Data security software, properly updated
  • A firewall
  • Antivirus software

If the computer workstation you use is a shared one – for example, in a library – make sure you clear the memory cache when you are done. Follow the instructions of your browser. If you use our e-services in a public place with your laptop or other portable device, make sure other people cannot view your information.

Further information about safe use of devices is available on the website of the Finnish Communications Regulatory Authority.

Watch out for scams

The Tax Administration never asks your personal information, such as your user ID, password, bank account information or personal ID, by e-mail or text message. We never ask any information about the taxpayer's bank codes or card details by phone or email or in any other way.

Fraudulent messages (or phishing messages)

Fraudulent messages often have a credible appearance. However, the message can actually be quite harmful. The sender's scheme is to have the recipient do something useful for the sender, which for you, the recipient, is not useful at all: the message prompts you to click on its links or attachments or to provide some personal information such as credit card numbers, etc.

At the same time, the sender's e-mail address often looks reliable. The fraudsters know how to modify a "from" address to make it look less suspicious. Accordingly, the message looks like it came from a telephone operator, from an e-mail service provider, from a delivery service, a webstore or a grocery store. Messages sometimes masquerade as coming from your bank or from a public authority.

Fraudulent messages are in circulation by e-mail or as messages in social media, as text messages, and as instant messages. Some messages may promise that you receive a prize. Others tell you to pick up a package of goods. A standard scheme is urgency: the recipient is prompted to act quickly.

We recommend that you just destroy such a message without opening it. If you open the message, we recommend that you take care not to click on any of the links and attachments on it. They may contain malware that contaminates your computer.

If, by mistake, you disclose your

  • Card information, you must have the card cancelled. Either call your bank or contact the company that issued the card
  • Your online bank codes, call the service number specified by your bank and have the codes cancelled

Do not hesitate to contact the police if it seems necessary to do so.

Read more about scam messages

Facts about malware programs

Viruses, spy software and cyber blackmail software are common examples of malicious software, often referred to as malware. Malware may enter your computer when you open a message and click on a link in it. Please avoid opening any attachment files and links you are not sure of.

Some messages that have been in circulation promise the user that the malware will be removed if the user pays an amount of money. We do not recommend paying. After the user has paid the money, no guarantee is given that the lost files would be restored to the computer’s hard disk. For this reason, it is important to back up all the data you want to save – and store it in another device or on the cloud.

If you suspect that you have malware on your computer, disconnect the computer from the network. Malware is often difficult to remove and you cannot be sure it has been fully removed.

More information and guidance on data security is available on the website of the Finnish Communications Regulatory Authority.

Perhaps you noticed a security issue?

If you think there might be an information security problem in the Finnish Tax Administration's website and e-services or if you receive a scam message sent in the name of the Tax Administration, please phone us on 029 512 000 or +358 29 512 000 to let us know. Standard call rates apply.

Page last updated 7/14/2021