The Tax and Customs Authority (AT) warns that fraudulent email and cell phone messages are circulating in the name of the tax authorities demanding tax regularization and announcing the granting of refunds.
In a note published on the Finance Portal, AT says it is “aware that some taxpayers are receiving email messages supposedly coming from AT in which they are asked to click on ‘links’ that are provided”.
In the examples of emails included in the AT notice, it is possible to see that, in one of the messages, the subject is “Documento para regularização 3 IRS 2024” and that the sender identifies himself with the name “Financas Deducao”, with the email “passivosfiscaisgiocondacn@resolucaocidadaosempapel.blog”.
In another example, the IRS reports that the email sent with the subject “Conclusion pending 3 Provisional IR Deductions” is also false, from the email identified with the name “Deductions”, sent from the address “receitapublicajesualdoab@rumolivre.blog”.
In another case, attackers entice recipients to click on a ‘link’ where they must provide bank details, to receive a supposed “tax refund” in their favor, the payment of which is supposedly pending.
AT emphasizes that “these messages are false and should be ignored”, because “their objective is to convince the recipient to access malicious pages carrying the suggested ‘links’ or to make improper payments”.
“Under no circumstances should you carry out these operations”, recommends AT.
In the same notice, it also says that “a campaign to phishing which uses fraudulent text messages (SMS)”, to induce recipients to make “a payment to allegedly regularize their tax situation”.
In the example given by AT, the cell phone message is sent fraudulently in the name of “AT.GOV.PT” and contains the following text, with a link: “Attachment process started. Last day for payment. Avoid additional costs in: (…)”.
In the note published on the Finance Portal, AT recommends citizens to read the “information security leaflet” available on the website, without, however, making this document directly available on this page.
To find it without leaving the AT website, you can type the expression “Information Security information leaflet” in the search bar and then select the first result in the “information” segment.
In this leaflet, AT recommends that citizens do not respond to messages that raise doubts, do not click on links, do not download or open files and do not provide “their credentials to access the Finance Portal”.
Additionally, it suggests that citizens delete messages “of unknown origin or questionable content”.
Leave a Reply