The Cyber Security Center warns of scams associated with the Omavero service. Seniors are also targeted by persistent fishing campaigns.
Finnish transport and communications company Traficom's Cyber Security Center warns In his weekly review Frauds related to self-tax service by taxpayers show no signs of abating.
The Cyber Security Center has reported that there have been numerous notifications of messages sent by fake tax collectors over the past week.
Finns have been approached, among others, with messages about tax refund or tax payment issues. According to the Cyber Security Center, the links in the messages led to a phishing website imitating the tax authority's pages.
– They ask you to log into the fake website in question using your bank credentials.
Senior citizens were repeatedly targeted
Another recurring theme in fraud news in January was pension fishing. In these messages, the recipient's pension is said to be at risk.
“Criminals try to influence their targets by using current themes related to money and emphasizing the urgency of the matter,” warns the Cyber Security Center.
In phishing messages sent by email, the sender is disguised as Omavero.
– This may convince the target that the message is from the tax authority.
Cybersecurity Center guidelines for identifying fraudulent messages
- Tax authorities or banks do not send links to their sites, but instead ask you to log into the service from the official site. Avoid opening attachments in messages.
- If you open a link, always check the correct address of the site in the address bar. The address of the fraudulent site may resemble the address of the official site, but small details will tell the difference.
- Don't fall for the sense of urgency created in the message. Keep calm and quietly check the message for any fraud.
- If you are unsure of the authenticity of the message, you can always verify it by calling the customer service of the party that appears to be the sender.
- If you enter your bank ID on a phishing website, contact your bank immediately and file a criminal complaint.
Source: Center for Cyber Security