List of detected frauds
Skip information indexOnline: false websites and phishing
Attempts at deception refer to supposed refunds or refunds of taxes, through sending massive communications by email in which the identity and image of the State Tax Administration Agency, or the identity of its management personnel, are impersonated. These scams often refer to some information which must be provided to get the tax rebate.
In these fraudulent emails, known as “phishing”, refers to a non-existent tax refund in which the person receiving the email benefits. In order to receive the money, the recipient has to go to a website where they are asked to give their bank account and credit card details.
The objective of the criminals is to steal personal or banking data from the victim, either by referring them to a false website that impersonates that of the Tax Agency or by making them download files with viruses.
Do not pay attention to these messages, they are an attempt at fraud by impersonating the image of the Tax Agency.
This is not the first time that this type of fraudulent email has been used. For this reason, public awareness and information is essential. We recommend:
- Do not open messages from unknown or unsolicited users, delete them directly.
- Do not respond under any circumstances to these messages.
- Be careful when following links in emails even if they are from known contacts.
- Be careful when downloading email attachments, even from known contacts.
The Tax Agency remembers that the best measure is prevention against suspicious communications that include the request for bank details.
The Tax Agency reminds you that:
- Never request confidential, financial or personal information, account numbers or card numbers by email or attach attachments with invoice information or other types of data.
- We never pay rebates via credit cards or debit cards.
- We never charge for the services we provide. The person who uses them will only assume the shared cost of calls to 901 telephones.
See examples of these Tax Agency impersonation campaigns New window
The Tax Agency is the owner of the website comprising the Portal (domain name: “www.agenciatributaria.es”) and the e-Office (domain names: “sede.agenciatributaria.gob.es”, “www.agenciatributaria.gob.es”, "www1.agenciatributaria.gob.es", "www2.agenciatributaria.gob.es", "www3.agenciatributaria.gob.es", "www6.agenciatributaria.gob.es", "www8.ia.agenciatributaria.gob.es", "www9.agenciatributaria.gob.es", "www10.agenciatributaria.gob.es", "www12.agenciatributaria.gob.es", collectively referred to as the “AEAT website”).
Always keep in mind that any Tax Agency procedure that involves a payment will be carried out through the AEAT website and under secure electronic commerce conditions.
Also, the Tax Agency expressly prohibits the use of frames or any other third-party mechanisms that alter the design, the original configuration or content of any of the domains described in this security notice.