Tax Authority warns about fake emails and SMS messages

The Tax and Customs Authority (AT) warns that fraudulent email and mobile phone messages are circulating in the name of the tax authorities.

By TPN/Lusa, in News · 19 Mar 2026, 14:33 · 0 Comments

Credits: Unsplash; Author: Alicia Christin Gerald;

The messages refer to requirements for tax regularisation and announce the granting of refunds.

In a note published on the Finance Portal, the AT says it is “aware that some taxpayers are receiving email messages supposedly from the AT in which they are asked to click on ‘links’ that are provided”.

Fake addresses

In the examples of emails included in the AT warning, it is possible to see that one message has the subject “Document for regularisation 3 IRS 2024” and that the sender identifies themselves as “Financas Deducao”, with the email “passivosfiscaisgiocondacn@resolucaocidadaosempapel.blog”.

In another example, the IRS reports that the email sent with the subject “Pending Conclusion 3 Provisional Income Tax Deductions”, from the email identified with the name “Deductions”, sent from the address “receitapublicajesualdoab@rumolivre.blog”, is also fake.

Clicking on fake links

In another case, attackers entice recipients to click a link that requires them to provide bank details to receive an alleged “tax refund,” the payment of which is supposedly pending.

The IRS emphasises that “these messages are fake and should be ignored” because “their objective is to convince the recipient to access malicious pages loading the suggested links or to make undue payments”.

Under no circumstances should you carry out these operations,” recommends the IRS.

Text messages

The same notice also states that a “phishing campaign” is underway, using fraudulent text messages (SMS) to induce recipients to make “a payment to allegedly regularise their tax situation.”

In the example given by the Tax Authority (AT), the text message is fraudulently sent in the name of “AT.GOV.PT” and contains the following text, with a link: “Seizure process initiated. Last day for payment. Avoid additional costs at: (…)”.

In the note published on the Finance Portal, the AT recommends that citizens read the “information leaflet on Information Security” available on the website, without, however, providing that document directly on that page.

To find it without leaving the AT website, you can type the expression “information leaflet on Information Security” in the search bar and then select the first result in the “information” section.

In this leaflet, the Tax Authority recommends that citizens do not respond to messages that raise doubts, do not click on links, do not download or open files, and do not provide "their credentials to access the Tax Portal".

Additionally, it suggests that citizens delete messages "of unknown origin or with dubious content".