Not everything that arrives via message is what it seems. Social Security launched a national alert after detecting new fraud attempts that use the name and image of the public body to deceive citizens through fraudulent messages about supposed debts.
The Social Security Institute (ISS) reported this Tuesday that false messages are being circulated that simulate official communications about Social Security debts. These messages, which appear to come from the institution’s own portal, include a link to a fraudulent page where the user is led to believe that they have outstanding amounts and are pressured to make an immediate payment “to avoid late payment interest”.
In a statement published on its website, the ISS clarifies that “these messages are fraudulent and do not come from Social Security, allowing their authors to illegitimately obtain amounts arising from supposed debts”. The organization reinforces that Social Security never sends links via SMS or email nor requests banking details, such as credit card numbers.
The entity also warns that updating personal data or IBAN should only be done through the Direct Social Security Portal, after secure authentication with a password, according to Notícias ao Minuto.
An example of fraud in circulation
Among the examples of false messages identified, there are cases in which the text begins with “Avoid seizure”, followed by a reference and a notice of non-compliance, indicating that non-payment by a certain date may result in tax enforcement proceedings and seizure of assets.
This message ends with the threat of late payment interest if payment is not made on time. The objective is to create panic and urgency, leading citizens to click on the link and provide sensitive data.
Social Security, cited by the same source, recommends that, in case of doubt, citizens do not click on the links, do not provide personal or banking information and immediately report the attempted fraud to the authorities.
Phishing: the digital crime that grows in Portugal
This type of fraud, known as phishing, consists of reproducing the image of legitimate entities to obtain confidential information or improper payments. In Portugal, it is one of the most common cybercrime schemes, affecting not only public bodies but also banks and private companies. Article 217 of the Penal Code classifies this type of conduct as the crime of computer and communications fraud, punishable by a prison sentence of up to five years.
To reduce the impact of these practices, the National Cybersecurity Center (CNCS) recommends checking the email address or link before clicking, using two-factor authentication and immediately reporting suspicious messages.
Goal also reinforces fight against fraud
In parallel, the company Meta announced new security measures for Messenger and WhatsApp, with the aim of helping users identify potential fraud. In Messenger, according to the same source, automatic warnings will appear when suspicious messages are detected, and it will be possible to forward them for analysis by Meta AI.
The platform, according to , will also warn users not to transfer money or vouchers to strangers. On WhatsApp, a warning will be displayed if someone tries to share the screen during a video call with a contact that is not saved, remembering that this action should only be done with people you trust.
According to the company, since the beginning of 2025, almost eight million accounts linked to international fraud networks originating in Myanmar, Laos, Cambodia, the Philippines and the United Arab Emirates have been identified and eliminated.
Also read:
