New Phishing Scams Targeting State Tax Administration Agency via SMS and Email

Severity: Medium (Score: 54.9)

Sources: Sede.Agenciatributaria.Gob.Es

Summary

Two phishing scams have been identified targeting individuals by impersonating the State Tax Administration Agency (AEAT). The first scam, detected on April 20, 2026, involves SMS messages that prompt users to submit personal information through a fraudulent electronic registration screen. The second scam, reported on April 22, 2026, utilizes emails claiming to provide updates on tax refunds for the 2025 tax year, also aiming to steal credentials and personal data. Both attacks feature unofficial sender domains and links that do not belong to legitimate AEAT domains. The scams employ psychological pressure tactics, urging recipients to act quickly. The AEAT warns that they never request sensitive information via SMS or email. Users are advised to verify any communications directly through the official Electronic Office. The scope of impact includes potential identity theft for individuals receiving these messages. Key Points: • Two distinct phishing scams targeting AEAT impersonation detected in April 2026. • The SMS scam requests personal data through a fake registration screen. • The email scam claims to provide tax refund status updates to lure victims.

Key Entities

• Phishing (attack_type)
• aeat.es (domain)
• gob.es (domain)
• sede.agenciatributaria.es.sede-online.es (domain)
• T1566.002 - Spearphishing Link (mitre_attack)