Fraudulent Messages Targeting Wellbeing Services Counties Prompt Security Warnings
Several wellbeing services counties across Finland have issued warnings about fraudulent messages sent in their names, urging clients to remain vigilant and avoid clicking on suspicious links. The phishing attempts, which have been reported in Vantaa, Kerava, Eastern Uusimaa, and Central Finland, aim to steal personal data by impersonating child welfare and oral healthcare services.
Vantaa and Kerava Warn of Fake Appointment and Hearing Notices
The Vantaa and Kerava Wellbeing Services County (Vake) has alerted its clients to two types of fraudulent messages circulating via email. One, sent under the guise of child welfare services, uses the subject line "Invitation to a Hearing" and requests recipients to log in to a self-service portal. The other, posing as oral healthcare communications, carries the subject line "Reminder of Appointment!" and includes a link to a client portal (Yle; Helsingin Sanomat).
Vake emphasises that legitimate appointment messages from its child welfare services never contain links. While fraudulent messages may appear convincing, clients are advised to scrutinise the sender’s email address and avoid providing personal information. "We ask our clients to be cautious with even slightly suspicious messages. Links in these messages should not be opened, nor should personal information be provided to the sender," said Mira Kulonen, Vake’s Special Expert in Security and Preparedness (Yle).
Clients uncertain about a message’s authenticity are encouraged to contact the relevant service directly rather than responding to the message.
Phishing Attempts Detected in Multiple Regions
Similar fraudulent messages have been reported in other wellbeing services counties. The Eastern Uusimaa Wellbeing Services County confirmed on Wednesday that scammers had sent fake text messages and emails posing as child welfare services. These messages instructed recipients to follow a link and authenticate using bank credentials (Helsingin Sanomat).
The county clarified that its child welfare services do not request personal or banking details via text or email, instead contacting clients primarily by phone or letter.
In early April, the Central Finland Wellbeing Services County also reported phishing emails sent in its name, targeting child welfare clients. The county reiterated warnings not to open suspicious links (Helsingin Sanomat).
How to Identify and Respond to Fraudulent Messages
Authorities highlight several red flags to help clients identify phishing attempts:
- Unexpected links in messages claiming to be from official services.
- Requests for personal or banking information via email or text.
- Slightly altered sender addresses that may appear legitimate at first glance.
Clients who receive suspicious messages are advised to:
- Avoid clicking links or downloading attachments.
- Verify the message by contacting the service directly through official channels.
- Report the incident to the relevant wellbeing services county.
Vake notes that such fraudulent messages have been circulating intermittently over the past year, underscoring the need for ongoing vigilance (Yle).
