islegit.email

DigiD and tax-refund phishing: how to tell real from fake

A message about money you're owed — or a threatening fine — catches everyone's attention. Scammers know this and love to impersonate the Belastingdienst (the Dutch tax authority) or DigiD (the Dutch government login). Sometimes they promise a refund; sometimes they threaten a surcharge. Either way, the goal is the same: get you to click or log in fast.

The good news is that government agencies work in predictable, consistent ways — which makes fakes relatively easy to spot.

What does this phishing look like?

A made-up example of a fake refund notice (fictional — not a real email):

From: Belastingdienst no-reply@belastingdienst-teruggave.nl Subject: You are entitled to a refund of € 348.00

Dear Sir/Madam,

Our records show that you are entitled to a refund of € 348.00. To complete the payment, please confirm your details using the button below. Do this within 24 hours.

[Confirm and receive your refund]

That button leads to a fake DigiD or fake iDEAL page. Whatever you type there — login credentials, bank details — goes straight to the scammer.

The warning signs

  1. The sender address is wrong. The Belastingdienst uses belastingdienst.nl and DigiD uses digid.nl. Addresses like belastingdienst-teruggave.nl or mijn-digid.com are fake.
  2. A refund or fine delivered via a link in an email or text. The Belastingdienst handles this through your official account and the Berichtenbox — never through a payment or login link in an email.
  3. A request for your DigiD credentials, bank details, or PIN. The government never asks for these by email or text.
  4. Urgency and threats. "Within 24 hours", "or your entitlement lapses", "additional costs will apply".
  5. A look-alike domain or a generic salutation instead of your own name.

What to do

  • Don't click anything. Want to check? Log in yourself at mijn.belastingdienst.nl or open the official app. For DigiD, go directly to digid.nl.
  • Remember: a refund is never paid out by first "confirming your details" through a link in an email.
  • Still unsure? Forward the message to check@islegit.email for a free verdict within a minute.
  • Fake text message? Forward it to 7726.

What NOT to do

  • Do not log in with your DigiD through a link from a message.
  • Do not fill in bank details to "receive a refund".
  • Do not pay a fine through a link, no matter how threatening the message sounds.

If you've already logged in or paid

Call your bank immediately. Request a new DigiD via digid.nl (this deactivates the old one) and change any passwords you entered. Report it to your country's fraud service (in the Netherlands, the Fraudehelpdesk on 0800-2117) and file a police report.

Still not sure about an email? Forward it to check@islegit.email and get a clear verdict in under a minute.

Check an email

This is a safety aid, not a guarantee. We don't store your emails, and personal details are stripped before anything looks at them.

Read next:

Frequently asked

Does the Dutch tax authority (Belastingdienst) send emails about refunds?

The Belastingdienst communicates mainly through your Berichtenbox inbox and your account at mijn.belastingdienst.nl. A refund is never arranged through a payment or login link in a standalone email.

What does a genuine DigiD message look like?

DigiD uses the domain digid.nl and never asks for your login credentials by email or text. Always log in yourself by typing digid.nl into your browser.

I entered my DigiD details on a fake page. What now?

Request a new DigiD via digid.nl (this invalidates the old one), alert your bank, and report it to the Fraudehelpdesk and the police.

How do I report Belastingdienst phishing?

Forward the email to the Belastingdienst's reporting address (valse-email@belastingdienst.nl) and report it to the Fraudehelpdesk. You can also forward it to us for a quick check.