Police are warning of a new phishing campaign impersonating the Ministry of Health to steal personal and banking information. The fraudulent message, sent via SMS, asks recipients to renew their Individual Health Card within 48 hours.
The unstoppable rise of digital scams
The figures confirm it: digital scams and fraudcontinue to grow year after year in Spain.
According to data from the Spanish Observatory of Cybercrime (OEDI),287,963 cybercrimeswere recorded in 2020, a figure that rose to 472,125 in 2023,the last year with available data. In 2021,
305,477 caseswere documented, and in 2022 the number climbed to 374,737.
These figures reflect an alarming phenomenon: online scams have become the most common crime of the digital age,surpassing even traditional theft.
Increasingly sophisticated criminals are perfecting their methods to deceive victims with fake messages, fraudulent emails, or links that lead to websites identical to those of official organizations.
The new scam: the fake message from the Ministry of Health
The Civil Guardhas issued a public alert through its social networks about a new phishing campaign(or smishing,when carried out via SMS) that has impersonated the Ministry of Health.
The message, received by thousands of citizens, reads verbatim:
“Urgent notice, renew your health card within a maximum of 48 hours to retain all your rights.”
Accompanying the text is a fraudulent linkthat redirects to a website where the user is asked to enter their personal and banking information.
The site’s appearance is convincing: it uses the Ministry of Health’s logo and official language, leading many to believe the request is legitimate.
However, authorities have confirmed that the Ministry of Health is not requesting any renewal of the Individual Health Card (TSI)nor has it sent any such communication.
According to the Civil Guard, this is a fraudulent campaign aimed at stealing confidential information.
The Civil Guard’s warning: “Don’t fall for it”
The message disseminated by the Civil Guard has been clear:
“Notice: The Health Department is not requesting the renewal of your health card due to the implementation of a new verification system.”
Through its official accounts, the institution has asked citizens to exercise extreme caution regarding any suspicious messagesand has used the hashtag #NoPiques,along with tags such as #Phishingand #Smishing,to spread the warning.
The goal of the fake message is simple: to obtain victims’
personal and banking information through deception.Those who click the link and fill out the required information unknowingly hand over their credentials to the scammers,who then use them to make unauthorized charges, commit identity theft, or gain access to bank accounts.
The Civil Guard reminds everyone that no public institution requests confidential information via SMS or email,and that official websites should always be accessed by typing the address directly into the browser,never from unknown links.
📢 AntiScam Newsmagazine joins in spreading this alert to reinforce public awareness and prevent new victims of digital fraud in Spain.
How to recognize a digital scam
Cybersecurity experts recommend a series of signs to detect if a message or email may be a phishing scam:
- Artificial urgency:messages often include phrases like “last warning”, “urgent”or “48 hours to act”to generate fear and precipitate action.
- Spelling or grammatical errors:often the texts present small inconsistencies or strange expressions.
- Suspicious links:Before clicking, you should press and hold the link or hover your cursor over it to see if the address matches the official website.
- Requests for personal or banking information:no public body or legitimate bank asks for passwords, card numbers or ID cards through these means.
- Unknown senders:even if the message appears to be from an institution, the number or email address may be falsified.
If in doubt, the Civil Guard advises not to open the message, not to reply, and to delete it immediately.
It is also recommended to report itto official law enforcement channels or to the impersonated entity.
Digital fraud: a constantly evolving threat
Digital frauddoesn’t just affect individual users.
Companies, public bodies, and banks are constantly being impersonated to gain credibility. The modern fraudsterno longer acts alone: they belong to organized networks that operate from different countries and take advantage of the anonymity of the internet.
Phishing and smishingcampaigns are constantly evolving, adapting to current events, administrative reforms, and even technological changes.
Cybercriminals monitor trends to create messages that sound credibleand build trust.
In this case, the health insurance cardhas been the perfect pretext: a sensitive issue, of general interest, and linked to personal well-being.
The fear of losing a right or benefit leads many people to fall into the trap without realizing it.
How to protect yourself from an online scammer
Digital literacyremains the most effective tool against fraud.
Experts recommend:
- Do not share personal or banking information via SMS or email.
- Always verify the authenticity of communicationsbefore taking action.
- Update your operating system and antivirus softwareto block malicious websites.
- Report any attempted scamsto the authorities to help stop these networks.
Conclusion
The case of the fake health card renewaldemonstrates that digital fraudsters are constantly refining their strategies.
They exploit trust in institutions to manipulate people and obtain private information.
Therefore, the best response to any suspicious message is to be suspicious and delete it.
The Civil Guard summarizes this with three words that should accompany every citizen alert: