Is Dit Veilig?Scam type
NLEN
Scam type 4/15

Phishing email from Belastingdienst, ING or MijnOverheid? Check it in 30 seconds

Got an email about a refund, outstanding debt or blocked account? Compare the sender against these official Dutch domains.

Stats and sources
Updated: May 2026

What the numbers show

No guesses. Only published data from Fraudehelpdesk (the Dutch fraud helpline), CBS (Statistics Netherlands), AFM, SIDN and Dutch investigative journalism.

Phishing was one of the biggest loss categories at the Fraudehelpdesk in 2024; CBS: almost 1% of Dutch residents (15+) were phishing victims in 2024 — roughly 150,000 people.
Source: CBS
In 2025 the Fraudehelpdesk received record numbers of phishing reports, mostly about Belastingdienst (Dutch tax authority), MijnOverheid (Dutch government portal) and banks.
Combined losses from phishing/helpdesk fraud in 2025: estimated at more than €140 million.
Modus operandi

How does this scam actually work in practice?

Step by step: this is how scammers build the scenario. The faster you spot the pattern, the sooner you can hang up or click away.

  1. 01
    The email comes from a domain that looks like the real one: belasting-dienst.nl, mijn.overhe1d.nl, ing-secure.com, rabo-bank.nl.
  2. 02
    The subject preys on urgency or greed: "2025 refund of €445.73 ready to be paid out", "Outstanding debt — final warning before seizure", "Your account has been temporarily blocked".
  3. 03
    The email always contains a button or link that leads to a fake website; there you're asked for bank details, BSN (Dutch social-security number) or login.
  4. 04
    Increasing use of AI: flawless Dutch, personalised greeting with your name, sometimes even your address.
  5. 05
    HTML mail perfectly mimics the house style: logo, colours, footer, "GDPR/privacy" links.
  6. 06
    Sometimes followed up by a "confirmation" phone call — a multi-channel attack.
Red flags

How do you spot this scam before it's too late?

One red flag is usually enough. Two and you know for sure something is off. Stop, hang up, click away, call the real organization via a number you look up yourself.

The sender doesn't end in an official domain (see below).
There is a direct payment or login link in the email (Belastingdienst and MijnOverheid never do this).
Time pressure: "within 24 hours", "or a fine will follow".
Greeting "Dear sir/madam" without your name, or with your name slightly misspelled.
A precise amount to the cent that you don't recognise (€445.73, €197.40).
The domain in the link differs from the visible anchor text
hover over it to verify.
What to do

What to do if you've been targeted

In this order. Time is money — literally. The faster you call, the bigger the chance the bank can still reverse a transaction.

  1. 1
    Don't click, don't reply. Mark as phishing in your email client.
  2. 2
    Forward the email to phishing@belastingdienst.nl, valse-email@ing.nl, valse-email@rabobank.nl or valsemail@abnamro.nl.
  3. 3
    Always log in via your browser at belastingdienst.nl or mijn.overheid.nl — never via an email link.
  4. 4
    Did you click? Change your password immediately and enable 2FA. Filled in bank details? Call the bank and have things blocked.
  5. 5
    Report to the Fraudehelpdesk (fraudehelpdesk.nl) and forward to valseemail@fraudehelpdesk.nl.
  6. 6
    For MijnOverheid: report via overheid.nl/melden.
Examples from our database

Concrete examples of this scam type

Click through on an example to see the full dossier: feed hits, host info, domain age, related cases.

domain reported
belasting-dienst.nl
real: belastingdienst.nl
View dossier →
domain reported
mijn.overhe1d.nl
real: mijn.overheid.nl
View dossier →
domain reported
ing-secure.com
/
View dossier →
domain reported
rabo-bank.com
/
View dossier →
domain reported
abnamro-update.com
View dossier →
domain reported
belastingdienst-info.nl
Sender: `noreply@`, `service@mijnoverheid-bericht.com`
View dossier →
Common search queries

What people Google when they run into this scam

Recognize your own situation in one of these phrases? Paste your input into the checker above and you'll get an instant dossier — no account needed.

Related scam types

Often combined with these other scam types

Scammers increasingly combine multiple channels. A WhatsApp message is followed by a fake call; a phishing email by a Tikkie payment request.

Scam type
Bank-helpdesk fraud (spoofing): how to recognize a fake call from "ING", "Rabobank" or "ABN AMRO"
Someone calling "from your bank's fraud department"? Learn how spoofing works, which numbers get abused, and what to do if you've already transferred money.
Read more →
Scam type
Belastingdienst fraud: fake refunds, fake debts and fake bailiffs
The Belastingdienst (Dutch tax authority) never calls for immediate payment and never emails with a link. Here's how to spot the scammers impersonating the tax …
Read more →
Scam type
SMS from PostNL or DHL about a parcel? Nine out of ten are fake
Parcel smishing from PostNL, DHL and DPD exploded in 2025. Here's how to recognize the fake messages and what to do if you've clicked.
Read more →
Scam type
Spotting a fake webshop: 8 checks before you pay
A too-cheap sneaker, an unknown .nl shop, no Chamber-of-Commerce number? Here's how to check in a minute whether a webshop is real — or whether you're throwing …
Read more →
Common questions

Common questions about this scam

What is phishing email from belastingdienst, ing or mijnoverheid? check it in 30 seconds?
The email comes from a domain that looks like the real one: belasting-dienst.nl, mijn.overhe1d.nl, ing-secure.com, rabo-bank.nl. The subject preys on urgency or greed: "2025 refund of €445.73 ready to be paid out", "Outstanding debt — final warning before seizure", "Your account has been temporarily blocked".
Belastingdienst refund email is this real?
The sender doesn't end in an official domain (see below). Don't click, don't reply. Mark as phishing in your email client.
MijnOverheid new message in Berichtenbox phishing?
There is a direct payment or login link in the email (Belastingdienst and MijnOverheid never do this). Forward the email to phishing@belastingdienst.nl, valse-email@ing.nl, valse-email@rabobank.nl or valsemail@abnamro.nl.
Phishing email Belastingdienst outstanding debt?
Time pressure: "within 24 hours", "or a fine will follow". Always log in via your browser at belastingdienst.nl or mijn.overheid.nl — never via an email link.
What should I do if I've been a victim?
Don't click, don't reply. Mark as phishing in your email client. Forward the email to phishing@belastingdienst.nl, valse-email@ing.nl, valse-email@rabobank.nl or valsemail@abnamro.nl. Always log in via your browser at belastingdienst.nl or mijn.overheid.nl — never via an email link.
Will I get my money back?
Whether you get your money back depends on the type of scam, how quickly you called your bank and whether you handed over credentials yourself. Dutch banks operate a goodwill scheme but in practice rarely pay out 100%. Always file a police report immediately and report to the Fraudehelpdesk — this strengthens your case.
Need help right now?

Call these numbers now — in this order

In case of immediate danger or an ongoing transaction: hang up, call your bank, then file a police report. The faster, the bigger the chance the money can be recovered.

Emergency
112
Police / emergency services
Police report
0900-8844
Ask for a case-file number
Fraudehelpdesk
088-786 73 72
Report for trend tracking
ING emergency line
020-22 888 00
Block account & card
Rabobank emergency line
088-722 67 67
Block account & card
ABN AMRO emergency line
0900-0024
Block account & card
SNS emergency line
030-633 30 00
Block account & card
Slachtofferhulp (victim support)
0900-0101
Emotional & legal support
Fraudehelpdesk.nlPolitie.nl — report online fraudVeiliginternetten.nlConsumentenbond — safe browsing