Health card renewal scam: what to do if you have received this message

The message is made to sound urgent and also offers a 48-hour period in which to respond, presumably to ensure the recipient's rights to health cover are not affected. However, watch out, beause it is all false. This is the latest fraudulent email and text message campaign identified by Incibe (the national institute of cybersecurity for all Spain).

These messages ask people for personal data under the pretext of renewing their health card due to the implementation of a new verification system. They contain a link that redirects the unsuspecting recipient to a fake website impersonating the Ministry of Health.

"The Ministry of Health is not requesting renewal of your health card," warns Incibe. "What this scam is really seeking is to collect personal and bank card information from users who have received the email or SMS," it adds.

If you have received such a message and did not click on the link, you should still report the fact to Incibe's incident mailbox (017 is their cybersecurity helpline). After reporting it, it is advisable to block the sender and delete the notification.

What should I do if I have accessed the fraudulent link? If personal and/or banking details were provided, the following steps should be taken as soon as possible:

- Contact the bank as soon as possible to block suspicious transactions and the bank card.

- Save all possible screenshots and evidence. To give them greater validity, you can use the online witness service.

- File an official police report ('denuncia') using the evidence you compiled of the fraud as a basis.

- Periodically do some 'egosurfing' to check if your personal data has been leaked online and is being used without your consent.

Incibe also points out that the Social Security health card does not usually need to be renewed. Your Social Security number is unique and permanent throughout your working life, but you can request a duplicate or update it at its official headquarters.

"Remember that, for any transaction with a public body, you will need to identify yourself with your electronic ID card, your digital certificate or the Cl@ve system. If you access a supposedly official public body's website and you are not asked for this identification to carry out any dealings with them, you are most likely accessing a fraudulent site," explains Incibe on its website.

Incibe also points out that one of the key factors that should make us suspicious is the very short timeframe given to complete the requested action, in addition to the condition that, if we don't do so, we will lose access to the services provided by having a health card.

In the email it can also be seen that the Ministry's logo is not the official one, as it appears without the yellow background.

Next, the sender of the email has a domain that does not match the official one used in online notifications from the Ministry of Health (sanidad.gob.es).

These emails are identified by the subject line: "Your individual health card has expired". "Update your TSI" (with a grammatical error) or "Renovacion" (the Spanish for 'Renewal', but without an accent on the second 'o'), indicating that it may be a scam and not an official communication, notes Incibe. Finally, the cybersecurity watchdog is not ruling out that there could be other emails within this campaign with different, but similar, subject headings.