Pre-production environment

Scams and fraudulent SMS in the name of ‘Digital Mobile Key (CMD)’, ‘gov.pt’ or ‘Autenticação.gov’

There are several attempts at fraudulent schemes and electronic scams using emails, messages (SMS) and telephone calls. Many of these fraud attempts use the names of gov.pt portal (or the former ePortugal portal), Autenticação.Gov, Digital Mobile Key (CMD) and Adminstrative Modernisation Agency (AMA).

Be careful and never provide personal access data (pins, authorisation codes, passwords, or others) via calls, messages, or on portals that are not clearly identified with an official domain in the address bar, such as: eportugal.gov.pt or autenticacao.gov.pt.

On this page you'll find information on:

Scams via SMS messages

Fraudulent messages use senders similar or, in some cases, the same as those used by AMA, such as ‘CMD’, and usually ask users for personal data or to confirm data via links.

These messages are not sent by AMA and you should never reply to or click on any links in these messages.

Example of a fraudulent message

Ativou a aplicacao Autenticacao.gov no novo dispositivo Samsung Galaxy A40s. Se nao reconhece, va de imediato a https://cmd-atualizar.com
SMS text: You have activated the Authenticacao.gov application on your new Samsung Galaxy A40s device. If you don't recognise it, go immediately to https://cmd-atualizar.com

In this example, the scam would involve the citizen clicking on a link without the Portuguese government domain ‘gov.pt’. Clicking on the link would take them to a page very similar to Autenticação.gov, where they would be asked for their personal details, which would then be accessible to the fraudsters.

Email scams

Another form of scam that has been used is sending emails in an attempt to access people's personal or bank details.

If you suspect that an email is genuine, never click on any links within it.

Examples of fraudulent emails using the image of the old ePortugal portal

In this example, the ePortugal logo is used to give the impression of a state contact, but the text refers to the Tax and Customs Authority (Finanças).

ePortugal would not be used by the AT to send a tax notification. We therefore suggest that you always read the email carefully before clicking on any suspicious links.

Another point you should always pay attention to is the sender of the email. All emails sent by the Public Administration end in ‘gov.pt’. One of the scam attempts using ePortugal's name was sent by the sender suporte@network.solution.com’, which would be one of the ways to identify this email as a scam attempt.

Phone call scams

In telephone scam attempts, the caller may put greater pressure and urgency on you to make a payment or give personal details during the call.

You should not give personal details to someone who calls and asks:

  • Digital Mobile Key codes
  • Digital signature codes for the Digital Mobile Key
  • Security codes received by SMS or in the ‘Autenticação.Gov’ application
  • PIN codes for your Citizen Card

Likewise, you should never make a payment without confirming with the organisation responsible that you have a debt.

What to do if you are the target of an attempted scam?

If you receive an email or SMS asking for personal details, asking you to pay a debt you consider suspicious, or asking you to click on a link, you should block the sender and mark the message as SPAM.

If you receive a telephone call asking for personal data such as Digital Mobile Key or Citizen Card codes, you should hang up immediately.

AMA will never ask for personal data or bank account details by email, SMS or telephone call. If you have any doubts about any contact you receive, you can call our Citizen Line on 210 489 010 or 300 003 990, available on working days from 9am to 6pm.