2025.10.11 – How to Spot and React to a Phishing SMS from “MijnOverheid” – Verified Warnings and Official Dutch Sources

Key Takeaways

Fraudulent text messages claiming to be from MijnOverheid—the Dutch government’s digital communication portal—have been circulating, directing people to fake websites such as nl-bericht.net to “update personal data.”
These are phishing attempts aimed at stealing login credentials or financial details.
You should never click on these links, always verify through official channels, and report suspicious messages to the proper authorities.
Official Dutch government websites confirm these scams and provide detailed guidance on what to do.

Message and Analysis

The fake SMS typically reads:

“Berichtenbox | MijnOverheid … update your personal data via nl-bericht.net.” (translated from Dutch)

This message is a classic phishing pattern.
The domain name nl-bericht.net is not owned by the Dutch government.
Official portals such as MijnOverheid, DigiD (Digital Identification of the Netherlands), and Rijksoverheid (Dutch National Government) always use domains ending in .overheid.nl, .digid.nl, or .rijksoverheid.nl.

Government agencies have made it clear:

• MijnOverheid never sends messages containing direct links or QR codes.
• The government never asks you to confirm or update your personal information via text message or email.
• Any request to “verify,” “update,” or “check” your data through a link is an attempt to trick you into revealing personal or banking details.

These phishing messages often imitate the appearance of official notifications, including the same tone and layout used by genuine MijnOverheid alerts. However, the link always redirects to a fake website designed to steal your login credentials.

Response & Guidance

If you receive such an SMS, take the following actions immediately:

1. Do not click on the link.
2. Delete the message and block the sender.
3. Report the message by forwarding it to:

• valse-email@fraudehelpdesk.nl — The official Dutch Fraud Helpdesk.
• valse-email@digid.nl — DigiD’s own phishing report address.

1. If you already clicked or provided information:

• Change your DigiD password immediately.
• Enable two-factor authentication via the DigiD app.
• Notify your bank if any financial information was shared.
• Monitor your bank statements for unusual activity.

Authorities stress that real government messages never contain clickable links.
You should always access your messages by typing https://mijn.overheid.nl directly into your browser or through the official Berichtenbox app.

Official Verifications

Multiple Dutch authorities have issued official statements confirming the rise of phishing messages imitating MijnOverheid:

• MijnOverheid – “Recognize Fraud”
  Explains that fake emails and SMS messages may request DigiD credentials or bank details. States clearly that MijnOverheid never asks for login details via text or email.
  mijn.overheid.nl/herken-oplichting
• Logius (Dutch Digital Government Agency)
  Reports that phishing attempts using DigiD and MijnOverheid names occur daily. Emphasizes that they never send unsolicited links or QR codes.
  logius.nl/onze-organisatie/veiligheid/poging-tot-phishing-met-digid-en-mijnoverheid-gebeurt-elke-dag
• Belastingdienst (Dutch Tax Authority)
  Provides real examples of fake text messages and emails pretending to come from government sources, confirming that they never request sensitive data via clickable links.
  belastingdienst.nl/wps/wcm/connect/nl/contact/content/voorbeelden-van-valse-whatsapp-berichten-sms-berichten-mails-en-brieven
• Fraudehelpdesk (Dutch Fraud Helpdesk)
  Displays several fake MijnOverheid messages and gives clear advice on how to report phishing safely.
  fraudehelpdesk.nl/valse-emails/mijn-overheid

These official statements all agree: if a message asks you to click a link or share data, it is a scam.

Sources & References

• https://mijn.overheid.nl/herken-oplichting/ — Official MijnOverheid page “Recognize Fraud” explaining how to spot fake messages.
• https://www.logius.nl/onze-organisatie/veiligheid/poging-tot-phishing-met-digid-en-mijnoverheid-gebeurt-elke-dag — Logius statement about daily phishing attempts involving DigiD and MijnOverheid.
• https://www.belastingdienst.nl/wps/wcm/connect/nl/contact/content/voorbeelden-van-valse-whatsapp-berichten-sms-berichten-mails-en-brieven — Examples of fraudulent communications published by the Dutch Tax Authority.
• https://www.fraudehelpdesk.nl/valse-emails/mijn-overheid/ — Fraudehelpdesk information on fake MijnOverheid emails and how to report them.
• https://www.youtube.com/watch?v=NpxvTPEfB_4 — Verified YouTube video from the Dutch Police explaining how phishing scams work and how to stay safe online.