Online Fraud in Estonia — How to Report and Get Your Money Back

1. Common types of online fraud in Estonia

Estonia, despite being one of the most digitally advanced countries in the world, is not immune to online fraud. In fact, the high rate of digital transactions makes it a target. Here are the most common scam types affecting people in Estonia:

• Phishing — fake emails or SMS messages impersonating banks (often SEB, Swedbank, LHV), government agencies (Tax Board, Police), or delivery services (Omniva, DPD), tricking you into entering your credentials on fake websites
• Online marketplace scams — sellers on platforms like Facebook Marketplace, Osta.ee, or international sites who take payment but never deliver goods, or send counterfeit items
• Romance scams — fraudsters on dating apps who build emotional relationships and then ask for money
• Investment scams — fake trading platforms, cryptocurrency schemes, Ponzi schemes promising unrealistic returns
• Tech support scams — callers claiming to be from Microsoft, Apple, or your internet provider, requesting remote access to your computer
• Identity theft — using your personal data (isikukood, ID card details) to take loans or make purchases in your name
• Fake online shops — professional-looking websites offering luxury goods at deep discounts, taking payment and disappearing

2. What Estonian law says about fraud

Other relevant criminal provisions:

• Penal Code § 157² — Illegal use of personal identification data (identity theft): up to 3 years
• Penal Code § 206 — Unauthorized access to computer systems: up to 3 years
• Penal Code § 210 — Extortion (including ransomware): up to 5 years

3. What to do immediately after being scammed

Speed is everything when it comes to online fraud. The first 24–48 hours are critical for recovering your money.

Within the first hour:

1. Contact your bank immediately — call the emergency line (available 24/7):
   • Swedbank: +372 613 1606
   • SEB: +372 665 5100
   • LHV: +372 680 0400
   • Luminor: +372 628 3300
2. Ask the bank to freeze the outgoing transaction — if the money has not yet left your account or can be recalled
3. Block your cards if card details were compromised
4. If you shared Smart-ID/Mobile-ID PINs, block them immediately at id.ee or call 1777

Within 24 hours:

1. File a police report (see section 4 below)
2. Gather and save all evidence:
   • Screenshots of the scam website, messages, emails, profiles
   • Transaction confirmations and bank statements
   • The scammer's contact details (phone, email, usernames, website URLs)
   • Any correspondence (do not delete anything)
3. Change passwords for all compromised accounts
4. Enable two-factor authentication on all important accounts

4. How to report to the police

You can report online fraud to the Estonian police in several ways:

• Online: File a report at politsei.ee — you can write in English
• By phone: Call 612 3000 (Police and Border Guard Board)
• In person: Visit the nearest police station
• By email: Send details to the cybercrime unit at ppa@politsei.ee

What to include in your police report:

• When and how the fraud occurred (timeline)
• How much money was lost
• All scammer contact information you have
• Bank transaction details (IBAN numbers, reference numbers)
• Attach screenshots, emails, and other evidence
• Names of any witnesses

5. Getting your money back through your bank

Your chances of recovering money depend on how the payment was made and how quickly you acted:

Bank transfer (SEPA transfer)

• If you contact your bank within hours, they may be able to recall the transfer before it is processed
• SEPA instant transfers are harder to recall, but the receiving bank can freeze the funds
• Your bank can send a "recall request" to the receiving bank
• If the scammer's account is in Estonia or the EU, there are better chances of recovery through the banking system

Card payment

• You can file a chargeback dispute with your card issuer (Visa/Mastercard)
• Chargeback deadline: typically 120 days from the transaction date
• The card issuer investigates and can reverse the charge

6. Credit card chargeback and PayPal disputes

Visa/Mastercard chargeback process

1. Contact your bank and state you want to initiate a chargeback
2. Provide evidence that you did not receive the goods/services or were defrauded
3. Your bank submits the dispute to Visa/Mastercard
4. The merchant's bank has 30 days to respond
5. If the merchant does not respond or cannot prove delivery, you get your money back
6. The entire process typically takes 45–90 days

PayPal dispute

• Open a dispute in PayPal's Resolution Center within 180 days
• If the seller does not respond within 20 days, the dispute is automatically decided in your favor
• PayPal Buyer Protection covers items not received and items significantly not as described

Wise (TransferWise) and Revolut

• Contact customer support immediately through the app
• These services can freeze outgoing transfers if you act fast enough
• They cooperate with law enforcement and can provide transaction data for investigations

7. Cryptocurrency and investment scams

Cryptocurrency and investment fraud is particularly challenging because:

• Crypto transactions are generally irreversible
• Scammers often operate from outside Estonia or the EU
• Fake trading platforms can show convincing fake "profits" to lure you into investing more

Red flags for investment scams:

• Guaranteed returns of 10%+ per month
• Pressure to invest quickly ("limited time offer")
• Unregulated platforms (check the Estonian Financial Supervision Authority registry)
• Cold calls from "brokers" you never contacted
• Difficulty withdrawing your money
• Requests to install remote access software (AnyDesk, TeamViewer)

If you have lost money to a crypto/investment scam:

1. Report to police immediately
2. Report to the Financial Supervision Authority at fi.ee
3. If the platform was based in another EU country, file a complaint with that country's financial regulator
4. Be wary of "recovery services" that promise to get your crypto back for a fee — many of these are secondary scams

8. Cross-border fraud — when the scammer is abroad

When the scammer operates from outside Estonia, the investigation becomes more complex but is still possible:

• File a report in Estonia anyway — Estonian police cooperate with Europol and Interpol
• EU scammers: Estonian police can coordinate with other EU police forces through the European Investigation Order
• File a complaint in the scammer's country as well — many countries accept online reports from foreign victims
• EU-wide portals: Report through Europol's reporting page
• Consumer protection: For EU online purchases, the EU Online Dispute Resolution platform can help

9. How to protect yourself

Prevention is always better than trying to recover stolen money. Here are essential tips for staying safe online in Estonia:

• Never share your PIN codes — no bank, police officer, or government agency will ever ask for your Smart-ID or ID card PINs
• Verify website URLs — check that the website address is correct before entering any data (look for https:// and the correct domain)
• Use strong, unique passwords for each service and enable two-factor authentication
• Be skeptical of urgency — scammers always create time pressure ("act now or lose your account")
• Verify sellers — check reviews, company registration (at e-Business Register), and business history
• Use secure payment methods — credit cards over bank transfers for online purchases
• Keep software updated — install security updates for your operating system, browser, and apps
• Report suspicious messages — forward phishing emails to your bank and to cert@cert.ee (Estonian Information System Authority)