Estonian ISP stops sending payment links over security concerns
Estonian internet and mobile services provider Elisa has decided not to send its customers payment links in emails and SMS messages anymore due to online fraud concerns.
Elisa said this week that it will do away with payment links in its official messaging.
Under a new system, billing notifications sent by Elisa via email or SMS will no longer include direct payment links. Instead, customers will be directed first to Elisa's self-service portal, where they can safely pay their bills.
According to Mai Kraft, head of information security at Elisa, the decision was prompted by a wave of scams, the most recent of which led to customers losing more than €600 through a scheme that mimicked Elisa's invoices.
"When someone uses Elisa's name or logo to commit fraud, it damages not just individuals but also the trust in our company. Following the latest incident, we explored solutions with our payment service provider and banks and ultimately decided to add an extra layer of security by directing payments exclusively through our self-service portal," Kraft explained.
Elisa is urging all customers to always check that billing notifications come from the official address arved@elisa.ee and to make payments only through the self-service portal at elisa.ee. The company also reminds customers to immediately report any suspected fraud to the police and Elisa customer service via the chatbot so that malicious links can be blocked and other customers protected.
Bank or online fraud in general is on the rise in Estonia, with criminals pocketing €6.1 million in the first eight months of 2025 alone.
--
Editor: Marcus Turovski
