A 66-year-old fell victim to an online General Health System (Gesy) scam after receiving a fraudulent text message requesting a small payment supposedly linked to his coverage, police said on Wednesday.

He received a message instructed to follow a link and complete a fee payment.

After entering his bank card details, scammers withdrew a total of €30,000 from his account.

This follows earlier warnings from the national health insurance organisation (HIO) that it had no connection with such messages and warned the public to remain vigilant against similar phishing attempts.

Speaking to the Cyprus Mail, HIO official Yiannis Hadjipetrou emphasised that Gesy never requests passwords, login credentials, bank details or payment information.

He reiterated that Gesy does not instruct beneficiaries to carry out transactions through electronic links sent by SMS.

He described the latest incident as “a serious reminder of how professional and convincing cybercriminals have become.

“We urge the public to exercise extreme caution. Neither the ministry nor Gesy will ever ask for payments or personal data through SMS links,” Hadjipetrou said.

If in doubt, the public should contact Gesy or the ministry directly before taking any action.

The HIO cautioned that a new wave of misleading messages has been reported in recent weeks, many urging recipients to “correct their personal information” by following an embedded link.

Police echoed the warning, describing the latest incident as “a stark reminder of how quickly scammers exploit public trust to steal large sums of money”.

We urge the public to treat any unsolicited message demanding payment or personal data with extreme caution, a police spokesperson said.

This case is under active investigation, and we strongly advise citizens not to follow links or provide banking information unless they have verified the source.”

Officials reiterated that such communication is fraudulent and should be deleted immediately.