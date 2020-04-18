Image: Robert Anasch

The government of North Rhine-Westphalia, a province in western Germany is believed to have lost tens of millions of euros after failing to build a secure website to distribute coronavirus emergency relief funds. .

Funds were lost as a result of a classic fishing operation.

Cybercriminals created copies of an official website that the NRW Ministry of Economic Affairs had created to distribute COVID-19 financial aid.

Crooks distributed links to their sites through email campaigns, attracted users to the sites and collected details of the premises. They then applied for government assistance on behalf of real users, but instead replaced the bank account where funds had to be wired.

Losses in tens of millions of euros

The scheme lasted from mid-March to April 9, when the NRW government suspended payments and took over the website.

Before leaving the website, NRW police said they received 576 official reports of fraud related to this scam, according to Heise, a German technology news site this week.

The German newspaper Handelsblatt also reported that the government had received more than 380,000 requests for government assistance for coronavirus, agreeing to pay in 360,000 cases.

NRW officials said that 3,500 to 4,000 funding requests are believed to have been fraudulent, according to German television channel Tagesschau on Wednesday.

Payments ranged from € 9,000, for self-employed professionals, to € 25,000, for companies with more than 50 employees who suffered from their activity affected by the current pandemic.

Based on a rough estimate, the NRW government is believed to have lost between minimum € 31.5 million ($ 34.25 million) and up to € 100 million ($ 109 million). , money that represents fraudulent payments made with the wrong accounts.

The blame rests with NRW officials

An investigation is currently underway. Tagesschau reports that NRW prosecutors are currently studying two phishing websites used in the system, one of which is wirtschaft-nrw.info.

The blame for this incident is exclusively on NRW officials who have not obtained a secure method of distributing funds.

While other German state governments were urging users to upload scanned documents to prove their identity or urging users to download a form and email it, NRW only required residents and local businesses to fill out a form on their site, without making any additional verification of yours. identity.

The NRW government has re-enabled its coronavirus emergency aid funding website and has stated that payments will be effective only if the applicant’s bank account number matches the bank account number used at the past to pay taxes.

Jan G. (pseudonym), a C-based programmer C, told ZDNet today that he too would have fallen for the phishing campaign if he had received the email from the fraudster.

“Users can detect phishing sites if we know the cloned site,” Jan told ZDNet in a phone call today. “This was a new place nobody had seen before and we would not have been able to tell if it was the real thing or not. It explains why so many of them came in and entered personal information.”

NRW police are now asking users who have applied for coronavirus relief, but have not yet received funding for a police report.