The Representation of the European Commission in Germany warns of a current phishing campaign aimed at small and medium-sized enterprises (SMEs). Under the pretext of an application form for corona bridging aid, which is supposedly offered jointly by the European Council and the federal government, the SMEs are apparently to be persuaded to disclose confidential data. The commission representation has reported to the police.
The fraudulent e-mail is being sent from the ec-europa.eu domain under the fictitious name of the alleged spokesman for the European Commission in Germany, “Svetla Bobeva”, according to a statement from the commission representatives. However, this is not the domain of the European Commission, but merely an attempt to deceive: “No e-mail accounts of the European Commission were hacked.”
Emergency aid is currently a popular pretext
The commission delegation advises recipients of the e-mail not to react to it and not to open the attachment. Whether this actually “only” contains a form for data theft or possibly also malicious code is not clear from the communication; the phishing attempt “presumably” aims at tapping data, they say.
Phishing attempts and specially prepared websites with alleged Corona emergency aid have been a big topic since the beginning of the pandemic. In a recently published “Special Evaluation of Cybercrime in Times of the Corona Pandemic”, the Federal Criminal Police Office classified this tactic as one of the primary corona-specific IT threats.
The tactics are not new to the commission representatives either: an almost identical phishing email was sent in July of this year, whereby the criminals used the name of Reinhard Hönighaus, spokesman for the European Commission in Germany.