The German state of North Rhine-Westphalia (NRW) may have lost tens of millions of euros after phishers claimed government subsidies, using the data of thousands of people. According to the German Handelsblatt, that amount could amount to more than a hundred million.
In the federal state of NRW, companies could apply for compensation in order to mitigate the effects of the corona crisis. Phishers joined the action and made a copy of the original website on which users entered their details in order to apply for compensation. By luring residents of the state to the fake website through a phishing campaign, the cybercriminals stole the data from companies and then filled it in themselves on the original site: only the bank details were changed to those of the criminals.
According to the authorities, there are currently around 3,500 to 4,000 applications (from both larger companies and one-man businesses) that have been used by phishers to transfer to their own accounts. The only question is whether this is also the actual number of abused applications, since more than 360,000 applications have already been approved since the website opened (at the end of March). This, in total, involves an amount of around three billion euros.
Depending on the size of a company, the payments vary. With a maximum of five employees the payment is 9,000 euros, companies with between ten and fifty employees can claim 25,000 euros.
Payment of the applications has been temporarily halted, but relatively late. More than a week ago it was mentioned that criminals with stolen data (and money) had been involved. The local authorities would already be investigating the case, with at least one link in Slovakia. They are also working on taking the fake site offline.