[Update] Warning of scam mail: Federal Ministry of Finance promises NextGenerationEU money

If you receive an e-mail in which the Federal Ministry of Finance promises you one of 1.200 places in a pilot project to set up the "digital euro", then under no circumstances click on the link in it. Even if it says that equity investments of up to 1.000.000 euros are supported with up to 29% funding from funds from the NextGenerationEU project, you should not be blinded and tempted to take ill-considered steps. The interesting thing about this scam email is that it is well written and looks almost official. However, there are clear indications that it is a fake email that is intended to rip you off.

A new scam for online fraud is being tried out in a scam email: The Federal Ministry of Finance is said to be promising NextGenerationEU money in the form of subsidies. There should be up to 29% on deposits of up to 1 million euros, as this is how the “digital euro” is being developed. In this guide you can read that this is nonsense and how you can recognize it.
A new scam for online fraud is being tried out in a scam email: The Federal Ministry of Finance is said to be promising NextGenerationEU money in the form of subsidies. There should be up to 29% on deposits of up to 1 million euros, as this is how the “digital euro” is being developed. In this guide you can read that this is nonsense and how you can recognize it.

Subject of the scam email

Exclusive: Protect your assets from inflation - NextGenerationEU funding program!

Text of the scam email

Due to the persistent inflation in Germany, which exceeded the ten percent mark in October 2022, we would like to present a special support program for the digital euro as part of the €750 billion "NextGenerationEU" package of measures. This program is the result of close cooperation between the Federal Ministry and the European Central Bank. Potential participants are carefully selected and contacted by the Federal Ministry.

The funding program consists of a pilot phase in which the future digital currency, the digital euro, is tried and tested in everyday business. Participants have the opportunity to switch equity of up to 1.000.000 euros into the Digital Euro, thus preserving the value and purchasing power of their money through the introduction of the new central bank currency. This amount is supported with a subsidy of up to 29% on your investment.

There are currently still places available for 1.200 participants in this exclusive support program. To apply for the program and for detailed information on eligibility requirements, trial periods and pilot programs, please visit our website using the link below. Use the "to participate" contact form in the program overview on our website to confirm your interest in the attractive offer.

You need a personal access code to view the programme, as the offer is not publicly accessible. You can find this further down in this email.

HERE GO TO THE PILOT PROGRAM [link to scam page removed, d. R]

You will receive your personal access key to the non-public area of ​​our website in this e-mail

With this personal key you can unlock the special content:

[Character combination removed, note d. R]

Based on a statistical survey carried out by your current account-keeping bank, we were recommended to consider you as a participant for the pilot or test program.

We hereby invite you to take part in our test program once and would like to inform you about the options for securing assets that are currently being promoted. Please note that this is an exclusive email and it is not necessary to unsubscribe from the newsletter manually.

Note Please note that the link is only valid until a sufficient number of potential participants have registered for the next test program.

Signs that it is a fake email

As you can see, this fraudulent email is really well written, contains no obvious mistakes at first glance and impresses with attractive numbers. However, it must be stated directly: If an offer is too good to be true, then it is not true either. After all, who has up to 290.000 euros to give away? So let's look around for signs of scams and rip-offs:

  • Return address: Even if noreply@bundesfinanzministerium.de is displayed as the sender, this is only an alias assigned by the sender. Depending on the mail program or website, you can click on it to see the real sender address. This is: info@hypnobox.com.br (information on this can be found below). You can also see this address in the screenshot of the mail attached above.
  • Link in email: As said, DO NOT click on the link and do not interact with the linked website! However, if you hover over the link with the mouse pointer without clicking, then – depending on the device, system and App – the link pointed out. And this is a link shortened with bit.ly. The bit.ly site can be used to shorten long website links; it is often used by cyber criminals to avoid directly revealing the URL of their scam site.
  • There are far too good-sounding promises: I don't know who exactly the target group of this scam mail is supposed to be. But I guess it's aimed at young nouveau riche as well as well-heeled older people. So people who are either rashly chasing the money or not tech savvy enough to spot a scam popping up in their inbox. Be that as it may, up to 290.000 euros in funding for absolutely nothing sounds utopian and therefore unrealistic. And that should be noticeable.
  • Pressure should be built up: The limited number of 1.200 places in the alleged pilot project is intended to motivate rapid action. Anyone who receives this e-mail should not think long, but quickly click on the link, enter data and pay in money - or perhaps enter bank details, which are then used by criminals. The money is neither topped up with a subsidy nor “increased” in any other way. It is taken from you and disappears into a foreign account, never to be seen again.

Who or what is behind HypnoBox.com.br?

This web address focuses on the Brazilian top-level domain ".br". Because if you just look at HypnoBox.com, you will end up with an offer for an app that you can use to hypnotize yourself. That sounds horrible enough, but if we then add the .br to the end, we come to the website of an IT services and IT consulting company that has existed since 2010 and is based in São Paulo, Brazil (according to the Information from the LinkedIn profile of the company). 

I don't know if this company has illegal online scams in their portfolio besides their official and legal appearance. I don't know why your info email address appears as the sender in the scam email. Because just as it's possible that the company is trying to rip off reckless people in the EU, it's also possible that someone has hijacked their email address in order to mislead inquiring prospects. Therefore, I cannot and do not want to make any assumptions as to whether the company is directly connected to the scam mail.

What is the NextGenerationEU program?

As I understand it, the digital euro that the email quoted above is about is an invention of the criminal subjects who sent this email. There is a European Union program called "NextGenerationEU" on the official website https://next-generation-eu.europa.eu but it's about completely different things: climate neutrality, digitization, physical and mental health, education, equality and tolerance. It's not about giving away money to build any digital currency.

How and where can you report such a scam email?

If you clicked on the link, gave your details and perhaps your money has already been scammed, report this to the police immediately and file a complaint. If you are in contact with a law firm, you can also get advice there. But definitely report the fraud to the police, even if nobody at the station closest to you wants to react to digital crimes (unfortunately this is still the case in many places). 

Otherwise you can forward scam mails to one of the addresses of the Internet Complaints Office: Here is the overview. I also asked the Federal Office for Information Security (BSI) whether there was a department in the ministries to which you could report something like this. We'll see when we get an answer. Incidentally, the BSI offers an info page that deals with spam, Phishing and the like goes: Have a look here. If you have relatives and acquaintances who could fall for such emails, then send them this post! 

Update: Feedback from the BSI Service Center

After an e-mail exchange with the central service center of the Federal Office for Information Security (BSI), I can now knit a small update from the information received. For example, I was informed that the email shown and the scam or phishing site linked to it had already been reported several times. "We are currently investigating this incident“, it said without more detailed information on the status of the test or on the measures after the test. 

There was also a reference to the BSI's Computer Emergency Response Team (CERT). Reports can be submitted to this via an online form. The whole thing is called a "vulnerability report" and can via the website linked here be used. If the use of the form should be unclear, then there is on this explanation page further information on this as well as on the vulnerability report in general. If you prefer to send an email to vulnerability@bsi.bund.de, you will also find the information you need to send there.

Do you have any questions, comments, experiences with this scam or tips for protection against cybercriminals? Then feel free to leave a comment on the topic!

Did you like the article and did the instructions on the blog help you? Then I would be happy if you the blog via a Steady Membership would support.

Post a comment

Your e-mail address will not be published. Required fields are marked with * marked

In the Sir Apfelot Blog you will find advice, instructions and reviews on Apple products such as the iPhone, iPad, Apple Watch, AirPods, iMac, Mac Pro, Mac Mini and Mac Studio.