BRUSSELS, (Reuters) – An email “phishing” fraud against the European Union’s greenhouse gas Emissions Trading Scheme (ETS) has prompted the executive European Commission to revise its Internet security guidelines, the Commission said.
German officials said on Wednesday that online fraudsters had targeted international carbon markets to steal emissions permits from companies and sell them illegally.
The ETS is the 27-country European Union’s main tool to force industry to cut greenhouse gas emissions. It allows companies to buy emissions permits from others when cutting those emissions is too expensive. The permits are administered by registries.
“The Commission intends to review the security measures applicable to ETS registries and will prepare revised security guidelines for registries and an action plan aiming at harmonising approach in case of future such incidents,” the EU executive said yesterday.
The Commission said a limited number of fraudulent transactions had been carried out, with fake emails sent to users asking them to log on to a malicious website, pretending to be that of a registry, and disclose their user codes and passwords. This kind of scam is known as “phishing”.
“But the security of the Community Registry and the Community Independent Transaction Log has not been compromised,” the Commission said in a statement.
They said six German companies had been hit by the scam, and companies in New Zealand and Australia had also been affected.
The EU executive said it was alerted by the Netherlands and Norway, and it had informed all other member states to take appropriate security measures immediately.