Romania’s National Cyber Security Directorate (DNSC) has sounded the alarm on an active phishing campaign exploiting the identity of the country’s newly re-appointed Minister of Finance, Alexandru Nazare. Disguised as official communication from the Ministry, the financial scam falsely promises aid and “high returns” on investments, luring victims into handing over personal and banking data.
The warning, issued today, comes at a time when the country’s Finance Minister said, “We’ve inherited a vulnerable economy and an increasingly unstable budgetary foundation,” barely a week after being in office. It’s a factor that cybercriminals appear to be leveraging to make their scam more believable.
Financial Scam Campaign Preying on Current Outlook
The fraudulent campaign is circulating across social networks and in sponsored advertisements, presenting itself as an official government initiative. The lures are compelling, promising citizens “high returns between 75% and 150%” on investments – an alleged alternative to traditional bank deposits that preys on the desire for quick wealth.
The campaign begins with online ads and social media posts featuring the likeness of the Finance Minister and government logos. Victims are redirected to fake websites styled to mimic official government platforms. These pages often advertise debt relief schemes or fast-track government loans, offering apparent legitimacy through the use of state emblems and formal-sounding messaging.
Once users engage with the site, they are prompted to submit identity documents, banking credentials, and personal contact details—information that could be used for identity theft, financial fraud, or further cyberattacks.
Authorities have confirmed that no such loan program exists. “We warn the public that this information is completely false. No public institution has launched such a platform, and the image of state officials is being misused to lend credibility to online fraud campaigns. This type of content aims to mislead users, generate a false sense of legitimacy, and redirect them to dangerous sites with the potential for phishing or compromising personal or financial data,” the alert said.
The ministry added that it also does not solicit personal information via advertisements or unofficial web portals.
Exploiting a Vulnerable Moment
This campaign is particularly potent given Romania’s current economic environment. A month ago, Finance Minister Alexandru Nazare publicly outlined the fragile state of the country’s finances, citing concerns about budget deficits, growing public debt, and high inflation.
In his first public address after taking office for the second time since 2021, he wrote, “We’ve inherited a vulnerable economy and an increasingly unstable budgetary foundation. For years, we were told Romania was growing. But that growth was largely an illusion — pushed forward by consumption, not by real development.”
“Budgets were constructed unrealistically, with exaggerated income estimates and undervalued spending. And because corrective measures were not taken in time, Romania has entered into a spiral of permanent deficits,” he added.
His remarks have sparked widespread debate and concern among the Romanian public—many of whom are anxious about the potential for reduced subsidies, higher taxes, or economic slowdown.
Cybercriminals have seized on this uncertainty, crafting phishing messages that mimic real talking points from the Finance Ministry—like references to debt restructuring, citizen aid programs, or economic support packages. These lures feel authentic and urgent, especially to citizens already worried about financial insecurity.
Trust Crisis Meets Cyber Fraud
Nazare’s early days in office have also involved efforts to regain investor confidence and stabilize government borrowing. While such reforms are critical for long-term stability, they also amplify a broader narrative of crisis management—one that threat actors are eager to exploit.
“Scammers read the news. They know when public trust is strained and when people are financially vulnerable,” said a Bucharest-based expert. “By impersonating a high-profile figure during a national debate on austerity, attackers increase the likelihood of clicks, data submission, and ultimately, fraud.”
DNSC’s Recommendations to the Public
The DNSC urged Romanian citizens to take the following actions to avoid falling victim to the latest fraud campaign:
-
Do not trust financial offers circulated via ads or unofficial websites, even if they display government symbols or the name of a minister.
-
Always check URLs carefully, ensuring that any government service is accessed via the official
.gov.rodomain. -
Report suspicious links or messages to DNSC via their official website, dnsc.ro.
-
Avoid downloading files or applications from unfamiliar sources, particularly those linked from financial “assistance” ads.
-
Enable two-factor authentication on email and banking platforms to reduce risk if credentials are exposed.
As Romania works to restore fiscal credibility and chart a course through economic headwinds, the parallel battle in cyberspace must not be ignored. Public trust is not only critical to financial markets—it is a pillar of national cybersecurity.
