European Union officials have downplayed the seriousness of phishing attacks that enabled cybercriminals to steal carbon emissions permits worth £2.6m.
Phishing e-mails were sent to around 2,000 German companies which use the European carbon trading scheme that allows organisations to sell unused quotas of greenhouse gas emissions.
Seven companies were tricked into logging in to a fake site that enabled cybercriminals to capture login credentials used to steal thousands of carbon permits.
The Emissions Trading Scheme alerted all users to prevent other companies falling for the e-mails containing links to the fake EU website.
But EU officials have cautioned against blowing the phishing attacks out of proportion.
"This happens to banks, Visa and Mastercard about once or twice a month. And this is the same sort of thing. I receive these e-mails all the time. I just delete them," EU environment spokeswoman Barbara Helfferich told the EUobserver.
All European Union member states are to investigate whether any companies within their territories were targeted by the scam.
Authorities have undertaken to shut down the fake sites, improve security measures, and issue guidelines on how to prevent future attacks of this kind.