Stormont asks cyber security police to investigate fake rates website

Cyber security police have been asked by Stormont to investigate a fake website address mistakenly printed on rates bills.

Nearly 300,000 ratepayers were sent letters which included an "incorrect weblink" for making a payment.

But concerns have been raised that the web address may have contained harmful content used by online scammers known as malware.

The Department of Finance said the website domain was not government-owned and officials had reported the site to Action Fraud for further investigation.

Action Fraud is the UK's national reporting centre for fraud and cybercrime and is operated by the City of London Police.

Rates are a property tax which help fund public services in Northern Ireland.

They are collected by the Department of Finance's public agency called Land and Property Services (LPS).

Bills for the new financial year were issued to households and businesses from the beginning of April.

It is understood the erroneous weblink looked similar to the official address for the NI Direct website.

Malware is malicious software designed to harm computer systems or devices.

BBC News NI asked the Department of Finance if the misprinted web address contained malware.

In response, a spokesman said: "The website domain is not government-owned.

"Land and Property Services has reported the site to Action Fraud for further investigation."

Action Fraud was also approached for comment.

Prof Kevin Curran, a professor of cyber security at Ulster University, examined the misprinted web address.

He said it led him to a site which "tried to download malware".

"What we have a case of here is typo-squatting or cyber-squatting," he said.

"That's where scammers will register domain names with similar spelling in the hopes that people will visit the sites."

He said some people "could be led to downloading malicious software", or it could be as "low-level" as trying to generate clicks on advertising.

"A lot of scammers just simply register ads on sites. They just try to put people through to these sites so that they click on ads and get the ad revenue for that," he said.

The academic said government IT departments should be vigilant about these issues and "should get the main fake site taken down".

There are about 850,000 rateable domestic properties and 75,000 non-domestic properties in Northern Ireland.

In a statement on Tuesday, the Department of Finance said LPS was "aware of an incorrect link provided on the second page of one of the versions of the bills that was issued to approximately 295,000 ratepayers".

It said LPS apologised for "any inconvenience" and the misprint had been removed from future rate bills.

"While the majority of visitors to rates pages on NI Direct use a search engine rather than typing in the direct URL, ratepayers who do key in the URL are asked to use the link www.nidirect.gov.uk/rates to access information about domestic rates," a spokesperson said.

"If bill payers have any concerns about their rate bills, they should contact LPS."