By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    Web Malware: Out of the Shadows and Hiding in Plain Sight
    8 months ago
    7 Reasons Kaspersky Internet Security 2015 is better than ever
    8 months ago
    Multi-stage phishing that starts with real links
    8 months ago
    Latest News
    Safeguards against firmware signed with stolen MSI keys
    2 days ago
    WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
    2 days ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
    1 week ago
    Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign
    1 week ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    Critical vulnerability fixed in popular WordPress plugin Jetpack
    Critical vulnerability fixed in popular WordPress plugin Jetpack
    8 months ago
    Windows 10 22H2 new features and changes
    8 months ago
    Windows 11 build 22000.652 (KB5012643) out as preview
    8 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    4 months ago
    Now you can speed up any video in your browser
    4 months ago
    How to restore access to a file after EFS or view it on another computer?
    4 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    5 months ago
  • How To
    How ToShow More
    What is two-factor authentication | Kaspersky official blog
    3 days ago
    Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
    5 days ago
    NVIDIA GeForce RTX 4080 New Mercury Editions of Razer Blade 16 and Blade 18 now available
    5 days ago
    How Oxy uses hooks for maximum extensibility
    How Oxy uses hooks for maximum extensibility
    6 days ago
    The personal threat landscape: securing yourself smartly
    6 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    Simple Internet Safety Rules
    8 months ago
    How to find out the hidden age in Vkontakte?
    8 months ago
    How to remove the background from a photo?
    8 months ago
    Latest News
    How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
    3 days ago
    How to enable Taskbar End Task option to close apps on Windows 11
    3 days ago
    How to check USB4 devices specs from Settings on Windows 11
    3 days ago
    How to enable new header UI for File Explorer on Windows 11
    1 week ago
  • Glossary
  • My Bookmarks
Reading: GDPR bustle: Even scammers have new privacy policy
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
Threats

GDPR bustle: Even scammers have new privacy policy

Tom Grant
Last updated: 7 October
Tom Grant 8 months ago
Share
6 Min Read

Recently, you’ve probably been drowning in messages from every service you’ve ever used informing of changes to privacy policies and the need to resubscribe to their newsletters in order to carry on receiving them.

Contents
GDPR fraudHow to spot phishingHow to protect your data

No, it’s not an international flash mob of global companies — they’re just trying to fall in line with the EU’s new General Data Protection Regulation (GDPR), which came into force on May 25, 2018.

The GDPR applies to all companies operating in the territory of the EU, and requires them to handle user data responsibly, which includes storing it securely, not transferring it to anyone without the users permission, and providing timely notifications about leaks in case they happen.

What’s more, companies do not have the right to send messages to users without their consent. That’s why your mailbox is full of resubscription requests — services are keen to keep sending you stuff, but can’t do so without that OK from you, which they are desperately trying to get.

GDPR fraud

Cybercriminals sniffed a perfect opportunity to make quite some user data out of this situation. After all, millions of people worldwide are blindly clicking “Yes, I agree” in countless messages and entering personal info on multiple sites without a second thought.

For example, we came across a mailshot seemingly on behalf of Apple menacingly informing recipients that their Apple ID is locked and set to be deleted in three days unless they fill out a form to confirm their account information.

Apple is unable to confirm your billing details, the message said, and this allegedly violates the company’s security policy. Your account is frozen and will be deleted within three days, continued the warning, unless you follow the link and enter your data.

This, of course, has nothing to do with Apple. Just plain phishing.

The authors of the mailshot employed the oldest social engineering trick in the book: intimidation. Afraid of parting company with such a precious account, the less savvy user panics and acts rashly, entering data in places where it shouldn’t. Such scams are as effective as they are numerous, i.e. very.

Example of a GDPR-related phishing email on behalf of Apple

How to spot phishing

If you keep a cool head, it’s fairly easy to see that you’re being phished. Let’s take a closer look at this Apple ID-related message.

In most cases, it’s possible to determine that it’s fraud even without opening it. For example, look at the sender’s address in the From field and the topic in the Subject field (see screenshot). There is something obviously fake about a long email address containing generic words and a sequence of numbers, especially when you know that all legitimate messages about the Apple ID account come from [email protected].

The message subject also contains strange numbers that don’t make any sense. Spammers use them to create information noise and make the message look unique. Also pay attention to the RE tag, which means that the received message is a reply to a message that you sent. This is highly suspicious if you never wrote to this company (again, this is done to bypass spam filters).

If the subject and sender’s address aren’t enough, an analysis of the message text should dispel all doubts. No self-respecting company in possession of your personal data will ever address you using your email address instead of your first and last names.

Another way to recognize a fraudulent email is to look at the address of the link that you are being asked to follow. If you hover the mouse cursor over the text of the link, the address it points to will appear nearby or in the bottom-left corner of the browser window. It should not contain any strange domains or short links, such as bit.ly or similar.

How to protect your data

  • Never enter personal data on suspicious sites. All actions involving personal data should be performed on official company websites.
  • Before clicking on a link in a message and agreeing to provide personal information, make sure that the message is genuine. Check the sender’s address, subject, and text for anything untoward. If something looks odd, don’t click on anything. Contact the technical support team of the service in whose name the message was sent. They will help clarify the situation.
  • Use a reliable security solution, such as Kaspersky Internet Security, with anti-spam and anti-phishing components. It will sift out dubious messages and give warning of suspicious links.

Source: kaspersky.com

Translate this article

TAGGED: Phishing, PoC, SASE, Security, Social engineering, Split tunneling, Threats
Tom Grant October 7, 2022 October 7, 2022
Share this Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Safeguards against firmware signed with stolen MSI keys
Threats 2 days ago
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Wordpress Threats 2 days ago
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
News 3 days ago
How to enable Taskbar End Task option to close apps on Windows 11
News 3 days ago
How to check USB4 devices specs from Settings on Windows 11
News 3 days ago

Recent Posts

  • Safeguards against firmware signed with stolen MSI keys
  • WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
  • How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
  • How to enable Taskbar End Task option to close apps on Windows 11
  • How to check USB4 devices specs from Settings on Windows 11

You Might Also Like

Threats

Safeguards against firmware signed with stolen MSI keys

2 days ago
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Wordpress Threats

WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin

2 days ago
News

How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11

3 days ago
How To

What is two-factor authentication | Kaspersky official blog

3 days ago
Show More

Related stories

How to Use Cloudflare to Secure Your WordPress Site
How To Starting Chrome from the command line
How to fix error 0x80070057 in Chrome?
Windows 10 How To Disable Slide to Shutdown
Windows search not working (FIX)
How to watch movies and TV series for free on Kinopoisk?
Previous Next

10 New Stories

What is two-factor authentication | Kaspersky official blog
Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
NVIDIA GeForce RTX 4080 New Mercury Editions of Razer Blade 16 and Blade 18 now available
How Oxy uses hooks for maximum extensibility
The personal threat landscape: securing yourself smartly
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
Previous Next
Hot News
Safeguards against firmware signed with stolen MSI keys
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
How to enable Taskbar End Task option to close apps on Windows 11
How to check USB4 devices specs from Settings on Windows 11
10alert.com10alert.com
Follow US

© 10 Alert Network. All Rights Reserved.

  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?