Watch out for Phishing Scams Posing as Privacy Updates

Watch out for Phishing Scams Posing as Privacy Updates article image.

New guidelines for companies who have customers in the European Union means your inbox is getting a flurry of privacy policy update emails.

All the activity around the European GDPR (General Data Privacy Regulation) is presenting thieves an opportunity to trick consumers into sharing their information via phishing scams: ZDnet reports that customers of companies including AirBnB have already been targets.

"This is another great example how the hackers pick on the latest opportunity," Michael Bruemmer, VP of consumer protection at Experian explains via email. "By checking a box or clicking on a link (which you should never do with any emails you are not expecting), unsuspecting consumers are downloading malware designed to steal their personal information, or even keylogging software that will remain on the machine undetected until removed."

Here are four tips to make sure you don't fall for these scams:

1. Be Skeptical Before Clicking Any Links or Sharing Any Personal Information

Check the ‘from' address and if it's not the official company's, then avoid anything in it. Although some phishers may be able to fake a credible-looking email address, phishing emails often come from addresses that don't make sense or the business name has one character off vs. the correct spelling.

Also, hover over any links in the email: Don't click if the URL that pops up is an unfamiliar domain or doesn't doesn't begin with "https" or goes somewhere other than where the hyperlinked text says it will go. Read more here for tips on spotting phishing scams.

2. Don't Enter Any Credentials via Links in the Emails

Most legitimate GDPR emails are just providing updates and linking to companies' new privacy policy on their website. They may ask you to confirm you agree to the new terms. If you follow a link and it asks you for credentials, don't share them—especially any passwords, your Social Security number, or credit card numbers. You can always go directly to the company's official website to make updates.

3. Keep Your Devices up to Date

Use virus protection or make sure any phones or tablets have the latest updates on them. Manufacturers release new versions to address bugs and possible issues frequently; by using the latest version of software or hardware you'll help minimize the risk of a hacker being able to put ransomware on your device.

4. Run a Free Dark Web Scan

Once an identity thief gets hold of your personally identifiable information (PII), they can buy or sell your information on the dark web and it can trade hands repeatedly. Run a free dark web scan here on to find out if your Social Security number, phone number, or email address are on the dark web.

Read more about recent scams in the news here and let us help you stay forewarned and forearmed.

The purpose of this question submission tool is to provide general education on credit reporting. The Ask Experian team cannot respond to each question individually. However, if your question is of interest to a wide audience of consumers, the Experian team may include it in a future post and may also share responses in its social media outreach. If you have a question, others likely have the same question, too. By sharing your questions and our answers, we can help others as well.

Personal credit report disputes cannot be submitted through Ask Experian. To dispute information in your personal credit report, simply follow the instructions provided with it. Your personal credit report includes appropriate contact information including a website address, toll-free telephone number and mailing address.

To submit a dispute online visit Experian's Dispute Center. If you have a current copy of your personal credit report, simply enter the report number where indicated, and follow the instructions provided. If you do not have a current personal report, Experian will provide a free copy when you submit the information requested. Additionally, you may obtain a free copy of your report once a week through December 31, 2022 at AnnualCreditReport.