News & Trends » Watch Out for Phishing Scams Posing as Privacy Updates

Watch Out for Phishing Scams Posing as Privacy Updates

New guidelines for companies who have customers in the European Union means your inbox is getting a flurry of privacy policy update emails.

All the activity around the European GDPR (General Data Privacy Regulation) is presenting thieves an opportunity to trick consumers into sharing their information via phishing scams: ZDnet reports that customers of companies including AirBnB have already been targets.

“This is another great example how the hackers pick on the latest opportunity,” Michael Bruemmer, VP of consumer protection at Experian explains via email. “By checking a box or clicking on a link (which you should never do with any emails you are not expecting), unsuspecting consumers are downloading malware designed to steal their personal information, or even keylogging software that will remain on the machine undetected until removed.”

Here are four tips to make sure you don’t fall for these scams:

1. Be Skeptical Before Clicking Any Links or Sharing Any Personal Information

Check the ‘from’ address and if it’s not the official company’s, then avoid anything in it. Although some phishers may be able to fake a credible-looking email address, phishing emails often come from addresses that don’t make sense or the business name has one character off vs. the correct spelling.

Also, hover over any links in the email: Don’t click if the URL that pops up is an unfamiliar domain or doesn’t doesn’t begin with “https” or goes somewhere other than where the hyperlinked text says it will go. Read more here for tips on spotting phishing scams.

2. Don’t Enter Any Credentials via Links in the Emails

Most legitimate GDPR emails are just providing updates and linking to companies’ new privacy policy on their website. They may ask you to confirm you agree to the new terms. If you follow a link and it asks you for credentials, don’t share them—especially any passwords, your Social Security number, or credit card numbers. You can always go directly to the company’s official website to make updates.

3. Keep Your Devices up to Date

Use virus protection or make sure any phones or tablets have the latest updates on them. Manufacturers release new versions to address bugs and possible issues frequently; by using the latest version of software or hardware you’ll help minimize the risk of a hacker being able to put ransomware on your device.

4. Run a Free Dark Web Scan

Once an identity thief gets hold of your personally identifiable information (PII), they can buy or sell your information on the dark web and it can trade hands repeatedly. Run a free dark web scan here on Experian.com to find out if your Social Security number, phone number, or email address are on the dark web.

Read more about recent scams in the news here and let us help you stay forewarned and forearmed.