Criminals have started using the GDPR to trick users into clicking on malicious links and providing personal data.

Criminals have started to take advantage of the GDPR by sending malicious emails acting as legitimate companies in a new form of phishing campaign. The fake emails request recipients to accept new privacy policies and update their personal information in order for them to continue to use the companies services.

Airbnb are one of many companies that criminals are acting as to fool people. Emails appearing to be from the popular bed and breakfast application have been asking users to accept their new privacy policy otherwise the user will not be able to login to the application. Users are then asked to provide personal information such as Airbnb login credentials, names and addresses.

Phishing campaigns are becoming more and more difficult to spot every day, with criminals consistently finding new ways to trick users into clicking on malicious links and providing personal data. With the GDPR soon approaching, users should be extra vigilant when handling these types of emails, companies like Airbnb would not ask a user to provide login credentials when providing these types of emails. Make sure to take extra care when handling them, and look out for the key giveaways to a phishing email;

? Does the senders email look familiar or genuine?

? Are there any spelling mistakes or use of bad grammar?

? Have they provided proof of knowing you? (Mentioned your name or provided account number etc.)

To learn more about Phishing attacks visit our Cyber Wise Blog for more information.