The new GDPR (General Data Protection Regulation) laws have only just come into effect and were introduced to help consumers protect their own personal information. But, new warnings have now been released that some scammers are using them to try and steal personal information.
After being passed by the European Parliament, the new GDPR laws came into effect last week. They require all businesses to secure the consent of their customers in order to hold onto their personal information, including their name, email address of phone number. This applies to all businesses within the EU, and those who offer goods or services to consumers in the EU.
As part of the regulations, companies are contacting their customers to ask them if they can keep their information. Reports have now been made though, that customers of major UK companies are being targeted by online criminals who are emailing people claiming to be banks and other companies. For example, customers of NatWest have said they have received fraudulent emails.
These types of scams work by criminals creating fake emails and then sending out emails to consumers telling them that their accounts will be terminated if they fail to update their records. They are the directed to an external site to input their personal data. Phishing scams like these are commonly used to gain access to victims personal information, and sometimes their bank accounts.
In a statement, the group “Action Fraud” have reminded consumers that banks would never ask for information like passwords or pin numbers over email or text messages. They have also reminded customers to be vigilant, check for emails that contain spelling or grammar mistakes or those that contain images that aren’t the quality you would expect from a major corporation. Also, fake emails sometimes fail to mention a customer’s name instead using terms like “Dear customer”, or they may come from a different email address such as a Hotmail, Yahoo, or Gmail account.