New data laws will be used as opportunity by cyber criminals: gardaí
Cyber thieves posing as Revenue agents are using a combination of fake ‘01’ numbers and robot tech to try to trick people
CYBER criminals are planning to take advantage of new data laws with a fresh wave of scam phone calls and emails, gardaí have warned.
Criminals are planning to take advantage of the new data privacy law coming into effect tomorrow to steal from people.
The scammers will send fake emails pretending to be from legitimate companies asking victims to “keep in touch” by clicking or tapping on a button.
Doing so could bring a victim to a virus-infected site, lead to further junk emails, or even lead the user to give up passwords or financial information, including credit card details.
The scam takes advantage of provisions in the Europe-wide General Data Protection Regulation (GDPR) that say companies must have consent from people they email for marketing purposes.
Email users will have noticed companies are currently sending out legitimate emails asking for people to opt-in.
“Cyber criminals will see this as an opportunity to exploit those agreements and send fake GDPR notices to customers asking them to confirm login or personal information via online links so that they can continue to use the service being provided,” said a spokesman for the Garda National Cyber Crime Bureau.
“Recent enquiries have already identified a string involving the sending of fake notices that allege to be from Airbnb asking customers to update details in order to continue their agreement.”
The spokesman added that a number of incidents have already been recorded around Europe, although there are no recorded incidents yet of the scam succeeding in Ireland.
The Garda missive comes after a similar warning by the Revenue Commissioners over a string of fraudulent phone calls currently in progress.
Cyber thieves posing as Revenue agents are currently using a combination of fake ‘01’ telephone numbers and robot technology to try tricking people into handing over sensitive financial information.
The fraud involves false ‘01’ phone numbers which, when answered, purport to be from an automated Revenue debt collection system.
It then attempts to trick the phone user into making a payment to a bogus system.
“Revenue has become aware of a number of individuals who received phone calls from a person purporting to work in Revenue and demanding the immediate payment of a tax bill or stating that a criminal case is being taken against the individual,” said a Revenue Commissioners statement.
“This person is not calling from Revenue. If you receive a call purporting to be from Revenue about which you have any doubts, particularly if the call is out of the blue, you should contact your Revenue office.
“If you receive contact demanding payment of tax about which you have any doubt, you should contact our Collector General’s Division.”
The EU-wide regulations kick in from tomorrow. As well as tighter rules around email and marketing consent, they introduces fines of up to €20m for companies and organisations that break the law.