GDPR latest: Fraudsters posing as banks in data protection emails phishing scam


New data laws coming into force are being used by scammers to steal people’s personal information, police have warned.

Customers of Natwest have been targeted by the scammers, who have been sending fraudulent emails claiming to be from the bank.

Companies have been contacting their customers to reassure them that they are adhering to the new General Data Protection Regulation laws, with several asking customers if they are happy to continue receiving emails.

However scammers have created fake emails telling customers their accounts could be terminated if they do not update their records, at which point they are directed to a site which steals any data they input.

These phishing scams are usually perpetrated to gain access to victims’ bank accounts.

Action Fraud have released a statement confirming that banks will never ask for a pin, password or memorable information by text or email.

The agency has also pointed out that fraudulent GDPR emails will often contain poor spelling or grammar, as well as sub-quality design you would not expect in a legitimate email from a bank.

Fake emails might also fail to address you by name (instead starting with “Dear friend” or “Dear customer”) or could come from a strange email address, such as a Gmail or Yahoo account.

The new GDPR law brought in on Friday after being passed by the European Parliament forces businesses to actively secure consent before using customers’ personal data such as their name, phone number and email address.

Having been enshrined in the UK’s upcoming Data Protection Bill, the laws will still apply after Brexit and apply to all businesses offering goods or services within the EU.

Several American websites have temporarily been made unavailable in EU counties as a precaution due to the law coming into effect.

Anyone in the EU trying to access the LA Times today is denied access and instead met with a message saying: ‘Unfortunately, our website is currently unavailable in most European countries.

“We are engaged on the issue and committed to looking at options that support our full range of digital offerings to the EU market. We continue to identify technical compliance solutions that will provide all readers with our award-winning journalism.”