Monday, October 2, 2023

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Hot Topics
  • Survey Sees More Cyberattacks Targeting APIs
  • NIST supply chain security guidance for CI/CD environments: What you need to know
  • Navigating the Nuances of the Asia-Pacific PDPA
  • Playing Dress-Up? How to Train to Spot Websites in Disguise
  • Is My Boss Spying on Me, Instagram Painting Scam, Kia and Hyundai TikTok Challenge
Governance, Risk & Compliance SBN News Security Bloggers Network 

Home » Cybersecurity » Governance, Risk & Compliance » Phishers Leveraging GDPR-Themed Scam Emails to Steal Users’ Information

SBN

Phishers Leveraging GDPR-Themed Scam Emails to Steal Users’ Information

by David Bisson on May 3, 2018

Phishers are using scam emails that leverage the European Union’s General Data Protection Regulation (GDPR) as a theme in an attempt to steal users’ information, a security firm found.

AWS Builder Community Hub

Researchers at managed threat detection solutions provider RedScan came across one such phishing message that appeared to originate from Airbnb. The scam email, which came from the fake domain “@mail.airbnb.work” as opposed to the legitimate “@airbnb.com,” addressed the recipient as an Airbnb host and said they could not accept new bookings or send messages until they agreed to a new Privacy Policy that reflects changes introduced by GDPR. As quoted by ZDNet, the message read as follows:

This update is mandatory because of the new changes in the EU Digital privacy legislation that acts upon United States based companies, like Airbnb in order to protect European citizens and companies.

Fake Airbnb privacy email. (Source: Redscan)

When clicked, the link redirected recipients to a page that asked them to enter their account credentials, payment card details and other personal information.

ZDNet confirmed that Airbnb is sending messages to hosts about GDPR but that it’s simply asking them to agree to new Terms of Service. Those real messages did not ask hosts to submit their credentials. As a result, the community-drive hospitality company made clear that users who receive suspicious emails should submit them to its Trust and Safety team.

Mark Nicholls, director of cyber security at Redscan, told ZDNet that web users are likely to see other types of attacks leveraging GDPR as a theme in the meantime:

As we get closer to the GDPR implementation deadline, I think we can expect to see a lot a lot more of these types of phishing scams over the next few weeks, that’s for sure. In the case (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/latest-security-news/phishers-leveraging-gdpr-themed-scam-emails-to-steal-users-information/

May 3, 2018May 3, 2018 David Bisson GDPR, Latest Security News, Phishing, scam
  • ← State Machine Testing with Echidna
  • 59% of people use the same password everywhere, poll finds →

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Tue 03

Way Too Vulnerable: Uncovering the State of the Identity Attack Surface

October 3 @ 11:00 am - 12:00 pm
Wed 11

ASPM: Leveling the AppSec Playing Field

October 11 @ 1:00 pm - 2:00 pm
Mon 16

Shadow Access: Where IAM Meets Cloud Security

October 16 @ 3:00 pm - 4:00 pm
Tue 17

Securing Cloud-Native Applications Across the Software Development Life Cycle

October 17 @ 11:00 am - 12:00 pm
Wed 18

Live Workshop on ‘SCA 2.0’: Using Runtime Analysis to Find High-Risk SCA Vulnerabilities

October 18 @ 12:00 pm - 1:30 pm
Thu 19

Managing Security Posture and Entitlements in the Cloud

October 19 @ 1:00 pm - 2:00 pm
Tue 24

When Seconds Matter: Real-Time Cloud Security With AWS and Sysdig

October 24 @ 11:00 am - 12:00 pm
Tue 24

Reporting From the Pipeline: The State of Software Security in DevOps

October 24 @ 1:00 pm - 2:00 pm
Thu 26

How to Shift Left the Right Way

October 26 @ 3:00 pm - 4:00 pm
Mon 30

Zero-Trust

October 30 @ 1:00 pm - 2:00 pm

More Webinars

Subscribe to our Newsletters

TSTV Podcast

Most Read on the Boulevard

ZenRAT Targets Windows Users with Fake Bitwarden Site
China-Backed Hacks of Cisco Routers Worry Feds — BlackTech Revenge?
Microsoft Brings Passkey Support to Windows 11
Exabeam Brings Generative AI to SIEM Platform
Sysdig Adds Ability to Detect Threats in Real-Time to CNAPP
What You Need to Know About the libwebp Exploit
Methods To Protect Yourself From Identity Theft
How to Perform an ISO 27001 Risk Assessment
Google LibWebP Arbitrary Code Execution Vulnerability (CVE-2023-5129) Notification
Step on It: What to Know About TISAX Compliance in the Automotive Market

Download Free eBook

The Dangers of Open Source Software and Best Practices for Securing Code

Industry Spotlight

CISA Rolls Out a HBOM Framework to Secure Hardware Components
Cloud Security Cybersecurity Featured Industry Spotlight Network Security News Security Boulevard (Original) Spotlight Threats & Breaches 

CISA Rolls Out a HBOM Framework to Secure Hardware Components

September 29, 2023 Jeffrey Burt | 2 days ago 0
Lawsuit Filed Against Google, Meta, H&R Block for Sharing Taxpayer Data
Cyberlaw Cybersecurity Data Privacy Data Security Featured Identity & Access Industry Spotlight News Security Boulevard (Original) Spotlight 

Lawsuit Filed Against Google, Meta, H&R Block for Sharing Taxpayer Data

September 28, 2023 Jeffrey Burt | 3 days ago 0
Xenomorph Android Banking Trojan Makes Landfall in US
Application Security Cybersecurity Data Security Featured Identity & Access Industry Spotlight Malware Mobile Security News Security Boulevard (Original) Spotlight Threats & Breaches 

Xenomorph Android Banking Trojan Makes Landfall in US

September 26, 2023 Jeffrey Burt | Sep 26 0

Top Stories

Survey Sees More Cyberattacks Targeting APIs
Analytics & Intelligence Application Security Cybersecurity Featured Incident Response Malware News Security Boulevard (Original) Social - Facebook Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Survey Sees More Cyberattacks Targeting APIs

October 2, 2023 Michael Vizard | 44 minutes ago 0
Federal Shutdown Raises Cybersecurity Risks, Experts Warn
Analytics & Intelligence CISO Suite Cybersecurity Featured Governance, Risk & Compliance Incident Response IoT & ICS Security News Security Boulevard (Original) Social - Facebook Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Federal Shutdown Raises Cybersecurity Risks, Experts Warn

September 29, 2023 Nathan Eddy | 3 days ago 0
National Cybersecurity Infrastructure Efforts Bearing Fruit
Analytics & Intelligence CISO Suite Cyberlaw Cybersecurity Data Privacy Data Security Featured Governance, Risk & Compliance Incident Response News Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence 

National Cybersecurity Infrastructure Efforts Bearing Fruit

September 29, 2023 Nathan Eddy | 3 days ago 0

Security Humor

Randall Munroe’s XKCD ‘Book Podcasts’

Randall Munroe’s XKCD ‘Book Podcasts’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2023 Techstrong Group Inc. All rights reserved.