A quick but important warning. As you may know, a new misguided European Union privacy-related regulation — the GDPR (General Data Protection Regulation) — is coming into force.
This has triggered many websites sending out confusing notices about new GDPR rules, demands that users click-through URLs to accept the new regulations, and a range of other complicated and confusing notifications.
I’m now receiving reports of highly deceptive scam phishing emails that falsely purport to be these kinds of notifications, often including URLs “requiring” you to “accept” these regulations or make other changes on your accounts to supposedly avoid disruption of services.
The crooks have had plenty of time to prepare for this, so many of these scamming emails are extremely well designed. It can be nearly impossible to determine if some of them are legitimate or not, even with careful inspection of the email headers available to most users.
I strongly recommend that unless you are certain that an email asking or demanding that you take particular actions relating to new privacy rules is legitimate, that you do not click on any contained links, nor open any included attachments.
If the message appears to have come from an entity with whom you regularly deal — and remember that just because an email claims to come from a firm or other organization that you happen to work with, doesn’t mean that the message is actually from them! — you should consider contacting that firm or organization for verification via a known email address or known URL from your own bookmarks — or a URL that you type in yourself. Or call them on the phone, using their public phone numbers (not a phone number from the email). Again, do not click any links in those messages unless you are entirely convinced that they are not fakes!
What a shame that European regulators apparently didn’t feel it necessary to notify users about how easily the GDPR could become an entirely new vector for crime.