Beware of an email that asks you to compare your data due to EU regulations.
We keep hearing about the EU General Data Protection Regulation, which comes into force on May 25, 2018. Fraudsters have now also taken advantage of this and constructed a phishing email that plays on exactly this topic and exploits any gaps in knowledge or apparent plausibility.
The sender of this email pretends to be PayPal and informs the recipient that due to EU data protection guidelines, customer data must be compared. Caution! This email is an attempted fraud, this email does not come from PayPal, and no data comparison needs to be carried out.
The content of this email reads in readable plain text:
Hello ,
due to new EU data protection guidelines, we are obliged to compare our customer data at regular intervals.
During the reconciliation of your account, your data will be compared with the data stored with us.
If we find any irregularities, the service team will contact you within 24 hours. If you are not contacted by the service team within 24 hours, consider this email to be invalid.Start matching
Please note that this is merely a measure to ensure increased security for you and your personal data in the future.
Behind the request “Start matching” is a fake website that resembles the PayPal login. The visitor therefore thinks he is safe and logs in with a clear conscience. However, just like the entries in the login fields, all other following information (personal data, address data, but also sensitive bank data) ends up directly in the hands of fraudsters.
Therefore, please do not provide any truthful information on these fake sites!
Phishing – the underestimated danger
Phishing is a portmanteau of “password” and “fishing”. The aim at this point is to persuade the target persons to reveal their data. Data fishers send emails on a large scale that look as if they come from, for example, Amazon, Ebay or a bank. The people behind these fraudulent sites and emails want to get your passwords via a fake link. There's one thing you can do to prevent password theft: pay attention.
Data fishers only want what’s best for you: your data
“Your account has been temporarily blocked” or “You need to update your access data” – these or similar are the subject lines and emails that try to steal your passwords during phishing. The urgent-sounding email lures you via a link to deceptively real-looking copies of the original website. The secret number (PIN) or a one-time password (TAN) should then be entered on the manipulated pages. Supposedly to reactivate the account. Instead, the data thieves steal highly sensitive information.
The email scam sometimes comes across as a donation request or tax notice. As a winning message or discount offer. Or the password-stealing links are found in messages that you receive from fellow players in online games. Also be wary of unsolicited text messages or messages from an app on your smartphone.
The best protection against phishing is healthy suspicion
You can protect yourself quite well against password theft. Most effective: Do not respond to messages of unknown origin. Ignore the request to enter data anywhere.
Your bank, for example, will never ask you to open websites from an email and enter account details there. This also applies to every other payment service and every professional internet retailer.
This is how you recognize password theft:
- The subject lines and texts are often written in poor German. Unfortunately, the quality is getting better and better.
- As a rule, it involves account suspensions, alleged identity theft, data comparison or similar. The emails specifically put pressure or panic on the recipient. Or they promise profits or special offers.
- The text asks you to follow a link and enter data on a website.
- The address in the Internet line often has spelling errors or transposed letters.
- Fake websites often do not have a closed lock symbol in the address bar of your browser. The line begins with http:// instead of the encrypted https:// (unfortunately, many fraudsters now use this encryption to feign seriousness).
How to protect yourself from password theft:
- Ignore emails, SMS and app messages from unknown senders.
- Never follow links from such messages. Do not enter sensitive account information on these websites.
- Always type in your bank's Internet address yourself.
- The lock symbol in the browser must always be closed when conducting online banking transactions.
- The internet line must start with https:// (instead of the normal http://) for an encrypted connection. Be careful: Many fraudsters now use this encryption to feign seriousness.
- Make sure the internet address is spelled correctly.
- Check the “certificate” of the website: banks and many online retailers offer identity data. You can query this in the symbol next to the address line. For example, your internet protection program or the browser operator then confirms the authenticity of the page with “Verified by…”.
- Only use private, secured WiFi connections for your banking transactions. Public Wi-Fi homepages could be fake.
This is how you react correctly if you have fallen for password thieves:
If you have already replied to someone else's email or entered confidential data after clicking on a link, then:
- Change your access details for your online banking transactions immediately.
- Tell your bank immediately. It can prevent further damage.
- If you still have the malicious email, send it to spam@zddk.eu
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )



