Birth dates of almost billion people leaked on the Dark Web, together with their contact information details
Short link: https://wp.me/paaccn-q9M
Experts notice a new trend of fraud victims being contacted on their birthdays. This puts 900 million people in danger because their birth dates – along with contact information such as email or phone number) – have been found leaked on the Dark Web, according to new research by NordVPN.
“On its own, a birth date is not a valuable asset to a criminal. It is easy to Google the birth date of almost everyone. However, in combination with other data (such as email, friends’ list, name, and surname), it can be used to target a person using a highly personal email with perfect timing, such as a birthday,” says Daniel Markuson, a cybersecurity expert at NordVPN.
The data was gathered using NordVPN’s Dark Web Monitor feature, which helps its users to find out if their data has been leaked to the Dark Web.
A birthday card with an unpleasant surprise
Phishing emails often include a sense of urgency so that a person doesn’t think twice before clicking on a malicious link inside the email. For example, the subject could be “Your password is about to expire” or “Your account is about to be blocked.”
The new trend is that scammers send targeted victims an email on their birthday. Such email’s subject could be “Happy Birthday!” or “You have received an e-birthday card.” After receiving dozens of birthday wishes that day, the victim doesn’t suspect anything fishy and opens an email immediately.
The email usually includes birthday greetings that invite the user to click on a link to see the full message or receive an e-birthday card sent by a friend. Sometimes the message even states that a victim has an Amazon gift card waiting for them that someone purchased for their birthday.
Of course, there is no e-card or voucher, and a user’s computer can be infected with malware as soon as they click the link.
How can you protect yourself from birthday phishing scams?
If you know what to look out for, detecting phishing scams is easy. The clues are often hidden in plain sight.
- A generic greeting. Don’t trust emails addressed to “Sir/Madam” or “Ms./Mr.” Always be aware of language and fluency: shortened words, slang, and spelling errors are a dead giveaway.
- Don’t click on links. Instead, hover your mouse on the button to see the destination URL. Check if it looks legitimate – and this is important – if it contains the “https” part. You can also see a screenshot of the first page of that website using https://urlscan.io/.
- Double check. If you receive an email from somebody you know on your birthday, think twice before clicking any links. Is it typical of this person to send an email? If not, contact them on the phone, social media, or other channel to confirm the legitimacy.
- Use the Threat Protection feature on NordVPN. Threat Protection scans your files before you download them, identifies threats, and blocks them before they can harm your device.
“It is important to remember that cybercriminals don’t take days off on special occasions. There is no need, of course, to ruin your birthday with the paranoia of being targeted online, but staying vigilant and informant is always important,” says Daniel Markuson. (/)
_________
About NordVPN
NordVPN is the world’s most advanced VPN service provider, used by millions of internet users worldwide. NordVPN provides double VPN encryption and Onion Over VPN and guarantees privacy with zero tracking. One of the key features of the product is Threat Protection, which blocks malicious websites, malware, trackers, and ads. NordVPN is very user friendly, offers one of the best prices on the market, and has over 5,000 servers in 60 countries worldwide. For more information: http://nordvpn.
__________
Featured image is a phishing symbol courtesy of and thanks to Dreamstime.