Following the entry into force of the GDPR, you will have noticed that your email inbox is constantly bombarded with messages of an informative nature and with requests for authorisation to use personal data: “We have updated our privacy policy” are the words of most of these messages, in which the recipient’s silence is tantamount to consent to the management of his or her data; very few, however, are the communications that require the recipient to take a specific action in order to grant authorisation to manage the aforementioned personal data. The result of this flurry of messages has led many users, once they have understood the situation, to accept without thinking too much about it, but without worrying about running into some scam which, of course, is not lacking in this climate of disorder.
The Kaspersky Lab researchers provide us with an example of an e-mail, identified using their anti-spam system, that at first glance came from Apple. The text of the e-mail in question invites users to fill in a form in order to prevent their account from being frozen and deleted after three days. Obviously, the form you are asked to fill in has nothing to do with Apple, but is a simple ploy to induce you to hand over your data to the criminals without hesitation.
But how to recognise these fake e-mails? Even just from the sender’s address you can tell that something is wrong: in the case presented by Kaspersky lab, the address had several suspicious numbers, which could not be justified for an e-mail of this kind, as well as bearing the wording ‘RE’ in the subject field, which identifies a reply message and should not be present in this case as the first message received. Fraudsters use this ploy to prevent their e-mails from ending up in spam. Even if all this escapes your notice, the text of the e-mail usually bears further clues as to the malicious nature of the message itself: in the header, the writer refers to the user not by his full name but by his e-mail address (e.g. ‘Dear jamessmith@email.com’); no company then sends intimidating messages, with threats to block the account or similar suspicious requests. Another alarm bell should ring if you check the link to the form: if you hover your mouse over it, you will see that it does not lead to Apple’s official website, but to a domain that has nothing to do with it.
For the sake of clarity, here is the ‘incriminating’ e-mail
Marco Serico