Security experts at NordVPN say they have identified a new trend whereby fraud victims are being contacted on their birthdays – thanks to the birth dates, as well as contact information such as email addresses and phone numbers, of more than 900-million people being leaked on the dark web.

“On its own, a birth date is not a valuable asset to a criminal,” says Daniel Markuson, a cybersecurity expert at NordVPN. “It is easy to Google the birth date of almost everyone. However, in combination with other data (such as email, friends’ list, name, and surname), it can be used to target a person using a highly personal email with perfect timing – such as a birthday.”

The data, he says, was gathered using NordVPN’s Dark Web Monitor feature which helps its users to find out if their data has been leaked to the dark web.

A birthday card with an unpleasant surprise

Phishing emails often include a sense of urgency so that a person doesn’t think twice before clicking on a malicious link inside the email. For example, the subject could be “Your password is about to expire” or “Your account is about to be blocked.”

The new trend is that scammers send targeted victims an email on their birthday. The email’s subject could be “Happy Birthday!” or “You have received an e-birthday card.” After receiving dozens of birthday wishes that day, the victim doesn’t suspect anything suspicious and opens an email immediately.

The email usually includes birthday greetings that invite the user to click on a link to see the full message or receive an e-birthday card sent by a friend. Sometimes the message even states that a victim has an Amazon gift card waiting for them that someone purchased for their birthday.

Of course, there is no e-card or voucher, and a user’s computer can be infected with malware as soon as they click the link.

How can you protect yourself from birthday phishing scams?

If you know what to look out for, detecting phishing scams is easy. The clues are often hidden in plain sight.

A generic greeting. Don’t trust emails addressed to “Sir/Madam” or “Ms/Mr.” Always be aware of language and fluency: shortened words, slang, and spelling errors are a dead giveaway.

Don’t click on links. Instead, hover your mouse on the button to see the destination URL. Check if it looks legitimate – and this is important – if it contains the “https” part. You can also see a screenshot of the first page of that website using https://urlscan.io/.

Double check. If you receive an email from somebody you know on your birthday, think twice before clicking any links. Is it typical of this person to send an email? If not, contact them on the phone, social media, or other channel to confirm the legitimacy.

Use Threat Protection like the one on NordVPN that scans your files before you download them, identifies threats, and blocks them before they can harm your device.

“It is important to remember that cybercriminals don’t take days off on special occasions,” says Markuson. “There is no need, of course, to ruin your birthday with the paranoia of being targeted online – but staying vigilant and informed is always important.”