The "GDPR Notification from the UK Non Compliance Register" Scam

The GDPR Notification from the UK Non Compliance Register Scam

The "GDPR Notification from the UK Non Compliance Register" email below appears to be a fake. The email was sent to us with a broken link that should go to a so-called "UK Non Compliance Register" website. But, the website doesn't exist. Also, the website that is associated with the email address the message was sent from, was registered 8 days ago in Panama.

Advertisements - Continue reading below

The "GDPR Notification from the UK Non Compliance Register" Scam

To the DPO of www.onlinethreatalerts.com. You are on The GDPR Non Compliance Register

Thu 06/12/2018 09:27

From: "Attention of the DPO: Action Pending Against You" [noncompliance@chatsworthdatacorp.info]

Notification from the UK Non Compliance Register.

To the Data Protection Officer of www.onlinethreatalerts.com.

It has come to our attention that your company is not GDPR compliant.

As your company is not GDPR compliant your company has now been entered onto the Non Compliance Register.

Your company is under review and may be reported to the ICO for non GDPR compliance.

Please go to www.noncomplianceregister.co.uk and enter your company name into the search box.

You will see listed on the page the actions that may now be taken against your company for non GDPR compliance.

This page may also begin to show on the search engines when your company is searched for.

The Non Compliance Register is a FREE public service that is available to any member of the public.

The public can search the register to see if a company can be trusted to store their data securely before they give that company their personal data.

This email has been sent to inform you that you are on the non compliance register.

There is no need to reply to this email.

Disclaimer: This communication is not a business communication and can be legally sent. It is a notification to advise you of action taken against you. There is no personal data involved with this communication. The Non Compliance Register does not hold any personal data and displays only information that is already in the public domain and can be accessed and stored legally by any person who searches the ICO fee payers register for DPO’s and as such does not fall under the GDPR compliance law or the 1998 European Data Protection Act. It is a pubic service that is free of charge.

Now, why is a GDPR email that should come from a website registered in the European Union, coming from chatsworthdatacorp.info, which has no website, is registered in the Caribbean, and not in the EU? The answer, it must be a scam or some scare tactics.

And, I cannot find a "UK Non Compliance Register" anymore on the Internet, it appears it does not exist.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search engine.Search
Write commentWrite your comment or view the ones below.    +
Was this article helpful?
Advertisements - Continue reading below
Comments, Answers, Reviews or Questions
To protect your privacy, please remove sensitive or identifiable information from your comments, questions, or reviews. Please keep conversations courteous and on-topic.

Comments 47

Jun 17, 2019 at 5:53 AM by
The "GDPR Notification from the UK Non Compliance Register" Scam
an anonymous user from: London, England, United Kingdom

2nd email:
"UK Data Protection Officers Directory info@ukdpod.com via aweber.com
10:51 (13 minutes ago)
to me
UK Data Protection Officers Directory

For the owner of E*** Plc,
Thank you for your requesting the list/s of qualified Data Protection Officers in your area.
Here are the qualified Data Protection Officers available in your area.
For Data Protection Officer and GDPR compliance assistance please contact the Data Protection Officer/s below:
Name:
Graham Goodman FDPOA
Qualifications:
Fellow of the Data Protection Officers Association (DPOA) www.thedpoa.com with 16 Years in IT and Data Protection Management
Current Job Title:
Data Protection Officer Manager for Rockwell Data corp. www.rockwelldatacorp.com
Time with company:
15 Years
Telephone:
07704 293 767
Email:
graham.goodman@rockwelldatacorp.com

There is no need to reply to this email.

Disclaimer: Each Data Protection Officer has been screened by the UK Data Protection Officers Directory but any communication or liability is the responsibility of the communicator and not the UK Data Protection Officers Directory. This communication is not a business communication and can be legally sent. There is no personal data involved with this communication. The UK Data Protection Officers Directory does not hold any personal data and displays only information that is already in the public domain and can be accessed and stored legally by any person who searches the ICO fee payers register for DPO’s and as such does not fall under the GDPR compliance law or the 1998 European Data Protection Act. It is a public service that is free of charge.
The UK Data Protection Officers Directory
PO Box 397
London London SW1V 3NX
UNITED KINGDOM
-
Scan of Rockwelldatacorp:
https://www.hybrid-analysis.com/sample/14b9212b83ab876c71372d88d933ed521c800435e87b8e039aaae04e36c8c923/5d07667d028838bd5e3666aa
This scan is showing evidence of command and control protocols attempts.
Scan of thedpoa.com:
https://www.hybrid-analysis.com/sample/ee17abecf8d8485147d93c470a4a8a3929603d120eab2c9f8441df345697d2bf/5d076ac20388380f673666aa"
No command and control picked up on this one, but still a load of malicious indicators, and a lot more connections to other malicious pages.

Delete

Jun 17, 2019 at 4:20 AM by
The "GDPR Notification from the UK Non Compliance Register" Scam
an anonymous user from: London, England, United Kingdom

The unsubscribe button doesn't look too good either...

Delete

Jun 17, 2019 at 4:08 AM by
The "GDPR Notification from the UK Non Compliance Register" Scam
an anonymous user from: London, England, United Kingdom

Here's what you get if you reply:
"For the owner of Epaton plc. The Data Protection Officer Questionnaire.
Inbox
x
UK Data Protection Officers Directory info@ukdpod.com via aweber.com
10:05 (1 minute ago)
to me
UK Data Protection Officers Directory

For the owner of E*** plc,
Thank you for taking the time to check if you need to be registered as a Data Protection Officer with the Information Commissioners Offcie (ICO)
Please click on the link below to go to the questionnaire to find out if you need to become a Data Protection Officer as required by the GDPR compliance law of 25th May 2018
https://ico.org.uk/for-organisations/does-my-organisation-need-a-data-protection-officer-dpo/
If, after finishing the questionnaire you find that you need to appoint a Data Protection Officer (DPO) for your business or organization YOU MUST review the guild lines for Data Protection Officers.
To do this please click on the link below:
https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-law-enforcement-processing/accountability-and-governance/data-protection-officers/
This ICO link will explain what are the legal responsibilities for Data Protection Officers and what qualifications they will need BEFORE they are appointed as a Data Protection Officer for your company.
Important: Appointing yourself or someone in your organization who is not properly qualified or who understands the legal obligations of being a Data Protection Officer can lead to serious consequences for you and your business.
Being a Data Protection Officer is a serious responsibility and failure to comply with the standards set can lead to fines and prosecution.
We recommend that you consider appointing a professionally trained Data Protection Officer to perform the tasks required to keep your business and your clients data safe from data breaches.
If you would like a list of qualified Data Protection Officers who are available in your area please press here and we will send this list to you.
There is no need to reply to this email.

Disclaimer: This communication is not a business communication and can be legally sent. There is no personal data involved with this communication. The UK Data Protection Officers Directory does not hold any personal data and displays only information that is already in the public domain and can be accessed and stored legally by any person who searches the ICO fee payers register for DPO’s and as such does not fall under the GDPR compliance law or the 1998 European Data Protection Act. It is a public service that is free of charge.
The UK Data Protection Officers Directory
PO Box 397
London London SW1V 3NX
UNITED KINGDOM
Unsubscribe Change Subscriber Options
It then sends a new email via the press here to guild-of-dpo@europe.com again with 'Please send to me a list of qualified Data Protection Officers' as the subject."

Delete

Jun 17, 2019 at 2:48 AM by
The "GDPR Notification from the UK Non Compliance Register" Scam
an anonymous user from: London, England, United Kingdom

I've replied via a dummy email, they're automatic replies set up so lets see if they send anything malicious over.
From:
Date: Mon, 17 Jun 2019 at 08:45
Subject: Auto-Reply

Thank you for your request.
We will send your report shortly.
There is no need to reply to this email

Delete

Jan 13, 2019 at 1:52 PM by
The "GDPR Notification from the UK Non Compliance Register" Scam
an anonymous user from: Sheffield, England, United Kingdom

I got a scam email from: nongdprcompliance@lancasterdatasender.info

Replied "suck my..." but it bounced back from ukguildofdpo@hotmail.com

Delete

Jan 13, 2019 at 1:48 PM by
The "GDPR Notification from the UK Non Compliance Register" Scam
an anonymous user from: Sheffield, England, United Kingdom

scam from: nongdprcompliance@lancasterdatasender.info

Delete

Jan 10, 2019 at 9:13 AM by
The "GDPR Notification from the UK Non Compliance Register" Scam
info

The scammers are using this email address: The GDPR Compliance Directory

Delete

Jan 8, 2019 at 9:18 AM by
The "GDPR Notification from the UK Non Compliance Register" Scam
info

Here is another scam: -Original Message- From: UK GDPR Compliance Directory Notification Sent: 08 January 2019 02:21 Subject: To the Data Protection Officer of www.langaria.co.uk. You are on the UK GDPR Compliance Directory Notification from the UK GDPR Compliance Directory To the Data Protection Officer of www.langaria.co.uk It has come to our attention that your company is not GDPR compliant. As your company is not GDPR compliant as required by the GDPR compliance law passed on 25th May 2018, your company is now being listed on the UK GDPR Compliance Directory with a Negative Listing for not being GDPR compliant. The public can now search the GDPR Compliance Directory to see if your company can be trusted to store their data securely before they give you their personal data. The UK GDPR Compliance Directory is a FREE public service that is available to any member of the public to see which companies are GDPR compliant. Request a report To see why you have been entered onto the register with a Negative Listing PRESS HERE and we will send the report to you. On the report you will see listed why you are NOT GDPR compliant and how to receive a Positive Listing. It will also detail any potential dangers to you and your company for not being GDPR compliant. This email has been sent to you as the Data Protection Officer to notify you that your company has a Negative Listing on the UK GDPR Compliance Directory. There is no need to reply to this email. Disclaimer: This communication is not a business communication and can be legally sent. It is a notification to advise you of action taken against you. There is no personal data involved with this communication. The UK GDPR Compliance Directory does not hold any personal data and displays only information that is already in the public domain and can be accessed and stored legally by any person who searches the ICO fee payers register for DPO’s and as such does not fall under the GDPR compliance law or the 1998 European Data Protection Act. It is a public service that is free of charge.

Delete

Jun 17, 2019 at 2:45 AM by
The "GDPR Notification from the UK Non Compliance Register" Scam
an anonymous user from: London, England, United Kingdom

I got this one too, I've replied back via a dummy email to see what they send. I expect a dodgy PDF.

Delete

Jan 8, 2019 at 7:22 AM by
The "GDPR Notification from the UK Non Compliance Register" Scam
an anonymous user from: Newbury, England, United Kingdom

I have just spoken to someone on the live chat on ICO website as we had same email, they said if you forward your emails onto casework@ico.org.uk then they will investigate as they are the only commissioned office to deal with GDPR

Delete

Jan 8, 2019 at 5:12 AM by
The "GDPR Notification from the UK Non Compliance Register" Scam
an anonymous user from: London, England, United Kingdom

nongdprcompliance@qualisdatacorps.info
Received the same email today from the above, stating we are on a non-compliance register, which is not true
Great to see this scam is being highlighted and shared

Delete

Advertisements - Continue reading below

waiting
Write Your Comment, Answer, Review or Question

The "GDPR Notification from the UK Non Compliance Register" Scam