The "GDPR Notification from the UK Non Compliance Register" Scam

The "GDPR Notification from the UK Non Compliance Register" email below appears to be a fake. The email was sent to us with a broken link that should go to a so-called "UK Non Compliance Register" website. But, the website doesn't exist. Also, the website that is associated with the email address the message was sent from, was registered 8 days ago in Panama.

The GDPR Notification from the UK Non Compliance Register Scam

The "GDPR Notification from the UK Non Compliance Register" Scam

To the DPO of www.onlinethreatalerts.com. You are on The GDPR Non Compliance Register

Thu 06/12/2018 09:27

From: "Attention of the DPO: Action Pending Against You" [noncompliance@chatsworthdatacorp.info]

Notification from the UK Non Compliance Register.

To the Data Protection Officer of www.onlinethreatalerts.com.

It has come to our attention that your company is not GDPR compliant.

As your company is not GDPR compliant your company has now been entered onto the Non Compliance Register.

Your company is under review and may be reported to the ICO for non GDPR compliance.

Please go to www.noncomplianceregister.co.uk and enter your company name into the search box.

You will see listed on the page the actions that may now be taken against your company for non GDPR compliance.

This page may also begin to show on the search engines when your company is searched for.

The Non Compliance Register is a FREE public service that is available to any member of the public.

The public can search the register to see if a company can be trusted to store their data securely before they give that company their personal data.

This email has been sent to inform you that you are on the non compliance register.

There is no need to reply to this email.

Disclaimer: This communication is not a business communication and can be legally sent. It is a notification to advise you of action taken against you. There is no personal data involved with this communication. The Non Compliance Register does not hold any personal data and displays only information that is already in the public domain and can be accessed and stored legally by any person who searches the ICO fee payers register for DPO’s and as such does not fall under the GDPR compliance law or the 1998 European Data Protection Act. It is a pubic service that is free of charge.

Now, why is a GDPR email that should come from a website registered in the European Union, coming from chatsworthdatacorp.info, which has no website, is registered in the Caribbean, and not in the EU? The answer, it must be a scam or some scare tactics.

And, I cannot find a "UK Non Compliance Register" anymore on the Internet, it appears it does not exist.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Note: Some of the information in samples on this website may have been impersonated or spoofed.
Was this article helpful?  +
  • YesLike (2)
  •       
  • NoDislike (0)   
Share this with others:
Facebook
WhatsApp
Twitter
Reddit
Pinterest
Line Me
Save

DonateHelp maintain Online Threat Alerts (OTA) by clicking here.

Comments, Questions, Answers, or Reviews

Comments (Total: 47)

To protect your privacy, please remove sensitive information from your comments, questions, or reviews. We will use your IP address to display your approximate location to other users when you make a post. That location is not enough to find you.

Your post will be set as anonymous because you are not signed in. An anonymous post cannot be edited or deleted, therefore, review it carefully before posting. Sign-in.

The comments, reviews or answers below do not necessarily reflect the views of Online Threat Alerts (OTA).

  • June 17, 2019 at 5:53 AM by an anonymous user from: London, England, United Kingdom

    2nd email:

    "UK Data Protection Officers Directory info@ukdpod.com via aweber.com

    10:51 (13 minutes ago)

    to me

    UK Data Protection Officers Directory

    For the owner of E*** Plc,

    Thank you for your requesting the list/s of qualified Data Protection Officers in your area.

    Here are the qualified Data Protection Officers available in your area.

    For Data Protection Officer and GDPR compliance assistance please contact the Data Protection Officer/s below:

    Name:

    Graham Goodman FDPOA

    Qualifications:

    Fellow of the Data Protection Officers Association (DPOA) www.thedpoa.com with 16 Years in IT and Data Protection Management

    Current Job Title:

    Data Protection Officer Manager for Rockwell Data corp. www.rockwelldatacorp.com

    Time with company:

    15 Years

    Telephone:

    07704 293 767

    Email:

    graham.goodman@rockwelldatacorp.com

    There is no need to reply to this email.

    Disclaimer: Each Data Protection Officer has been screened by the UK Data Protection Officers Directory but any communication or liability is the responsibility of the communicator and not the UK Data Protection Officers Directory. This communication is not a business communication and can be legally sent. There is no personal data involved with this communication. The UK Data Protection Officers Directory does not hold any personal data and displays only information that is already in the public domain and can be accessed and stored legally by any person who searches the ICO fee payers register for DPO’s and as such does not fall under the GDPR compliance law or the 1998 European Data Protection Act. It is a public service that is free of charge.

    The UK Data Protection Officers Directory

    PO Box 397

    London London SW1V 3NX

    UNITED KINGDOM

    -

    Scan of Rockwelldatacorp:

    https://www.hybrid-analysis.com/sample/14b9212b83ab876c71372d88d933ed521c800435e87b8e039aaae04e36c8c923/5d07667d028838bd5e3666aa

    This scan is showing evidence of command and control protocols attempts.

    Scan of thedpoa.com:

    https://www.hybrid-analysis.com/sample/ee17abecf8d8485147d93c470a4a8a3929603d120eab2c9f8441df345697d2bf/5d076ac20388380f673666aa"

    No command and control picked up on this one, but still a load of malicious indicators, and a lot more connections to other malicious pages.

  • June 17, 2019 at 4:20 AM by an anonymous user from: London, England, United Kingdom

    The unsubscribe button doesn't look too good either...

  • June 17, 2019 at 4:08 AM by an anonymous user from: London, England, United Kingdom

    Here's what you get if you reply:

    "For the owner of Epaton plc. The Data Protection Officer Questionnaire.

    Inbox

    x

    UK Data Protection Officers Directory info@ukdpod.com via aweber.com

    10:05 (1 minute ago)

    to me

    UK Data Protection Officers Directory

    For the owner of E*** plc,

    Thank you for taking the time to check if you need to be registered as a Data Protection Officer with the Information Commissioners Offcie (ICO)

    Please click on the link below to go to the questionnaire to find out if you need to become a Data Protection Officer as required by the GDPR compliance law of 25th May 2018

    https://ico.org.uk/for-organisations/does-my-organisation-need-a-data-protection-officer-dpo/

    If, after finishing the questionnaire you find that you need to appoint a Data Protection Officer (DPO) for your business or organization YOU MUST review the guild lines for Data Protection Officers.

    To do this please click on the link below:

    https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-law-enforcement-processing/accountability-and-governance/data-protection-officers/

    This ICO link will explain what are the legal responsibilities for Data Protection Officers and what qualifications they will need BEFORE they are appointed as a Data Protection Officer for your company.

    Important: Appointing yourself or someone in your organization who is not properly qualified or who understands the legal obligations of being a Data Protection Officer can lead to serious consequences for you and your business.

    Being a Data Protection Officer is a serious responsibility and failure to comply with the standards set can lead to fines and prosecution.

    We recommend that you consider appointing a professionally trained Data Protection Officer to perform the tasks required to keep your business and your clients data safe from data breaches.

    If you would like a list of qualified Data Protection Officers who are available in your area please press here and we will send this list to you.

    There is no need to reply to this email.

    Disclaimer: This communication is not a business communication and can be legally sent. There is no personal data involved with this communication. The UK Data Protection Officers Directory does not hold any personal data and displays only information that is already in the public domain and can be accessed and stored legally by any person who searches the ICO fee payers register for DPO’s and as such does not fall under the GDPR compliance law or the 1998 European Data Protection Act. It is a public service that is free of charge.

    The UK Data Protection Officers Directory

    PO Box 397

    London London SW1V 3NX

    UNITED KINGDOM

    Unsubscribe | Change Subscriber Options

    It then sends a new email via the press here to guild-of-dpo@europe.com again with 'Please send to me a list of qualified Data Protection Officers' as the subject."

  • June 17, 2019 at 2:48 AM by an anonymous user from: London, England, United Kingdom

    I've replied via a dummy email, they're automatic replies set up so lets see if they send anything malicious over.

    From: <non-gdpr-reply@europe.com>

    Date: Mon, 17 Jun 2019 at 08:45

    Subject: Auto-Reply

    Thank you for your request.

    We will send your report shortly.

    There is no need to reply to this email

  • January 13, 2019 at 1:52 PM by an anonymous user from: Sheffield, England, United Kingdom

    I got a scam email from: nongdprcompliance@lancasterdatasender.info

    Replied "suck my..." but it bounced back from ukguildofdpo@hotmail.com

  • January 13, 2019 at 1:48 PM by an anonymous user from: Sheffield, England, United Kingdom

    scam from: nongdprcompliance@lancasterdatasender.info

  • January 10, 2019 at 9:13 AM by info

    The scammers are using this email address:

    The GDPR Compliance Directory <nongdprcompliance@qualisdatacorps.info>

  • January 8, 2019 at 9:18 AM by info

    Here is another scam:

    -Original Message-

    From: UK GDPR Compliance Directory Notification <nongdprcompliance@lancasterdatasender.info>

    Sent: 08 January 2019 02:21

    Subject: To the Data Protection Officer of www.langaria.co.uk. You are on the UK GDPR Compliance Directory

    Notification from the

    UK GDPR Compliance Directory

    To the Data Protection Officer of www.langaria.co.uk

    It has come to our attention that your company is not GDPR compliant.

    As your company is not GDPR compliant as required by the GDPR compliance law passed on 25th May 2018, your company is now being listed on the UK GDPR Compliance Directory with a Negative Listing for not being GDPR compliant.

    The public can now search the GDPR Compliance Directory to see if your company can be trusted to store their data securely before they give you their personal data.

    The UK GDPR Compliance Directory is a FREE public service that is available to any member of the public to see which companies are GDPR compliant.

    Request a report

    To see why you have been entered onto the register with a Negative Listing PRESS HERE <mailto:non-gdpr-reply@europe.com?subject=Please send to me the GDPR Non Compliance Report.> and we will send the report to you.

    On the report you will see listed why you are NOT GDPR compliant and how to receive a Positive Listing.

    It will also detail any potential dangers to you and your company for not being GDPR compliant.

    This email has been sent to you as the Data Protection Officer to notify you that your company has a Negative Listing on the UK GDPR Compliance Directory.

    There is no need to reply to this email.

    Disclaimer: This communication is not a business communication and can be legally sent. It is a notification to advise you of action taken against you. There is no personal data involved with this communication. The UK GDPR Compliance Directory does not hold any personal data and displays only information that is already in the public domain and can be accessed and stored legally by any person who searches the ICO fee payers register for DPO’s and as such does not fall under the GDPR compliance law or the 1998 European Data Protection Act. It is a public service that is free of charge.

    • June 17, 2019 at 2:45 AM by an anonymous user from: London, England, United Kingdom

      I got this one too, I've replied back via a dummy email to see what they send. I expect a dodgy PDF.

  • January 8, 2019 at 7:22 AM by an anonymous user from: Newbury, England, United Kingdom

    I have just spoken to someone on the live chat on ICO website as we had same email, they said if you forward your emails onto casework@ico.org.uk then they will investigate as they are the only commissioned office to deal with GDPR

  • January 8, 2019 at 5:12 AM by an anonymous user from: London, England, United Kingdom

    nongdprcompliance@qualisdatacorps.info

    Received the same email today from the above, stating we are on a non-compliance register, which is not true

    Great to see this scam is being highlighted and shared

  • January 8, 2019 at 4:03 AM by an anonymous user from: London, England, United Kingdom

    Same e-mail. No answered, forwarded to your address above. Thanks for confirmation of dodgy c**p.

  • January 8, 2019 at 3:50 AM by an anonymous user from: London, England, United Kingdom

    Received a similarly worded email this morning and it's from nongdprcompliance@qualisdatacorps.info

  • January 8, 2019 at 2:59 AM by an anonymous user from: Seville, Andalucia, Spain

    I've just received that same mail today concerning my website, almost completely written in Spanish).

    It was sent to a valid email address, but to a private one -my own email address, not to one of the email addresses listed on my website for a contact or anything else.

  • January 4, 2019 at 7:37 AM by an anonymous user from: London, England, United Kingdom

    Anyone report follow-up from this scam? I'd be very interested to see what happens if someone replies...

  • January 3, 2019 at 3:47 AM by an anonymous user from: Leeds, England, United Kingdom

    you have to love their last line ". It is a pubic service that is free of charge."

  • December 22, 2018 at 7:29 AM by an anonymous user from: Rochdale, England, United Kingdom

    Got the same email. 2 email addresses,

    nongdprcompliance@lancasterdatasender.info

    and

    nongpdr-reply@europe.com

    Wasted my morning checking to see if it was fake!

    • December 24, 2018 at 10:31 AM by an anonymous user from: Manchester, England, United Kingdom

      nongdprcompliance@xartondataservice.info

      me too not sure why I received this or why someone would bother sending out scam emails.

  • December 19, 2018 at 7:46 AM by an anonymous user from: London, England, United Kingdom

    Same here...

    email sent from zertondatacorpservices.info

    email goes to nongdpr-reply@europe.com

    • December 20, 2018 at 2:28 AM by an anonymous user from: Eastleigh, England, United Kingdom

      yesterday, the 19th, same came in via xartondataservice.info

  • December 19, 2018 at 5:32 AM by an anonymous user from: London, England, United Kingdom

    Received this email 16th dec 2018. Not nice

  • December 18, 2018 at 8:08 AM by an anonymous user from: Reading, England, United Kingdom

    Being bombarded with this email :/

  • December 18, 2018 at 5:29 AM by an anonymous user from: Norwich, England, United Kingdom

    We also got this from nongdprcompliance[at]zertondatacorpservices.info. The click here to register link points to an email address:

    nongdpr@europe.com

  • December 18, 2018 at 3:39 AM by an anonymous user from: Basildon, England, United Kingdom

    I received a similar thing from gdprnoncompliance2018@hotmail.com

  • December 17, 2018 at 10:04 AM by an anonymous user from: London, England, United Kingdom

    We received the same one from nongdprcompliance@lancasterdatasender.info

  • December 17, 2018 at 2:56 AM by an anonymous user from: Birmingham, England, United Kingdom

    Received this:

    "Notification from the UK Non Compliance Register.

    To the owner of www.

    It has come to our attention that your company is not GDPR compliant.

    As your company is not GDPR compliant your company has now been entered onto the Non Compliance Register for the UK.

    Your company is under review and may be reported to the ICO for non GDPR compliance as required by the GDPR compliance law passed on 25th May 2018

    The Non Compliance Register is a FREE public service that is available to any member of the public.

    The public can search the register to see if a company can be trusted to store their data securely before they give that company their personal data.

    To see why you have been entered onto the Non Compliance Register PRESS HERE <mailto:non-gdpr-reply@europe.com?subject=Please send to me the GDPR Non Compliance Report> and we will send the report to you.

    You will see listed on the report the actions that may now be taken against your company for non GDPR compliance.

    This email has been sent to inform you that you are on the UK Non Compliance Register.

    There is no need to reply to this email.

    Disclaimer: This communication is not a business communication and can be legally sent. It is a notification to advise you of action taken against you. There is no personal data involved with this communication. The Non Compliance Register does not hold any personal data and displays only information that is already in the public domain and can be accessed and stored legally by any person who searches the ICO fee payers register for DPO’s and as such does not fall under the GDPR compliance law or the 1998 European Data Protection Act. It is a pubic service that is free of charge."

    • December 18, 2018 at 8:10 AM by an anonymous user from: Reading, England, United Kingdom

      I've had the same email x 3 now but with different senders from California to Europeans countries :/

  • December 16, 2018 at 8:00 PM by info

    Received the same fake email from: nongdprcompliance@zertondatacorpservices.info

  • December 16, 2018 at 7:14 AM by info

    Here is another scam:

    "From: "To the DPO: Pending Action for Non GDPR Compliance" <nongdprcompliance@qualisdatacorps.info>

    Date: 14 December 2018 at 05:30:13 GMT

    Subject: Action Against the DPO of [] You are on The GDPR Non Compliance Register

    Reply-To: "To the DPO: Pending Action for Non GDPR Compliance" <gdprnoncompliance2018@hotmail.com>"

  • December 15, 2018 at 10:04 AM by an anonymous user from: London, England, United Kingdom

    They are also using this email address: nongdprcompliance@qualisdatacorps.info

  • December 14, 2018 at 11:02 AM by info

    They are using this email address: nongdprcompliance@vectordataservices.info

  • December 14, 2018 at 8:49 AM by info

    Received the same scam:

    "From: "To the DPO: Pending Action for Non GDPR Compliance" <nongdprcompliance@lancasterdatasender.info>

    Subject: Action Against the DPO of You are on The GDPR Non Compliance Register

    Date: 14 December 2018 at 05:42:50 GMT

    Reply-To: "To the DPO: Pending Action for Non GDPR Compliance" <gdprnoncompliance2018@hotmail.com>"

  • December 14, 2018 at 8:06 AM by info

    They are using this email address: registernoncompliance@hotmail.com

  • December 12, 2018 at 3:37 PM by an anonymous user from: London, England, United Kingdom

    Also received an email from these people but with a different email/domain address

    mailto: noncompliance@vectordataservices.info

    and guess what the following info appeared on WHOIs:

    "Domain Name: VECTORDATASERVICES.INFO

    Registry Domain ID: D503300000334750424-LRMS

    Registrar WHOIS Server: whois.namecheap.com

    Registrar URL: www.namecheap.com

    Updated Date: 2018-11-28T23:28:55Z

    Creation Date: 2018-11-28T23:21:13Z

    Registry Expiry Date: 2019-11-28T23:21:13Z

    Registrar Registration Expiration Date:

    Registrar: NameCheap, Inc

    Registrar IANA ID: 1068

    Registrar Abuse Contact Email: abuse@namecheap.com

    Registrar Abuse Contact Phone: 1.6613102107

    Registrant Organization:

    Registrant State/Province: Panama

    Registrant Country: PA"

    Why would a UK Government agency register their domain name in Panama?

  • December 12, 2018 at 8:03 AM by info

    Receive:

    "From: "Action Pending Against You: The UK Non GDPR Compliance Register" <noncompliance@zertondatacorpservices.info>

    Subject: To the owner of www.thehormonaltherapist.co.uk You are on The GDPR Non Compliance Register

    Date: 11 December 2018 11:34:49 GMT

    Reply-To: "Action Pending Against You: The UK Non GDPR Compliance Register" <registernoncompliance@hotmail.com>"

  • December 12, 2018 at 8:01 AM by info

    Received:

    "From: Action Pending Against You: The UK Non GDPR Compliance Register <nongdprcompliance@vectordataservices.info>

    Sent: 12 December 2018 09:49

    Subject: To the owner of [] You are on The GDPR Non Compliance Register"

  • December 11, 2018 at 9:19 AM by info

    Here is another scam:

    "From: Action Pending Against You: The UK Non GDPR Compliance Register [mailto:noncompliance@xartondataservice.info]

    Sent: 11 December 2018 01:55

    Subject: To the owner of You are on The GDPR Non Compliance Register

    Notification from the UK Non Compliance Register.

    To the owner of

    It has come to our attention that your company is not GDPR compliant.

    As your company is not GDPR compliant your company has now been entered onto the Non Compliance Register for the UK.

    Your company is under review and may be reported to the ICO for non GDPR compliance as required by the GDPR compliance law passed on 25 May 2018

    The Non Compliance Register is a FREE public service that is available to any member of the public.

    The public can search the register to see if a company can be trusted to store their data securely before they give that company their personal data.

    To see why you have been entered onto the Non Compliance Register PRESS HERE and we will send the report to you.

    You will see listed on the report the actions that may now be taken against your company for non GDPR compliance.

    This email has been sent to inform you that you are on the non compliance register.

    There is no need to reply to this email."

  • December 10, 2018 at 10:19 AM by info

    Here is another scam:

    "From: Action Pending Against You for Non GDPR Compliance <noncompliance@xartondataservice.info>

    Sent: 07 December 2018 16:37

    Subject: To the owner of [] You are on The GDPR Non Compliance Register"

  • December 8, 2018 at 8:18 AM by info

    Got the same:

    - Original message -

    From: Action Pending Against You for Non GDPR Compliance <noncompliance@zertondatacorpservices.info>

    Date: 08/12/2018 01:45 (GMT 00:00)

    Subject: To the owner of [] You are on The GDPR Non Compliance Register

  • December 8, 2018 at 7:54 AM by an anonymous user from: Edgware, England, United Kingdom

    Yep - received exactly the same email from:

    "Action Pending Against You for Non GDPR Compliance <noncompliance@lancasterdatasender.info>

    To see why you have been entered onto the Non Compliance Register PRESS HERE and we will send the report to you. - The PRESS HERE link opened a new google Tab!"

    I guess I will just ignore this.

    • December 8, 2018 at 9:27 AM by info

      Yes, just ignore them.

  • December 8, 2018 at 7:16 AM by an anonymous user from: London, England, United Kingdom

    Same scam email from: zertondatacorpservices.info

    The majority of emails we get nowadays are related to scams.

    This is having such an effect on our business that we are returning to paper-based procedures.

    Projecting these problems forward a few years and we will hit a point where email and ebusiness is no longer viable for all companies.

    I'm afraid it's long overdue for governments to step in and fully regulate the internet otherwise it will completely fail.

    It's a real concern that the UK government are 'making tax digital' when trust in ebusiness systems is rapidly diminishing - take a look at the what the O2 debacle has done to hundreds of small businesses in the last day or two if you think this is OTT.

  • December 8, 2018 at 6:33 AM by info

    Received the same via email:

    "From: Action Pending Against You for Non GDPR Compliance <noncompliance@zertondatacorpservices.info>

    Reply-To: Action Pending Against You for Non GDPR Compliance <registernoncompliance@hotmail.com>"

  • December 7, 2018 at 7:00 AM by an anonymous user from: Aberystwyth, Wales, United Kingdom

    We've had these being delivered to various obvious contact email addresses like info@ourwebsitename or admin@... etc.

    Haven't followed any link but an obvious hoax because how can they possibly know if we are compliant or not? They don't have access to our in house compliance procedure and they don't even address the issue to the email address that we registered with the ICO.

    The problem with this scam would seem that if you did follow a link that worked and entered your company name you are submitting your company to a register that may then be made public. You're effectively filling in the details for the scammers.

    Additionally if anyone can access this public register then whenever a name is searched for it will automatically be added to the "non compliance register".

    A dirty scam and we can all thank the big companies that made the GDPR law necessary and so costly for the small guys struggling to get a foot in the door.

    It's hard enough to comply without having to deal with S**T like this!

  • December 7, 2018 at 4:32 AM by info

    I got another one from: noncompliance@qualisdatacorps.info

  • December 7, 2018 at 4:31 AM by info

    Here is another scam:

    "From: Action Pending Against You for Non GDPR Compliance <noncompliance@vectordataservices.info>

    Sent: 07 December 2018 03:46

    Subject: To the owner of You are on The GDPR Non Compliance Register

    Notification from the UK Non Compliance Register.

    To the owner of.

    It has come to our attention that your company is not GDPR compliant.

    As your company is not GDPR compliant your company has now been entered onto the Non Compliance Register for the UK.

    Your company is under review and may be reported to the ICO for non GDPR compliance as required by the GDPR compliance law passed on 25 May 2018

    The Non Compliance Register is a FREE public service that is available to any member of the public.

    The public can search the register to see if a company can be trusted to store their data securely before they give that company their personal data.

    To see why you have been entered onto the Non Compliance Register PRESS HERE and we will send the report to you.

    You will see listed on the report the actions that may now be taken against your company for non GDPR compliance.

    This email has been sent to inform you that you are on the non compliance register.

    There is no need to reply to this email.

    non-gdpr-reply@europe.com"

  • December 7, 2018 at 2:51 AM by an anonymous user from: London, England, United Kingdom

    Received the same email from noncompliance@vectordataservices.info except it also had a link, in the form of 'to see why you have been entered on to the register CLICK HERE'

Comments Show More Comments (46)

Write Your Comment, Question, Answer, or Review

The "GDPR Notification from the UK Non Compliance Register" Scam