Other information and services of the government: www.belgium.be   Logo van de Belgische federale overheid

Do not get tricked: GDPR phishing e-mails

New phishing e-mails related to GDPR

The GDPR entered into force on Friday 25 May. It comprises a set of rules aimed at better protecting European citizens’ personal data. Companies that fall under the new GDPR regulations must adjust their privacy policy and inform their customers accordingly. Cyber criminals have seized the opportunity to send fake e-mails using the names of established companies. In the e-mails, they claim that they need your data to comply with the GDPR regulations. Be careful!

How to recognize these fake messages

As a rule, companies only ask for permission to keep your current data, and do not ask for new data to be forwarded to them.

Be sure to check the sender's address.

Finally, hover your mouse over the link to check to which website you will be sent upon clicking on the link. Is the domain name, i.e. the word before “.be”, “.com”, “.eu”, “.org”, etc., and before the very first slash "/", really the organization’s name?

An example:

Our advice:

  • Do not open these messages, forward them to verdacht@safeonweb.be and delete them
  • Do not click on the links or images and certainly do not open any attachments.
  • Do not reply to the fraudulent e-mail / message.
  • Never enter personal details.

Learn more about phishing messages through the phishing test.


If you have received such a phishing message, you can report it yourself via the official website of the company in question.

You can send suspicious messages to suspicious@safeonweb.be.

What is suspicious@safeonweb.be ?

GDPR phishing
volledige breedte