Skip to main content
Smiling boy with blue-framed glasses heading to school on Ascent Dental ad

New birthday phishing tactic puts millions of people at risk

By Nord VPN
Shootin’ the Breeze Submission
March 31, 2023
Experts have noticed a new trend of fraud victims being contacted on their birthdays. This puts 900 million people in danger because their birth dates, along with contact information such as email addresses or phone numbers, have been leaked onto the dark web, according to new research by NordVPN.

“On its own, a birth date is not a valuable asset to a criminal. It is easy to Google the birth date of almost everyone,” says Daniel Markuson, a cybersecurity expert at NordVPN.

“However, in combination with other data, such as email, friends list, name and surname, it can be used to target a person using a highly personal email with perfect timing, such as a birthday.”

The data was gathered using NordVPN’s dark web monitor feature, which helps users find out if their data has been leaked to the dark web.

Phishing emails often include a sense of urgency so that a person doesn’t think twice before clicking on a malicious link inside the email. For example, the subject could be “Your password is about to expire” or “Your account is about to be blocked.”

The new trend is that scammers send targeted victims an email on their birthday. Such an email’s subject could be “Happy Birthday!” or “You have received an e-birthday card.” After receiving dozens of birthday wishes that day, the victim doesn’t suspect anything fishy and opens the email immediately.

The email usually includes birthday greetings that invite the user to click on a link to see the full message or receive a birthday e-card sent by a friend. Sometimes the message even states that a victim has an Amazon gift card waiting that someone purchased for their birthday.

Of course, there is no e-card or voucher, and a user’s computer can be infected with malware as soon as they click the link.



How can you protect yourself from birthday phishing scams?

If you know what to look out for, detecting phishing scams is easy. The clues are often hidden in plain sight:

—Watch for generic greetings. Emails addressed to Sir/Madam or Ms./Mr. should not be trusted. Always be aware of language and fluency: shortened words, slang and spelling errors are a dead giveaway.

—Don’t click on links. Instead, hover your mouse on the button to see the destination URL. Check if it looks legitimate and — this is important — if it contains the “https” part. You can also see a screenshot of the first page of that website using

—Double-check. If you receive an email on your birthday from somebody you know, think twice before clicking any links. Is it typical of this person to send an email? If not, contact them on the phone, social media or other channel to confirm the legitimacy.

—Use the threat-protection feature on NordVPN. It scans your files before you download them, identifies threats, and blocks them before they can harm your device.

“It is important to remember that cybercriminals don’t take days off on special occasions,” says Daniel Markuson.

“There is no need, of course, to ruin your birthday with the paranoia of being targeted online, but staying vigilant and informant is always important.”

Care to leave a comment?
Scroll down!
Like this story?
Click a link to share on social!
Orange and blue flames on SGB Fitbodies ad promoting Fire and Ice classes
Leave a Reply
Scott Cooper, dressed in a red T-shirt, dark shorts and knee-high socks, puts his hands on his knees and catches his breath after crossing the Divide 200 ultramarathon finish line.

Current Issue

Published every Wednesday

Sorge Trucking – Equipment Operator Required Help Wanted Ad
Poster promoting Pavlo concert at Empress Theatre in Fort Macleod
%d bloggers like this: