Watch out for fake emails: phishing and ransomware

Never open email attachments that you don't trust 100%. Delete spam immediately!

Cyber criminals are continually coming up with new tricks and techniques to steal personal login details and digital files. Therefore, you must always be careful and stay on guard. Only open email attachments and hyperlinks if you're certain that the message is from a trustworthy source. Also, don't automatically log in to a system if requested to do so in an email. Emails can be fake and may contain fake texts and logos resembling that of your bank or other companies. Fake emails can often be recognised by the poor quality of the writing and many spelling errors.

You can verify whether hyperlinks in emails really do link to real websites by hovering over them with your cursor, without clicking.

Watch out for phishing emails and ransomware

  • Phishing is a technique that criminals use to try to get you to disclose personal data or login details over the phone or by email.
  • Ransomware is malicious software spread by email that locks your operating system and/or files after you click on an infected attachment. This software can also spread over the network to infect all shared folders to which you have have editing rights, as well as to external hard disks, USB memory sticks and SURFdrive. When the criminals demand a ransom to unlock your files or computer, don't ever respond to such a message! Immediately break the network connection, turn off the computer and contact the ICTS Service Desk by phone or from another computer.

Be extra cautious with emails concerning invoices, subscriptions and fines, as well as those coming from your bank and AUAS

AUAS and banks will never instruct you to update you login details by email. AUAS system administrators are furthermore not allowed to request personal access codes such as passwords (see the ICT Code of Conduct).

Do’s and don’ts

  • Delete emails that you don't trust straight away. If you want to verify the source, try phoning the sender.
  • Only open attachments if you are expecting to receive a document (e.g. an invoice) from that sender and you trust the attachment. Take extra care with .ZIP files. If the name of an unzipped file ends in .pdf.exe, then it is not really a .PDF file and is most likely a virus.
  • Be cautious if you are prompted to activate Microsoft Office macros.
  • If you receive a suspicious email to your UvA/AUAS account, notify the ICTS Service Desk.
  • Learn to recognise phishing emails! See some examples of phishing emails.
  • Your login details could become public or fall into the hands of cyber criminals, providing unauthorised individuals with access to your data as well as to business information and other people's personal details.
  • Your files and any files that you share with colleagues could be locked.
  • A virus or other malicious software (malware) could be installed on your computer, enabling cyber criminals to see your computer screen and even control your webcam.
  • Your login details could become public or fall into the hands of cyber criminals, providing unauthorised individuals with access to your data as well as to business information and other people's personal details.
  • Your files and any files that you share with colleagues could be locked.
  • A virus or other malicious software (malware) could be installed on your computer, enabling cyber criminals to see your computer screen and even control your webcam.

Be wary of the password pilferer

Published by  ICT Services 22 March 2018