Amsterdam University of Applied Sciences
  1. Home
  2. Security
  3. Watch out for fake emails: phishing and ransomware

Watch out for fake emails: phishing and ransomware

Never open email attachments that you don't trust 100%. Delete spam immediately!

Cyber criminals are continually coming up with new tricks and techniques to steal personal login details and digital files. Therefore, you must always be careful and stay on guard. Only open email attachments and hyperlinks if you're certain that the message is from a trustworthy source. Also, don't automatically log in to a system if requested to do so in an email. Emails can be fake and may contain fake texts and logos resembling that of your bank or other companies. Fake emails can often be recognised by the poor quality of the writing and many spelling errors.

You can verify whether hyperlinks in emails really do link to real websites by hovering over them with your cursor, without clicking.

Watch out for phishing emails and ransomware

  • Phishing is a technique that criminals use to try to get you to disclose personal data or login details over the phone or by email.
  • Ransomware is malicious software spread by email that locks your operating system and/or files after you click on an infected attachment. This software can also spread over the network to infect all shared folders to which you have have editing rights, as well as to external hard disks, USB memory sticks and SURFdrive. When the criminals demand a ransom to unlock your files or computer, don't ever respond to such a message! Immediately break the network connection, turn off the computer and contact the ICTS Service Desk by phone or from another computer.

Be extra cautious with emails concerning invoices, subscriptions and fines, as well as those coming from your bank and AUAS

AUAS and banks will never instruct you to update you login details by email. AUAS system administrators are furthermore not allowed to request personal access codes such as passwords (see the ICT Code of Conduct).

Do’s and don’ts

  • Delete emails that you don't trust straight away. If you want to verify the source, try phoning the sender.
  • Only open attachments if you are expecting to receive a document (e.g. an invoice) from that sender and you trust the attachment. Take extra care with .ZIP files. If the name of an unzipped file ends in .pdf.exe, then it is not really a .PDF file and is most likely a virus.
  • Be cautious if you are prompted to activate Microsoft Office macros.
  • If you receive a suspicious email to your UvA/AUAS account, notify the ICTS Service Desk.
  • Learn to recognise phishing emails! See some examples of phishing emails.

What could happen if you click on an attachment or a link in a fake email?

  • Your login details could become public or fall into the hands of cyber criminals, providing unauthorised individuals with access to your data as well as to business information and other people's personal details.
  • Your files and any files that you share with colleagues could be locked.
  • A virus or other malicious software (malware) could be installed on your computer, enabling cyber criminals to see your computer screen and even control your webcam.

Activate your spam filter

Are you getting a lot of phishing and spam mail? If so, first check whether Outlook's spam filter is on. This checks all incoming e-mail. Is it already on and do you still get spam regularly? Then set spam rules in Outlook or Webmail. The e-mail headers indicate whether a message is marked as spam. This ensures that such a message easily ends up in the spam folder.

Received e-mail from @e.hva.nl?

Do you ever receive e-mail from @e-hva.nl? This is safe. The HvA uses these subdomains to send its email newsletters.

Be wary of the password pilferer

Published by  ICT Services 22 February 2023

Security

Cybersaveyourself