Amsterdam University of Applied Sciences
  1. Home
  2. Security (ICT security)
  3. Recognizing phishing e-mails and ransomware

Watch out for phishing and ransomware mails

A hack often starts with a phishing email. Just a single click on a link or attachment in a fake email can result in the infection of an entire network with malware. Criminals are constantly finding new tricks to steal your log-in credentials or make you download viruses and ransomware. Help prevent this by following the steps and tips below.

Check suspicious emails with the checklist below. Please report phishing mails via servicedesk-icts@hva.nl

Checklist: How to recognise and check phishing emails

  • Were you expecting an email from this person/organisation? Are you suspicious? Call the purported sender, but never use the telephone number in the email!
  • Does the email ask you to do something urgently? For example paying an invoice or clicking on a link to check or supplement your details? Be even more cautious! Remember: no AUAS systems administrator will ever ask you for your password.
  • Check whether the email address is the purported sender, organisation or company’s official email address. The domain name (everything that comes after the @ sign in the email address) should match the organisation or company’s website URL. You can check the email address by hovering the mouse pointer over it, without clicking. If the email is fake, the email address will contain a variation of the organisation or company’s actual name (in which the I has been replaced by an L, for example).
  • Check the link (URL). Only click on a link in an email if you know for sure that the website URL is genuine. You can check this by hovering the mouse pointer over the link, without clicking. This will show you the URL. Does this look suspicious? Enter the URL at scamcheck to check whether it is genuine or not.
  • An official website URL will contain the company’s name, followed by a full stop and the domain .nl or .com.
  • A padlock icon means that the connection is secure, but is no guarantee that the website is safe!
  • Check the file extension. This is the suffix at the end of a file name (the letters after the full stop) that indicates what type of file it is. The following file extensions are suspicious: .exe, .zip, .js, .lnk, .wsf, .scr, .jar
    Never switch on macros!

Have you received a phishing email at your AUAS email address?

Send the suspicious email as an attachment to the ICTS Service Desk and we will update the spam filters to make sure this fake email no longer comes through. Delete the phishing email.

Have you clicked on a link or attachment in phishing email by accident?

  • Switch off your internet connection immediately.
  • Report to the ICTS Service Desk via servicedesk-icts@hva.nl what has happened.
  • Perform a virus scan and change your passwords, because malware is capable of forwarding your passwords to criminals.
  • Have you entered your AUAS ID password on a fake website? Report this to the ICTS Service Desk and change your password immediately.

Please report phishing mails via servicedesk-icts@hva.nl

Activate your spam filter

Do you get a lot of phishing and spam email? First of all, check whether the spam filter (from, for example, Outlook) is activated. This checks all incoming email. Is the filter activated and do you still regularly receive spam? Then set spam rules in Outlook or Webmail. The mail headers indicate whether a message is marked as spam. It will be automatically moved to your junk or spam email folder.


I receive e-mail from @e.hva.nl, is this safe?

Yes, this is safe. The AUAS uses this subdomain to send their e-mail newsletters.

Published by  ICT Services 28 November 2023

Security (ICT security)