Amsterdam University of Applied Sciences
  1. Home
  2. Security (ICT security)
  3. Phishing and ransomware

Watch out for phishing and ransomware mails

Only open email attachments and hyperlinks if you're certain that the message is from a trustworthy source. Delete spam immediately! Be extra cautious with emails concerning invoices, prizes, subscriptions and fines, as well as those from your bank or a helpdesk.

Cyber criminals are constantly coming up with new ways and tricks to steal your login data or files. So always be alert and cautious. Only open file attachments or hyperlinks in e-mails if you are convinced that the message can be trusted. Also, don't just log in to a system if you are asked to do so in an e-mail. An e-mail can be forged, for instance with fake text or a fake logo of your bank or other company. Fake e-mails are getting better and better, so they are no longer recognisable only by their grammatical mistakes.

Check hyperlinks in e-mails by hovering over them without clicking; you will then see whether the link leads to a real website.

Beware of phishing mails and ransomware

  • With phishing, criminals try to trick you by phone or e-mail into giving up your personal or login details.
  • With ransomware (hostage software) e-mails, malicious software - which spreads when you open the attachment - locks down your computer and/or your files. This hostage software can also spread via the network to all shared folders to which you have write access. And also to external hard disks, USB sticks and SURFdrive. You will then be asked to pay a 'ransom' to unlock your files or computer. Never react to this! Disconnect the network connection immediately and switch off the computer.

Clicked? Contact the Service Desk ICT Services by phone or on another computer at servicedesk-icts@hva.nl or +31 20-5952200.

Be extra alert with emails about invoices, subscriptions and fines; and from your bank or AUAS

The AUAS and banks will never ask you to change your log-in details by e-mail!
UvA system administrators are also never allowed to ask for your access codes (password); see the ICT rules of conduct.


Do's and don'ts

  • Delete e-mails that you do not trust immediately and call the (so-called) sender if necessary to check whether the e-mail really comes from them.
  • Open an attachment only if you expect to receive a file (invoice) from this sender and you trust the attachment. Pay extra attention to zip-files. If the name of an extracted file ends with .pdf.exe, for example, it is not a pdf file but almost certainly a virus.
  • Be careful if you are asked to activate Office macros.

What happens if you click on an attachment or link in a fake e-mail?

  • Your login details may become public or fall into the hands of cybercriminals, allowing unauthorised access to your data and company - or personal information.
  • Your files and those of your colleagues with whom you share files can be blocked.
  • A virus or other harmful software (malware) can be installed so that cybercriminals can watch your computer screen or even control your webcam.

Activate your spam filter

Do you get a lot of phishing and spam email? First of all, check whether the spam filter (from, for example, Outlook) is activated. This checks all incoming email. Is the filter activated and do you still regularly receive spam? Then set spam rules in Outlook or Webmail. The mail headers indicate whether a message is marked as spam. It will be automatically moved to your junk or spam email folder.


I receive e-mail from @e.uva.nl or @e.hva.nl, is this safe?

Yes, this is safe. The UvA and AUAS use these subdomains to send their e-mail newsletters.

Published by  ICT Services 30 June 2022

Security (ICT security)