Watch out for fake emails: phishing and ransomware

A hack often starts with a phishing email. Just a single click on a link or attachment in a fake email can result in the infection of an entire network with malware.

Criminals are constantly finding new tricks to steal your log-in credentials or make you download viruses and ransomware. Help prevent this by following the steps and tips below.

Report suspicious mails via Please send the phishing mail as an attachment.

How to recognise and check phishing emails

Were you expecting an email from this person/ organisation? Are you suspicious? Call the purported sender. Never use the telephone number in the email!

Does the email ask you to do something urgently, such as pay an invoice or click on a link to check or supplement your details? Be even more cautious! Remember: no AUAS systems administrator will ever ask you for your password.

Check whether the email address is the purported sender, organisation or company’s official email address. The domain name (everything that comes after the @ sign in the email address) should match the organisation or company’s website URL. You can check the email address by hovering the mouse pointer over it, without clicking. If the email is fake, the email address will contain a variation of the organisation or company’s actual name (in which the I has been replaced by an L, for example).

Check the link. Only click on a link in an email if you know for sure that the website URL is genuine. You can check this by hovering the mouse pointer over the link, without clicking. This will show you the URL. Does this look suspicious? Enter the URL at scamcheck to check whether it is genuine or not.

  • An official website URL will contain the company’s name, followed by a full stop and the domain .nl or .com.
  • A padlock icon means that the connection is secure, but is no guarantee that the website is safe!
  • See this infographic for more details and tips on recognising fake email address and website URLs.
  • Please note: emails from addresses ending in or are safe. The AUAS uses these subdomains to send newsletters by email.

Check the file extension. This is the suffix at the end of a file name (the letters after the full stop) that indicates what type of file it is. The following file extensions are suspicious: .exe, .zip, .js, .lnk, .wsf, .scr, .jar
Never switch on macros!

Have you received a phishing email at your AUAS email address?

Send the suspicious email as an attachment to the ICTS Service Desk via and we will update the spam filters to make sure this fake email no longer comes through. Delete the phishing email.

Have you clicked on a link or attachment in phishing email by accident?

  • Switch off your internet connection immediately.
  • Report to the ICTS Service Desk what has happened.
  • Perform a virus scan and change your passwords, because malware is capable of forwarding your passwords to criminals.

Have you entered your AUAS ID password on a fake website?

Report this to the ICTS Service Desk via and change your password immediately.

Watch out for password pilferers

Published by  ICT Services 21 November 2023