Watch out for fake emails: phishing and ransomware

• Only open email attachments and hyperlinks if you are certain that the message is from a trustworthy source.
• Do not automatically log in on a system if requested to do so in an email.
• Verify if hyperlinks in e-mails really do link to real websites by hovering over them with your cursor, without clicking.
• Be extra cautious with emails concerning invoices, subscriptions and fines and from your bank and AUA

AUAS and banks will never instruct you to update you login data by email!

AUAS system administrators are furthermore not allowed to request personal access codes such as passwords; see the ICT Code of Conduct .

Do's en don’ts

• Delete emails you don't trust straight away. If you want to verify the source, try phoning the sender.
• Only open attachments if you are expecting to receive a document (e.g. an invoice) from that sender and you trust the attachment. Take extra care with zip files. If the name of an unzipped file ends in .pdf.exe, then it is not really a PDF file and most likely is a virus.
• Be cautious if you are prompted to activate Microsoft Office macros.
• If you receive a suspicious email to your UvA/AUAS account, notify the ICTS Service Desk via servicedesk-icts@hva.nl.

Make sure you know how to recognise phishing emails.
Examples of phishing mails

What could happen if you click on an attachment or a link in a fake email?

• Your login details could become public or fall into the hands of cyber criminals, giving unauthorised individuals access to your data and personal details.
• Your files could be locked.
• A virus or other malicious software (malware) could be installed on your computer, enabling cyber criminals to see your computer screen and even control your webcam.