Beware of phishing

Criminals are fishing for your codes, security information or personal data in order to abuse them. This is commonly called phishing. They do this not only via e-mail, but by all available means of communication, such as the telephone, SMS and even letters.

 

Please note: fake e-mails in circulation (dated 4 July 2018)
Currently an e-mail is being sent on behalf of 1A First Alternative which we did NOT send. This e-mail states that the attached invoices have not yet been paid. The e-mail comes from the address finance@administratie-cloud.nl, which is part of a domain which is not ours. These attachments contain a virus, so do not open them! Please delete this e-mail immediately.

 

Update: the domain has been blocked the very same day. Unfortunately we can not do anything about the e-mails which were already sent. The advice to not open the attachments and delete the e-mail immediately still applies.

How does phishing work?

Phishing is derived from the English word “fishing”. With phishing, a criminal tries to get people to do something, exposing themselves to a cyber attack, often with the aim of swindling them. They do this, for example, by luring people to a fake website and have them log in – unsuspectingly. Or by having them open an attachment containing a virus which gives the criminal access to the computer or telephone.

How can you recognize phishing?

When in doubt, you can of course always contact us. Below are a number of tips for recognizing phishing attempts.

Recognize a fake e-mail

Do you doubt whether an e-mail has been sent by 1A First Alternative?

Pas op voor phishing

E-mails with these characteristics are most certainly fake:

  • The e-mail address of the sender does not end with @ 1afa.com or @ 1a-server.nl.
  • The mail asks for security codes or personal details.
  • The e-mail is written in defective Dutch and / or English.
  • The e-mail is written in a language other than Dutch or English.
  • The mail is threatened with consequences if you do not respond immediately.

With these characteristics there is the possibility that this is a fake e-mail:

  • You will receive an e-mail at an e-mail address that you have not given to us.
  • The e-mail is not addressed to you personally.
  • Your e-mail provider or spam filter indicates that the e-mail is “spam”.
  • The e-mail has an attachment.

1A First Alternative is a Dutch company. All our texts are written in Dutch, English, or both.

Recognize suspicious links

Do not just click on the text or picture of a link, but first hover your mouse pointer over it. You can then see to which website a link actually refers to. A common trick is to provide a label with a link to the real website, but the underlying link that is called is another. An example: https://www.1afa.com. This link seems to refer to our main website, but if you click on it, you will end up on our manuals website.

 

A link from 1A First Alternative always points to these domains or sub-domains below:

  • 1afa.com
  • alt001.com
  • 1a-server.nl

An example of a sub-domain is manuals.1afa.com. It has an extra word in front of the domain. An example of a link with a domain of ours is https://www.1afa.com.

Please note: unfortunately it is very difficult on tablets and mobile phones to find out what the underlying target is. If in doubt, use a PC to check.

What can you do?

  1. Protect your codes → Make sure no one learns your security codes, like user names, passwords, but also your PIN codes. Only use your codes yourself and never pass them on to others.
  2. Do not write down or save your codes → Are you prone to forgetting them? Then you can opt for using a password vault, such as LastPass, KeePassX, or other similar solutions.
  3. Choose a difficult code → Can you choose a security code yourself? Then choose one which is not easy to guess. For example, do not use a date of birth, name of a family member or a zip code.
  4. Do not let anyone see your input → Make sure nobody can watch along when you enter your security codes. This applies to your pin codes and to all other codes that you use.

Secure your devices

It is important to protect the computers, tablets and mobile phones you use from viruses and unwanted entry. At work this is often handled by the IT department, but at home it is your own responsibility. Some tips:

  • Make sure that others cannot use your keys, passes and apps.
  • Always log out when you’re done, this includes websites and apps.
  • Do not store passwords in your browser(s). These are relatively easy to retrieve. Preferably use a password vault.
  • Always install updates of important software and apps, such as your operating system, browser, virus scanner and firewall. A useful program for Windows, for example, is Patch My PC.
  • Do not install illegal software.
  • Only install programs and apps from a reliable source.
  • Secure your computer, tablet and mobile with a password, access code, swipe pattern or fingerprint.

Viruses and malware

Do you still suspect there is malicious software (malware) present? Switch off the network (turn WiFi and 4g off, and disconnect the network cable) and then scan your device with a virus scanner and a malware scanner before you go online again. Is your computer, tablet or mobile phone still displaying symptoms after the scan? Then contact an expert immediately! You can of course always contact your 1A-partner for your company’s equipment.