Being alert to phishing emails

What is phishing?

Phishing is a form of fraud whereby criminals try to find out information about you. Such as login details, credit card information, PIN codes or information on your identity document. They do this, for example, by sending a fake email. The more personal data criminals have of you, the more real it may seem.

Recognising phishing emails

You can find out whether an email that you have received may be a phishing mail by taking a good look at what is in the email:

• Does the email address correspond with the name of the organisation? What is behind the @ sign?
• Is there a general salutation in the mail, such as ‘Dear Sir/Madam’, or is your (full) name actually used? Note: your name may also have been derived from your email address. So even an email with your name in the salutation can still be a phishing email.
• Is there a request in the email to click on a link to ‘supplement’ or ‘check’ your data?
• Are you put under pressure to take swift action?

What you can do

Be very careful when you receive emails in which someone says that they contact you on behalf of a specific organisation. And in which that person, for example, asks you to transfer data. Or to click on a link and then enter your data on a website that seems trustworthy.

Always check if you are indeed dealing with this organisation. Do you not trust it? Then report it to the IT department of your organisation. You can subsequently also contact the organisation yourself. And do not click on a link without a good reason, but go to the organisation's website yourself.

Data breach caused by phishing

If you click on a link in a phishing email or open an attachment, it can cause a data breach. For more information, see: Data breach caused by phishing.