We want to warn all customers against frequent attacks by email.
These attacks often start with phishing email (see image), that try to steal your login information. If you click on the links in the email, the attackers now have full access to your emailbox. This can be used to send out spam to your contacts, or to trick you or your customers, for example with banking fraud where they try to let you send large amounts of money for orders to their own bank account.
Most of our customers are protected with very high quality spam filtering, but sometimes these emails cannot be distinguished from real email, and arrive in your inbox. The reason is, because spamfilters stop spam/scam, but if a hacker sends you a real email sometimes there is no difference at all with normal email. So only you can recognize something is wrong.
What can you do to protect yourself?
1) Never enter the password for your email account, except on your webmail URL (e.g. webmail.yourdomain.com)
2) If you receive an email that asks you to login to your email or confirm something, pay very close attention. Is the FROM address really correct? When you click on the link, do you really go to a thrustworthy domain that you know already? Preferably, never click on the links in these emails but instead go to the website of the vendor directly and login there.
3) If you receive an email from us you do not trust, contact our support to check it is real.
4) Never re-use your password. If your email can be found here: https://haveibeenpwned.com/, your login information on other websites has already been leaked before, and if you use the same password, it is very easy to get access to your emailbox with the same login.
5) To prevent banking-fraud: if you receive an email from a vendor with changed banking details be very suspicious! Call or contact them another way to verify the change is real or not.
6) Inform all staff in your company about these rules.