Recognising, preventing and resolving spam or phishing mail

Tags: |

Street robberies have made way for a new form of theft: spam and phishing. Criminals are finding more and more ways to rob you online. How do you recognise spam and phishing? How do you prevent it? And what can you do if you do fall victim?

What is spam or phishing?

Spam or phishing mails are fake e-mails that you receive and which thieves use to obtain data for an online service. For example, a fake email from your bank requires you to log in and give your bank details. If you do this, the thieves gain access to your computer or your data, so that they can steal your money or 'hijack' files, for example. This can also be done over the phone. These fake messages can look very real.

How do you recognise phishing mails?

There are three main ways in which you can recognise these emails:

  1. Spelling mistakes: if you receive an e-mail from your bank, you may assume that there are no spelling mistakes, since it is such a professional institution. Do you spot clear spelling mistakes? Has it been translated with Google Translate, for example, or just written sloppily? Then be extra alert.
  2. Sender: the sender should always correspond to the company from which the e-mail was sent. Sometimes you see very strange e-mail addresses with strange numbers, from an unknown company or from abroad. Then you already know that it is not good. This can also be done more subtly; instead of it is or
  3. Sample page: Are you using an Apple computer? Then move your cursor over the link in the mail. You should then see a preview page. What does it look like? Like the website should look or unprofessional? From this you can already judge whether it is all right or not.

But sometimes it is impossible to recognise... much more dangerous, what to do then?

Preventing spam or phishing mail

You can now recognise the e-mails, but there are still a number of ways in which you can prevent them. Here are four ways.

  1. Turn on your spam filtering: the Office 365 spam filter already filters out most spam and phishing emails. Make sure that your filter is smart enough and tailored to your needs.
  2. Log into your services yourself: If you think the e-mail is genuine, do not click on the link but log into the online service yourself first. Then click on the link in the e-mail. You never have to log in twice, so you know immediately whether the e-mail is genuine or not.
  3. Set a strong password: A strong password is generally essential for security, but it is also very important here. Make sure that every account within the company has a strong password.
  4. Use MFA (multi factor authentication): multi factor authentication means that you can't just log in with your username and password on a new device, but a message is sent to your email or SMS. A confirmation code is then sent that you must fill in. The chance that someone knows your telephone number and e-mail and has access to your telephone and e-mail and knows your password and user name is zero.
  5. Monitor access: Keep a close eye on who is logging in. Suppose that someone suddenly logs in from China while you are in the Netherlands, then there is a good chance that this person should not have access. Of course, you want to be informed of this. Then you can spot strange patterns and act on them.

What if it goes wrong?

Despite good preparations, there is always a chance that things will go wrong. Then there are four things you can do.

  1. Inform IT party: Contact your IT Manager or IT party immediately so that you can limit the damage. They can often also check whether you have already suffered damage. Speed is of the essence. The IT party can also ensure that you can find out more about the impact of the breach. In this way, they prevent unnecessary panic.
  2. Change password: Change your password immediately. Always use a strong (unique) password for all your services. Hard to remember? Use a service like LastPass to make your life easier.
  3. Set up MFA: As mentioned in the preparations, use multi factor authentication. If you haven't done so yet, do it now to prevent further intrusions. You reduce the chance to zero if you use MFA.
  4. View logs: See exactly what happened and request a report from the IT manager or IT party. This way you can see what went wrong and how this can be prevented next time.

Our customers can always contact us with questions about phishing, spam, security or for a security scan or awareness training. Don't trust something or are you having problems with IT? Please call us on 010-2121806 or e-mail us at

Frequently asked questions about Security

Is your question not listed? 1 email or 1 phone call is enough to get it answered. 010-2121806 |

We can make your staff aware of risks and risky behaviour. For security awareness we can give your staff a training (external or internal) with a partner who has experience in this. In addition, optionally a tool can be delivered to the workstations that measures knowledge, keeps it up to date and reports to the responsible persons. This way, you get a continuous improvement in risk awareness and avoidance of risky behaviour.

Yes and no. Cloud in itself has no security. Apart from the fact that on the outside (and sometimes on the inside) it is not visible what the physical location of your data is in the whole. But the more fish in the sea, the more fishermen on the water & the bigger the fish, the more effort one puts in to catching it. So it is with valuable data. So a cloud service is a valuable object for hackers because of the large amount of data. Your network is much less interesting.

Wrong. IT is complex and securing it is even more so. So it takes time, knowledge and skill to make you work in it safely - mostly in the background so you don't notice. 20 years ago, passwords were rare. 10 years ago, everyone knew some colleagues' passwords. 5 years ago, MFA was known but little used in SMEs. And we are only talking about passwords. We make IT simple for customers so that secure working becomes feasible and we can minimise your risks.

Retention literally means "to hold on to". With data and backups, retention is a very important factor. It is not only about retaining your data, but also about how much your data changes. If you have a backup every month and keep it for a year, this means that the retention goes back a maximum of a year and can result in a month's loss of data. It seemed like a good plan, but in practice it is not enough. Different backup strategies can make your data retention perform a lot better. In the Netherlands, SMEs are required to retain data that is directly linked to the added value of their products or services for at least 7 years. A backup of no more than 7 years is a big disappointment.

Working safely is a top-class sport. But your employees are not all top sportsmen. It is a complex problem that cannot be solved just like that. Your company has to deliver and your people have to perform. So you need help from someone with experience and focus on safe working. A reliable IT party can be a good starting point. They arrange the basics and help you further with safety, where necessary specifically in your company. For example, with procedures for staff turnover or the physical security of your company.

How secure you work can be measured. With a technical security test or pen test you can always look for weak spots in the security of your IT equipment, software and network. But also your website or developed application can be extensively tested. You can also have a procedural security test carried out. This has little to do with IT; it means testing how secure the actions are within your company. In other words: are your procedures in order?

Call your IT manager. These people will (probably) know what to do, provided they are familiar with the matter. Calling in your IT party, internal or external, is the first step. They will find out where the hack took place, know how to stop it immediately or cut it off and make sure the damage is limited as much as possible. You also want to secure data about the hack, such as log files of servers, network equipment, etc. This way you can also find out what went wrong or discuss this with a specialised security company (e.g. Northwave). This may also be important to see how you can prevent further security breaches and your insurance may ask about it.

Yes, it is. It's all about the purpose of your data and its security. It can range from a data room for sharing data with multiple parties for a company takeover - but also setting up labels on data in Office 365 so that your company and your data are compliant for regulatory or legal purposes. Above all, you must be able to work safely. Efficiently without being at risk.

Very secure. They do this by securing data storage and sending data. LastPass secures your data, sends it encrypted, stores it encrypted and lets you use MFA to use this data. So your login credentials and data are absolutely safe in this procedure. In addition, they have a clear bounty program for bugs, allowing you and other users to report bugs immediately. So LastPass does not sit idle until something goes wrong but works continuously on improvements to optimize security.

We believe that customers should own the IT that they have. We make customers aware of the risks they run and the solutions that are available to them. Of course, we point this out and indicate where things could possibly go wrong if you make other choices. We choose to work safely, but we understand your choices. That is how we work together and share knowledge and experience.

Every customer request that has to do with security or rights to data/systems is always discussed with the person in your organisation who is authorised to do so. This may be a member of the board, an IT manager or another director. This way, this is neatly recorded and controlled. This prevents someone from borrowing someone else's password, temporarily accessing a colleague's mailbox or giving an external person access to the CRM software without this being desirable.

Take a network, for example. If you build and manage a network, you have to standardise on security. By minimising the number of variations in the number of solutions, you can spend more time on testing, settings, basic configurations with optimal security, documentation. Also, different configuration options for customers are now much better researched and easier to support and secure. We research different security options and engage third parties to verify them. A setup that is properly standardised and configured reduces security risks and makes installation in the office much faster. We then provide controlled and timely updates to the software and settings. We monitor and measure what happens on your network. This way, it is easier to see when things go wrong. Separating guests, customers and non-company equipment from the company network is also essential to prevent abuse. We regularly review and adjust security for all customers in a single operation through central control. Finally, configurations are neatly stored and backed up. This way, you can immediately install replacement equipment if things ever go wrong. Secure by design' is not a method or a set of measures. It has to be in your DNA. This is how we at Lime Networks make the most complex IT simple.

The AVG is for personal data. In other words, data that you store or process that is directly related to people. Think of name and address data with bank account numbers or, for example, data about sick leave, insurance, remuneration, etc. That you have this data or process it is not the problem. But not thinking about who can see it or who can provide access to it or how it is stored and backed up, that's exciting. By thinking about this and gaining insight, you can design adequate processes.

It is an anagram that hones in on the amount of effort required. Everyone can jog for a while, some a little farther than others. But the marathon within 3 hours is already pretty tough. Practice, training, technique, good gear, experience takes years to achieve. It's the same with Safe Working. It's not setting up a firewall and installing antivirus. We are years past that stage. With this seriousness, you may also recognize that you don't have time, business-wise, to do top-notch engineering yourself, and turn to us for these things. We are trained, experienced and go for the medal so you can work safely.

That is a sober approach. But with your data, your company or others may be considerably disadvantaged. So always pay attention to how and where you share data.

If you are asked to log in somewhere, do not click on the link in the e-mail. It is that simple. If it's about banking, go to your bank's website and check the message service there. If it's about your documents online from a cloud service, go to your own login page that you know and log in there. If it's about a service from a customer, you can call them to confirm. Never log in with your own data, but only with the data they have provided. This prevents you from clicking on wrong links, accepting wrong proposals or downloading programs or giving permission that is malicious or illegal. It ensures that you are smart.

Take the example of Maastricht University in December 2019. Then a hack with a nasty piece of software rendered the entire university network with most of the server structure and workstations unusable. What was the damage:

  • FOX-IT was called in on weekends, Christmas, New Year's Eve etc. to investigate and share knowledge with the hack, its clean-up and how to recover.
  • A very large proportion of the computers had to be reinstalled. These computers also had to be checked for traces of the virus in parts that you cannot easily see (bios or secret partitions on the hard disk/SSD drive).
  • Almost all production servers and backups locally became unusable. Only reinstallation was going to help for the recovery.
  • A ransom was paid to the hackers to decrypt the network structure/Active Directory (the Volkskrant speaks of tons of ransom).
  • A large part of the servers had to be reinstalled and data from backups had to be restored where possible.
  • In-house and external employees spent many days doing all the repairs... This also happened during the December holidays.
  • The damage to image was enormous. As a company, something like this can also cost many customers or scare off investors.
  1. One backup is no backup.
  2. Make sure you have at least three copies of your data, in 2 different locations, one of which is minimally secure.
  3. Check regularly that it really works and the data can be restored.

Not always. Sometimes backups also get infected or are not sufficient to get back to work quickly. How much data do you lose? What is the recovery time? How bad is it if the whole company can't work for 24 hours... or maybe longer? Dealing with retention is also important. If you were hacked last week and the consequences only become visible today, do you have enough backups/retention to look back into the past? An employee who left the company last year and deleted or compromised data is also a hack. Can you go back a year with your backup? Finally, you also need to have a plan if things go wrong and see how quickly you can get back on your feet. A continuity plan helps with that.

Then, of course, we are here for you as well. Suppose you are hacked, for example, we immediately make sure that the attack is stopped and that log files and traces are preserved as much as possible. This allows us to see the impact of the attack and what data may have been captured. This often helps in the process of understanding or with insurance. We work with standard procedures where we work on a similar methodology to resolve issues. It can also be valuable with forensics. It would be annoying if a hack (without data being captured) leads to an apology letter to all your customers or suppliers and image damage.

You don't have to. With Bitlocker you can neatly secure the data on your laptop against theft. A stolen laptop is no problem this way and data stays safe. Did you know that we can remotely erase your data in case of theft, provided your stolen laptop or phone is connected to the internet? The decryption codes are stored by us in your business environment so that in case of an emergency or hard disk replacement, the data can be safely read again.

At Lime Networks we work according to the ISO 27001 standard. This means that we have thought about physical and virtual security and have actively set up our processes accordingly. This is improved annually and checked by the TüV. You can read more about ISO here: We use our knowledge of IT and security to make your environment as safe as possible. From your workplace, your fixed and Wi-Fi network, your servers, smartphones and cloud services.

With MFA you have two ways of identification. This often comes down to login details (username and password) and a code via an app on your smartphone. Someone who has stolen your login details still can't log in to systems or services, because this also requires the code from your smartphone. Have you or your company/supplier been hacked? Then this need not be a problem. We use Microsoft Authenticator for this. The extra login codes are not your own systems but open. With the Microsoft app, you can therefore also set MFA on your Gmail account, your bank, Office 365, supplier of crypto currency or your Apple ID. It is a generic standard.

LastPass provides a safe place for storing passwords, a kind of password vault that you can only access with a master password. It also helps you in your daily work with logging into websites and services. It works on your desktop PC or laptop and on your smartphone. It is free to use. It allows you to work securely with complex passwords so that this becomes very difficult. The paid variant is also useful for business purposes. You can create and manage accounts for a supplier or a social media account, for example, and share these with colleagues or external parties. They can log in (via their free LastPass account) and not see the password, but they can use it. If the account is no longer relevant to others, you can withdraw the permissions individually without having to change passwords.

This is trickier than you think and cannot be put into words in a few sentences. However, we did write a blog about it and you can find it here.

You can start by being aware that you want to work safely. This question has succeeded, so let's mention the next easy steps right away. Use legal software! Make sure you have a good antivirus/antimalware solution on your PC (pay for it too; no freebies). Always make sure you have the most recent versions and updates for your system and software. Also make sure you have the latest security patches and updates. Use a password manager (like LastPass; free for private use) and do not use the same passwords for different systems and accounts. Use MFA (multi factor authentication) for all services/accounts that are online. We are far from there yet, but with these measures you are not a low-hanging fruit for hackers and certainly not for the majority of online crime.

Working safely is our top priority. It is not a core value, but an aorta that runs through our company. With 'secure by design', we continuously ensure that our products and our own internal processes are based on Safe Working and are also designed safely. The customer is our focus. We make complex IT matters simple; security and Safe Working are the basis for this.

If we assume a safe workplace, then keeping it safe is a serious task. Most importantly, the workplace should always be up-to-date. For the OS, hardware, installed programs, antivirus/antimalware. By using Bitlocker and MFA, we make sure access is difficult. With policies for the firewall and by using monitoring we keep a tight rein on things.

We are Microsoft Gold Partner in three areas, for which the employees of Lime Networks have successfully completed many training courses and for which current customer cases have been approved by Microsoft. In addition, there are many certifications in the areas of security, voice, networking and the like. We work according to the guidelines and standards of our suppliers. Our ISO 27001 certificate without comments also ensures the correct working method and attitude.

With 'secure by design', every choice of product or service is considered in terms of its implications for the IT security of your environment. This means that the highest security requirements are taken into account, such as encryption, MFA, AVG, access control, etc. This ensures that we always stand behind our products and we know about data security and availability.

Go to the top