Cybercrime can take many forms. A common form is sending phishing emails: a technique that criminals often use. Such an email struck BOVAG editor-in-chief Elvira Spoelstra. 'The first thing that popped into my head was: what is happening to me now? Have I sent something? Or done something wrong?'
The BOVAG editor-in-chief was talking with a colleague in the hallway when she found out that an e-mail had been sent to her colleagues via her e-mail address. A phishing email, it turned out. What she then feared became true: several colleagues had already clicked on the link. That link went to a strange website, with a picture of a beach on it and one of those login fields. A number of colleagues had tried to log in there. I myself couldn't receive any mail from then on; a forwarding rule had been put on my mailbox that went to a vague address'. Fortunately, the ICT department acted appropriately and managed to prevent worse. 'The department immediately started investigating what was going on and then sent out a warning e-mail. Colleagues who had logged on were advised to change their passwords immediately, and that strange website was on a list of blocked phishing sites half an hour later.
Shame: that was the feeling that prevailed with Elvira when the hack happened to her. 'An e-mail like that is signed with your own name, so of course you feel a slight form of shame.' Moreover, the question popped into her head: what happened? Did I click on something after all? Was I really that stupid? "I really don't remember clicking on any weird emails myself, but it could just have happened. Phishing even seems to be under unsubscribe links in newsletters.
Once the hack was averted, Elvira quickly noticed the effect a hack has on your private life. 'At first you think: an e-mail was sent in my name and that's all. Then you find out that you also use the password that was hacked on other channels. For example, an attempt was also made to log into my Netflix account and there are payment details behind it. That's what they're after, of course. Fortunately I used variations of the same password, but that same day I changed my data everywhere.
The phishing email has made Elvira a lot more vigilant, because she wants to minimize the risk of this happening to her again. "I throw away a lot of suspicious e-mails, am alert to warning e-mails with the subject line 'An attempt was made to log into your system,' and unsubscribe links for newsletters I no longer click.
BOVAG also briefly saw again how easily a hack is placed. 'We are more aware of the dangers and educate our colleagues more actively again. After all, this story clearly shows how it can happen. Among other things, we give tips and tricks on how to handle your passwords and where you should or should not click. Moreover, we do that towards members.'
With this awareness comes transparency about cybercrime of all shapes and sizes. It is the reason BOVAG does want to share this story. 'We are an open and transparent organization. I may have had a slight moment of shame, but realize that I - like many others - am a victim. This can happen to anyone, so don't let talking about cybercrime become a taboo. The more people know how easily you can be hacked, the better," Elvira said.
