Phishing: what is it and what can you do about it?

Published on 27 februari 2023

What is phishing?

Phishing is an online scam in which criminals pretend to be a reliable organization and try to steal information from you. This is done through fake emails, WhatsApp messages or text messages with a link or attachment that leads to a fake website where they ask for private information. These messages appear to come from a reliable source, but contain a dangerous link. The fraudsters use the information obtained to steal money or important data from you, such as passwords, BSN numbers or passport copies. Phishing comes in many different forms, including targeted attacks known as spear phishing. This makes it more difficult to recognize a phishing message.

How do you feel about phishing?

To recognize phishing, it is important to know that fraudsters now work more professionally than before. They use domain names that resemble those of official bodies and produce messages with logos and features of well-known organizations. The format and content of the messages are often plausible. Fraudsters can refer to unpaid payments, prizes won, improvements in the security of organizations or fraud with your data. The message often contains a warning to take action quickly, otherwise something bad could happen.

To recognize phishing, it is important to pay attention to a number of characteristics:

  • Phishing messages often arrive unexpectedly
  • The emails are often placed in the spam/advertising folder
  • There may be something wrong with the email address, such as a derivative of the official body
  • The messages are often impersonal with titles such as 'dear customer'
  • There may be language errors in the message, although this is less common these days
  • There is often an aspect of urgency, such as 'respond today...'

What is Spear Phishing?

Spear phishing is a specific form of phishing in which the attack is aimed at a specific person or company. It is more difficult to recognize than regular phishing because the messages are specifically targeted at the recipient and their specific situation. This can lead to major consequences for the organization, such as stolen data or malware that holds computers and systems 'hostage'. There are some characteristics by which you can recognize a false message, such as unexpected deviant behavior. You can check this by inspecting the sender's email address or contacting the sender by phone.

How can you prevent it?

There are a number of ways you can prevent phishing, such as:

  • Be extra alert to emails from banks, government agencies or other official bodies. These types of agencies will never ask for personal information or payments via email, message or telephone.
  • Be wary of emails or messages with links, QR codes, or attachments that require payments.
  • If you notice anything suspicious in an email or message, do not open it and throw it away. If you have opened the message and are unsure whether the link is safe, check the link via
  • Download a browser extension that automatically blocks websites known for phishing.
  • Check whether the website requesting personal information is encrypted with the https protocol. This can be recognized by the lock icon in the navigation bar and the URL starting with https:// instead of http://.
  • If you have any doubts about whether a message is genuine, please contact the alleged sender. Do not reply to the email or text message immediately, this gives fraudsters the opportunity to convince you of their authenticity.

What to do?

If you think you have received a phishing email, it is important to take immediate action. Here are some steps you can take to ensure you don't fall into the phishing trap:

  • Do not click on links or attachments in suspicious emails. This is often how fraudsters steal your data.
  • Do not open attachments in emails from unknown senders.
  • Do not enter personal information on suspicious websites.
  • Report phishing emails to the organization the fraudster claims they are from. They will probably also want to warn other people.
  • Also report phishing emails to the police.
  • If you have fallen into the trap, it is important to take immediate action. This may mean changing your passwords, canceling your credit card information, or contacting your bank.

It is important to be alert when it comes to phishing emails as they are often not easy to spot. By following these steps, you can help prevent phishing and protect yourself against fraud.