How can I recognize them and what can I do?
From time to time we receive emails that were sent with the intention to harm us – for example financially or by getting access to our infrastructure. To defend against this, we need the help of each and every one of you! In short, this means:
Please be wary when you receive emails that you did not expect, from people you do not know, or demanding actions from you.
Whenever an email looks suspicious to you, reach out to [email protected].
In the following you can find more details and examples.
How should I react to emails in general?
If emails contain links, check where they actually link to. Do not trust the displayed text.
Be careful about attachments. It is generally better to use Google Docs to view and open them than office software on your computer.
If you are asked to login, always type the login address in your browser manually, or even better: use a bookmark. For your Volt Account, it is best to always use https://mail.google.com to login.
If an email is already marked as spam by Google, there is a good chance it is malicious. Please be particularly cautious about reacting to those.
What to do about suspicious emails?
If you think an email might be malicious, please write to [email protected]. You can forward the suspicious email, or its raw text (see below). If there are parts you don't feel comfortable sending to us, remove them before forwarding or just tell us about what raised your doubt. In any case, please give your email a meaningful subject.
As we do this in our free time, it might take a bit of time until we reply, in particular in more difficult cases. But we will always do our best to help you.
How can I recognize suspicious emails?
There are several indicators you should look for:
You are asked to do some quick action because otherwise something bad or inconvenient is supposed to happen.
An email about Volt does not come from a Volt domain, or contains links which do not go to a Volt, Google or Workplace/Facebook domain.
You are asked to hand over some (sensitive) data, which a legitimate sender should already have.
You can check if there is something strange in the email headers, for example if the email was sent from another server than it seems. In Gmail, the headers can be found via Show original in the menu of the email.
A safe way to have a look at the destination of links without compromising your computer are services like https://www.screenshotmachine.com/ . However, when pasting a link there, please make sure it does not contain confidential information.
Videos
Here are some YouTube recommendations on the subject:
Introductional: https://www.youtube.com/watch?v=EFngRsWzmQY
More technical: https://www.youtube.com/watch?v=PTE2oqMcfSw
Not only about email: https://www.youtube.com/watch?v=R12_y2BhKbE
Many thanks for reading this document!
If you have any questions, please reach out to the Helpdesk ([email protected]) or the User Security Group ([email protected]).
In order to do something to improve the security of your account in the case of a successful attack, activate Two-Factor Authentication like described here: https://sites.google.com/volteuropa.org/2fa