‘Before you know it, you give cybercriminals access to your digital life’

The Dutch government has launched a new anti-phishing campaign, following a year in which the number of malicious sites faking well-known Dutch brands increased by over 40%.

The ‘Eerst checken, dan klikken’ (‘Check first, then click’) message is being pushed online, via television ads, and social media, and is supported by local businesses and industry groups.

The campaign, as its name implies, encourages consumers to check whether a link, attachment, or payment request in an email, SMS, or app message is valid before clicking on it.

“We have to get rid of the taboo on being a victim of phishing. It can happen to anyone, it is nothing to be ashamed of,” says Minister of Justice and Security Ferdinand Grapperhaus.

“So be careful when you click on a link, attachment or payment request. Before you know it, you give cybercriminals access to your digital life, because cybercriminals are becoming increasingly capable in counterfeiting emails, text messages and apps.”

According to a recent report from Europol, the Netherlands has a particularly high rate of phishing emails. And, a Europol spokesperson tells The Daily Swig, “we do expect such attacks to increase across Europe, as we do not see this trend slowing down”.

Security researcher and editor of Virus Bulletin Martijn Grooten points out that the Netherlands is one of the most connected countries in the world, making the new campaign all the more important.

“It comes with some concrete things to check, some of which make sense, while others seem a bit outdated – emails with a .exe attachment are all but non-existent these days,” he says.

“I don’t expect users will be able to catch every phishing email this way, but putting the bar a little bit higher is a good idea.”

In its latest Cyber Security Assessment, indeed, the Netherlands’ National Cyber Security Centre (NCSC) highlights a lack of basic security strategies in the country. “Incidents could have been prevented and damage mitigated with basic measures,” it says.

With the number of phishing sites exploiting Dutch brands rocketing, it says, organisations should configure their networks with care and implement security updates in a timely fashion.

RELATED Dutch NCSC updates TLS guidance for orgs