Beware of phishing: Precautions with DIMDI

What is phishing?

Phishing is the term used to describe methods used by fraudsters to obtain private access data, e.g. passwords or credit card information. In doing so, they abuse electronic communication media, including emails, in order to impersonate a trustworthy person, company or institution.

Most phishing methods simulate the relaying of technical information through a link in an email. The fake website that is reached by clicking on the link looks deceptively similar to that of the real institution. The online customer is then supposed to enter their access data (user code, password, credit card number etc.).

This is how you can protect yourself:

• Use firewall and virus protection software and make sure you update these regularly. Make sure that you carry out all software updates for your operating system and other programs that you use, or make use of the automatic update service.
• Still, this is not enough to protect you against "modern“ phishing attacks. General caution and "healthy” wariness is therefore crucial when using online services!
• Use complex and varied passwords in accordance with our strict conventions for the authentication process.
• Normally DIMDI doesn't send any emails containing links to websites that require you to enter confidential data! 
  Exceptions:
  
  • emails e.g. concerning retrieval of fulltexts out of your standing orders
  • notifications of the Medical Devices Information System
• Make sure you double-check the return address of emails that resemble those of DIMDI. Fraudsters often create email accounts, whose addresses suggest that the email is from a trustworthy institution. Fraudsters want to mislead you in this way into to divulging confidental information.
• Double-check the browser addresses of websites: In order to get you to reveal your access data, fraudsters often include a link in phishing-mails that take you to a fake website that looks almost or exactly like the real DIMDI website. However, the DIMDI logo on a website or a deceptively similar page layout is not sufficient: Logos and websites can be easily reproduced.
  The most effective method to prevent being misled onto a fake website is to enter the correct address of our DIMDI website in the browser line.
• If you receive an email with a suspicious-looking link to the DIMDI page, do not enter any information, but rather close your browser window. As soon as you have opened a new browser window, enter the address of the DIMDI website in your browser's address field – www.dimdi.de – and use the navigation on our website to reach the desired DIMDI home page.
• If you should have any doubt about the legitimacy of a request, please address yourself immediately to your contact person at DIMDI.
• As soon as you notice that your DIMDI access data has fallen into the hands of fraudsters by means of a phishing attack, please also inform your contact person at DIMDI immediately.