Dualoo accepts no liability for the completeness and accuracy of this article or for any incidents. It is the responsibility of our customers to protect themselves against these dangers. However, Dualoo will support you in the best possible way.
We do our utmost to ensure maximum security against viruses, spam, etc., in the various areas related to Dualoo. For example, we only allow applicants to upload PDF files. We scan files for viruses and Dualoo admins can enable additional security for converting email attachments. You can find more information about this here.
This article is about general information on spam, phishing or extortion e-mails.
Overview of important rules
By following a few simple rules of conduct, you can do a lot to protect yourself from dangerous content. We have therefore listed these rules briefly and concisely here:
Raising awareness of potential dangers
Often, potentially dangerous emails are already recognisable from the subject line. These contain terms like "last warning", "it's about your safety" or similar. Often the language is not right or it already has spelling mistakes in the subject.
Do not open attachments from unknown senders
Of course, this is not always possible, as you have to check the application documents of candidates. Therefore, it is even more important to only open PDF files and, if you are unsure, to forward the e-mail unopened to the IT department (preferably with prior information by telephone). PDFs are displayed in the Dualoo directly in the browser. Other file types cannot be displayed directly - be particularly careful with such attachments.
Do not click on links
Do not open any hyperlinks in e-mails where you do not know the destination or which seem suspicious to you.
Do not reply & forward
Do not reply to e-mails that seem strange to you. If you reply to spam, you let the attacker know that the address is valid and is being actively used. This usually leads to more spam and more targeted attacks.
Known cases of Dualoo emails
In the past, there have been a few individual cases in which the email accounts of candidates were hacked and a blackmail email was automatically sent to all email addresses in the mailbox. This includes e-mail senders that were sent via Dualoo (e.g. the automatic confirmation of receipt that is sent after receipt of an online application).
These e-mails were all harmless as they did not contain any viruses, links or attachments.
E-mail received - What now?
Have you received an email that seems potentially dangerous, but it has no attachments and you have not clicked on any links or replied?
Contact the candidate by phone and let them know that your email inbox has been hacked.
Then you can delete this email in the candidate dossier in Dualoo simply by clicking on the 3 points.
If you have any questions or are unsure, please contact our support team.