Security

Security

Secure login at Kinamo

Category: Security

How do you recognize phishing and protect your data?

At Kinamo, the security of your data is our top priority. Unfortunately, we’ve recently seen phishing emails sent by cybercriminals pretending to be Kinamo. These fraudulent messages may look legitimate, but they do not come from us.

In this article, you’ll learn:

  • How to log in to MyKinamo customerzone securely
  • How to recognize phishing attempts
  • What to do if you suspect you’ve been targeted

Below is an example of an email that might appear to come from Kinamo:

2025 phishing email

You may indeed see 'From: Kinamo NV', but if you look closer, you'll notice an email address that clearly isn't linked to our domain, kinamo.be.

Login to MyKinamo

The MyKinamo customer portal is the access to manage your services, to log in to it you will be redirected to https://auth.kinamo.be

Always check the URL (web address) in the address bar before logging in.

As you can see in the examples of fake URLs below, some cybercriminals are more inventive than others in their attempts to trick you.

2025 phishing fake URLS

It’s entirely possible that the login page shown on such a fake URL looks identical to ours. That’s why it’s important to double-check before logging in that you’re actually on our domain, kinamo.be.

If you see a different URL, it’s a fake page. Do not proceed and contact us immediately.

What does a phishing email look like?

Phishing emails try to trick you into clicking on a fake link or entering your information. They often contain:

  • An urgent call for payment or your service will "expire"
  • A request to confirm your account or email address immediately
  • A link to a fraudulent login page

Such emails are not from Kinamo. Always check the sender (the email address), if this is not an @kinamo.be domain then something is wrong.

What should you watch out for before you click?

Phishing messages are unfortunately becoming increasingly convincing. The days when they could easily be identified by awkward phrasing or obvious spelling mistakes are behind us.
Cybercriminals are becoming more and more sophisticated in their approach.

Below is a checklist to help you feel more confident before clicking:

  • Check the sender's address, not just the name.
    An email from Kinamo always comes from an @kinamo.be address.
    Does the email address look different?
    Then it's probably not a legitimate email from us.
    If in doubt, contact our support department.
    Hover over links without clicking.
    Hovering over a link will show you the full URL.
    If it doesn't clearly point to a kinamo.be domain, don't click.
2025 phishing btn

  • Are you expecting this e-mail?
    For domain names, we will send you two separate emails:

    • A reminder about the renewal, about two months in advance.
    • A separate email with the payment invitation.

    Both emails come from different @kinamo.be addresses.

  • Check the support address:
    Is there a support e-mail address in the e-mail? Make sure it really links to support@kinamo.be.

In doubt?

Then don't click!

Just email us at support@kinamo.be to ask if we emailed you, or give us a call. We'll be happy to help.
Please also feel free to notify us if you have received a phishing message in our name by forwarding it to abuse@kinamo.be.

Following our ISO procedures, we will contact both the authorities and the spammer's hosting provider to file a complaint.

Clicked anyway?

What can you do if you entered your information on a phishing website pretending to be Kinamo?

Don’t panic, but take immediate action:

  • Change your password
    Go to auth.kinamo.be and perform a password reset.
    Choose a strong and unique password that you have not used before.

  • Contact our support
    Email us as soon as possible at support@kinamo.be or use the contact form on our website.
    Please include if possible:

    • The URL of the fraudulent page
    • A screenshot of the phishing message or website
    • The time you entered your information

    Our team will be happy to help you secure your account and follow up on any risks.

What is Kinamo doing to prevent phishing?

At Kinamo, we do everything we can to prevent phishing and protect your data. Among other things, we take the following measures:

  • Security of our domains:
    Our domains are equipped with SPF/DKIM/DMARC records. This prevents criminals from sending emails in the name of Kinamo.
  • Monitoring suspicious activity:
    We monitor suspicious login attempts. When in doubt, we proactively contact you.
  • Raising awareness and providing information:
    We regularly inform about online security through articles such as this one on our website.
  • Two-step verification (2FA):
    You can additionally secure your account with two-step verification.
    In doing so, you add an extra layer of security on top of your password, via a text code or an authenticator app such as Google Authenticator or Microsoft Authenticator.
    We understand that this is an extra step in the login process, but the security of your data is of utmost importance to us.
    With 2FA, you make it significantly more difficult for criminals to access your account, even if your password should ever fall into the wrong hands.

How do criminals get your email address?

Phishers use several techniques to collect email addresses:

  • Through public WHOIS data:
    When registering a domain name, contact information such as name, e-mail address and phone number are submitted to the registry (such as DNS Belgium for .be domains).
    WHOIS publication is a standard procedure in domain name management designed to verify ownership and technical responsibility.
    However, since the introduction of the GDPR and the NIS2 directive, this data is not simply publicly visible.

    • For private registrants, DNS Belgium only shows province and country, and a contact form is used instead of an e-mail address.
    • For business registrants, more data may be publicly visible.

    Do you have questions about what is visible or want to have additional data shielded? Get in thouch, we're be happy to help.

  • Scraping tools:
    There are automated tools that scour the Internet for email addresses on websites, forums and social media.
  • Data breaches at other services:
    Sometimes, information such as email addresses and passwords originates from data breaches on external platforms.
  • Reusing users and passwords:
    Don't use the same email address and password everywhere.
    We understand that it is difficult to use strong passwords and that online security is not easy.
    Use a 'secure vault' or password manager like Bitwarden, which allows you to combine strong security with a high level of ease of use. More info on this can be found here.

Related articles

What are the main guarantees of SSL certificates?

SSL certificates are no longer an optional extra but have become an essential part of securing websites in the modern...

Read more

Why do you receive your password via a Bitwarden link?

At Kinamo, we take the security of your data very seriously. One of the ways we protect your data is...

Read more

Need extra help?

Were not all your questions answered?
Don't worry, we will be happy to help you via a support request!

Kinamo

Select your language