Many members of the public were concerned that the e-mail might have been fake, taking into account the rather basic layout style and the fact it was talking about providing password information – online security experts routinely urge skepticism when it comes to unsolicited emails asking for personal details to be provided and passwords to be reset after following a provided link.
Yet the VRAA has confirmed that the emails were indeed sent out and that this was not a scam, Latvian Television reported on March 26.
Arno Jundze, President of the Latvian Writers' Union, was one of the recipients of the email. He said he received an email from VRAA instructing him to verify his email on the “Latvija.lv” portal.
“Well, of course, as a law-abiding guy, I clicked first, and then I started thinking what I'd done. Nothing happens! Some kind of window opens, says I've got code in my email, no code. I wait for 10 minutes, 15 minutes. I press again. Wait... Nothing happens.. Then I started thinking what I had done,” he said on Facebook.
Jundze was a scam victim a couple of years back, so he has a question about whether this was a scam email again. Posting the message on Facebook, he learned that other acquaintances had also received a “Latvija.lv” email.
VRAA, the operator of the portal Latvija.lv, confirmed that the emails had been sent out.
“These are to verify emails attached to a particular resident who has used the “Latvija.lv” portal and we could notify a person about news messages and things like that,” explained Edgar Cīrulis, deputy director of VRAA.
“It's been going on gradually for a long time. For about a year, users should have been able to validate their email, however, a whole host of users hadn't, and this is the next step to be able to complete this verification, thereby improving communication,” explained Cīrulis.
Representative of the Information Technology Security Incident Response Institution “Cert.lv”, cybersecurity expert Gints Mālkalnietis said that the “Latvija.lv” manager should have taken a few simple precautions ahead of time:
“If we are going to send something out to the public to thousands of people, it is necessary, first of all, to warn that there will be such a case. Well, the other [thing is], it's also a little nasty that some of this infrastructure stopped and the people who tried to verify these emails failed.”
System issues have been fixed, the “Latvija.lv” host confirmed. But the “Cert.lv” spokesperson said that if residents receive an email that seems suspicious, always the best option is to make sure by asking the institution itself about it.
A few months ago this 7-minute-long video was published explaining what 'e-addresses' are supposed to be: "Something similar to email but not quite the same" and based on a user's unique personal code. In a nutshell, an e-address is supposed to allow official communications to be exchanged between individuals and the state administrative apparatus only.