Over the past few weeks we’ve recorded an unsettling increase in phishing incidents at IT. This isn’t a new occurrence. Earlier this year a similar incident occurred at Tygerberg campus.
However, the risk of phishing is increasing rapidly due to our increased usage of social media with sites such as Facebook, Twitter, Instagram, etc. These large websites are targeted as they provide an ample amount of user data to be harvested.
To access all these sites you also need a username and password and unfortunately most people have the tendency to consistently use the same password. By doing this, you make it easier for a cyber-criminal to, not only access your social networks, but other information as well. When you also use your sun e-mail address, you expose Stellenbosch University.
If a cyber-criminal gains access to your sun inbox, he not only has access to your own and SU information, but he can also send mass e-mails to anyone from your name. As a result SU e-mail servers are flooded by huge amounts of e-mails and this affects all users on campus negatively.
Secondly, it can also cause damage to your reputation since you’re the sender, even if you’re not responsible. Your address might even be blocked on our servers due to your unknowing behaviour.
In a recent incident IT only became aware of a staff member who fell victim to phishing after the office of the Deputy President, Cyril Ramaphosa, laid a complaint.
Never use your SU username or password to access any external website. Rather register your own, unique address at Google (www.gmail.com), Yahoo or any other free e-mail service. By doing this, you’ll ensure that your private and work information stays separate and the risk of exposing SU systems and sensitive information will be decreased.
Additional information regarding phishing can also be found on our wiki.
