Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

E-mails with a hidden agenda

Two e-mails trying to scam staff out of their information, and potentially money, materialised in our mailboxes last week.

The first is a familiar one attempting to get you to reactivate to increase your webmail quota.

The source of the scam is Russia, and  it uses a man-in-the-middle method to send out the mail. This method takes the e-mail credentials from a staff member who has inadvertently given their e-mail details to the scammers. It typically occurs when you respond to a “you have won/inherited X-amount of money in a lucky draw/online survey/death of a unknown relative/government official” e-mail or click on an advert on a compromised website.

The scammers use your e-mail address and, if it is also infected with malware or a virus, your PC, to send an e-mail to all accounts within the same organisation.

The use of a university e-mail as the alleged sender often lulls us into thinking it is legitimate and we respond. We forget that “senders” and most mail details in an e-mail can be forged by these scammers.

The mail below is an example of one such scam. It might be useful to remember that personnel currently have 1Gb of mailbox storage, and students have 50Gb through Office365. The dangerous links have been removed.

The second e-mail targets Pick & Pay clients with an e-mail on Smart Shopper credits. (see example below with active links removed)

Take note of the following:

1. The e-mail is never addressed to you personally – it’s just a generic heading.
2. It asks the receiver to divulge personal information, e.g, Smartshopper number and ID number.
3. The wording is somewhat threatening –  “make sure” and “must”.

With the information sourced by the e-mail, Smartshopper cards can be duplicated. Since your ID number is also joined with your Smartshopper card, not only your credits are at risk, but also the possibility of identity theft.

Never respond to this sort of mail. Information Technology will never send such a mail about your mailbox size and Pick & Pay also won’t communicate with its clients in this way. If in doubt phone the IT Service Desk.

 


From: University, Personnel, Address <faultyaddress@sun.ac.za>

Sent: Wednesday, 14 October 2015 08:24
Subject: 500MB

Dear E-mail User,

Your webmail quota has exceeded the set quota which is 500MB. you are currently running on 1.3GB. To re-activate and increase your webmail quota please verify and update your webmail Account In order to  re-activate and increase your webmail quota click linkhttp://phishing.site.in.russia/   LOGON WITH YOUR LOGIN DETAILS TO COMPLETE UPGRADE.

Failure to do so may result in the cancellation of your webmail account. You may not be able to send or receive new mail until you re-validate your mailbox.

Thanks, and sorry for the inconvenience.

Admin/ Webmaster/ Local host


 

From: Pick N Pay [mailto:faultyaddress@pnp.co.za]

Sent: Tuesday, 20 October 2015 05:42
Subject: Your R700 Pick N Pay (PNP) Shopping Voucher ready for claim

Attention PNP Smart Card Owner,

You have qualified to receive a shopping voucher of R700 to shop for groceries at any “PNP” outlet near you. Make sure you have your SMART SHOPPER CARD with you before you can proceed.

CLICK HERE TO PROCEED

Regards,

PNP

 [INFORMATION SUPPLIED BY DAVID WILES]

Tags: ,

Comments are closed.

 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.