%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R >> /XObject << /I1 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20240518230218+00'00') /ModDate (D:20240518230218+00'00') /Title (IT-artikels) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Length 3856 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 172.289 521.469 574.445 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 172.664 520.719 573.695 re S 0.773 0.773 0.773 rg 61.016 617.359 m 550.984 617.359 l 550.984 618.109 l 61.016 618.109 l f 1.000 1.000 1.000 rg BT 278.868 698.693 Td /F1 10.5 Tf [(POST LIST)] TJ ET 0.200 0.200 0.200 rg BT 212.789 670.111 Td /F1 14.4 Tf [(INFORMASIETEGNOLOGIE)] TJ ET BT 221.824 643.466 Td /F1 11.7 Tf [(INFORMATION TECHNOLOGY)] TJ ET BT 61.016 583.841 Td /F1 14.4 Tf [(NO, SARS DOESNT REALLY WANT TO GIVE YOU A REFUND AND )] TJ ET BT 61.016 566.258 Td /F1 14.4 Tf [(OTHER PHISHING TALES)] TJ ET 0.400 0.400 0.400 rg BT 61.016 546.451 Td /F3 9.0 Tf [(Every year we send out literally dozens of warninge-mails, and continue to do so, )] TJ ET BT 61.016 535.462 Td /F3 9.0 Tf [(because despite the frequent warnings, people still get caught falling for these )] TJ ET BT 61.016 524.473 Td /F3 9.0 Tf [(tricks.)] TJ ET BT 61.016 504.484 Td /F3 9.0 Tf [(Take noteof the following scam from fraudsters claiming to be from SARS.)] TJ ET BT 61.016 493.495 Td /F3 9.0 Tf [()] TJ ET BT 61.016 482.506 Td /F3 9.0 Tf [(Emails are going out touniversity \(and private addresses\)seeminglycoming from )] TJ ET BT 61.016 471.517 Td /F3 9.0 Tf [(SARS informing them that they have a refund waiting for them. \(Wow! a tax )] TJ ET BT 61.016 460.528 Td /F3 9.0 Tf [(refund\) Clicking on the hyperlink in the email takes you to a fake e-filing site that )] TJ ET BT 61.016 449.539 Td /F3 9.0 Tf [(has hyperlinks for the four big South African banks and instructions to log on to your )] TJ ET BT 61.016 438.550 Td /F3 9.0 Tf [(Internet banking site for confirmation of your details. When you follow the Nedbank )] TJ ET BT 61.016 427.561 Td /F3 9.0 Tf [(link \(as an example\), you are taken to a copy of the Nedbank internet banking site )] TJ ET BT 61.016 416.572 Td /F3 9.0 Tf [(that asks for profile, pin and password. Supplying these takes you to a second page )] TJ ET BT 61.016 405.583 Td /F3 9.0 Tf [(that asks you for your mobile number. Submitting information on this page takes you )] TJ ET BT 61.016 394.594 Td /F3 9.0 Tf [(to a page that requests the reference number sent to your cellphone.)] TJ ET BT 61.016 383.605 Td /F3 9.0 Tf [()] TJ ET BT 61.016 372.616 Td /F3 9.0 Tf [(Do not authorise anycellphone message that comes through if you end up in the )] TJ ET BT 61.016 361.627 Td /F3 9.0 Tf [(above situation. Furthermore, do not click on any hyperlinks in emails or divulge )] TJ ET BT 61.016 350.638 Td /F3 9.0 Tf [(your account or mobile number details to anyone over the phone or via email.Banks )] TJ ET BT 61.016 339.649 Td /F3 9.0 Tf [(will never ask you to access internet banking through a link in an email, neither will )] TJ ET BT 61.016 328.660 Td /F3 9.0 Tf [(banks ever ask for your mobile number when you access internet banking.)] TJ ET BT 61.016 308.671 Td /F3 9.0 Tf [(Another particulary sneaky phishing attack surfaced today.)] TJ ET BT 61.016 288.682 Td /F3 9.0 Tf [(It comes from Linda Perez and has a subject line of Administrator \(Sorry for the inconvenience\))] TJ ET BT 61.016 268.693 Td /F3 9.0 Tf [(It asks you to contact the sender with your username and password so they can expand your mailbox manually)] TJ ET BT 61.016 248.704 Td /F3 9.0 Tf [(Of course this is a phishing attack, and you should never respond to such mails.)] TJ ET BT 61.016 228.715 Td /F3 9.0 Tf [(Do not respond, flag the sender as Junk Mail and delete the message.)] TJ ET BT 437.953 208.726 Td /F3 9.0 Tf [(ARTICLE BY DAVID WILES)] TJ ET BT 61.016 190.237 Td /F3 9.0 Tf [(Posted in:E-mail,General,Security | Tagged:Phishing,Spam | With 0 comments)] TJ ET q 149.250 0 0 225.000 401.734 330.242 cm /I1 Do Q endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /XObject /Subtype /Image /Width 199 /Height 300 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 3351>> stream JFIF;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80 C   %# , #&')*)-0-(0%()(C   (((((((((((((((((((((((((((((((((((((((((((((((((((," }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?)(h((((JZ((((((J(h(JZ(((((JZ((J(h((((((((bIbIY]C) EQEQEQEQEQEQERR@Q@Q@Q@Q@Ck`+sƧ9z8ǧ~(s;;: ǘzp;߆k_l//r${aZQV ((()h 1EQEQEQEQERR@Q@_ĻtM=o,Ck1w?"9bOξ@>":fd%66CRƏhQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@UHg@3^S)ޣg&Wwx;S'c"d?'x4{QQ@Q@Q@Q@Q@Q@%-QEQEQEQE0n_?g8oPciSn?|\3b5 eU.ݧALhJ(QEQEQERR@ E-RR@ E-QEQ@ KER@%]-_7|;BHo-^#_ξݡ_o_6|6ٸ,LhBQKE%-PQKERQ@ F(J\QIM)2P \?PQ@()k:-V=(dzWΑ|?&f@h$!$:je.(b)(qF( ( ( ( ( tK5[Eo+D%qAB?Zͼ=pަim]aЏI4QE0 ( ( ()S▊vfXށWZ]?_/xh1 AS->*QEQEQE%PQKE%PWizȃ %i|$ʾ'kCzUמ$K8.a9hE>fQ@ E-R@_M|?t<5׭}AhIA*4nH@ nabDCG|ӜIrp WW>|7 ^0M~So4o" mcqtHAES((vX~b`i~*h)"X _Lƾg <ufcL-NФg*d4}7EfAEf ( (QIE-PIEdxgQbp<^2#$"{׈- jZX]@|H>3#v?rܤ}mE27YcY#`2AN J(hJ([3G̕FO{cZ< ;97~U^[o]&GR*~ x y\VϦ8݌褢BIE-RPIE-Q@hPEP_/nмO5ʗ[K=xnJo. Bj+x꺅A}?++ԏX_|KkVہ@cھy?M$1Z( )S(4z%QT ,l(f8W3C<eI YHSA>|NҢ{})ķ' Tiޥs,lԒ{64?prG$zEV9';t$XHP*X^ ѢkKy>s5B@4QE13EP(Z((Z((9/xMu-ˆo~G=3_4.ɻkU?%C+|OҾæMsF̉$l0U .=P>I!Լy{d+㶫TҬdlr?J{g b1%W5/o7{\+gge@#WZLj5^;)<&v-{ J^kNp~?v|9m7IU+.l5b/4|Oyi$R_EN |'}7?gbd>=E4 E-%PQKE%PQK( )( )(PE%.(((JZ((J(h(((((((((((((((((((8((((((b((Q@((1EPEPEPF( 1EQEb( endstream endobj xref 0 12 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000321 00000 n 0000000358 00000 n 0000000493 00000 n 0000000556 00000 n 0000004464 00000 n 0000004576 00000 n 0000004683 00000 n 0000004799 00000 n trailer << /Size 12 /Root 1 0 R /Info 5 0 R >> startxref 8318 %%EOF No, SARS doesn’t really want to give you a refund and other phishing tales « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

«
»

No, SARS doesn’t really want to give you a refund and other phishing tales

Every year we send out literally dozens of warning e-mails, and continue to do so, because despite the frequent warnings, people  still get caught falling for these tricks. 

Take note of the following scam from fraudsters claiming to be from SARS.
 
Emails are going out to university (and private addresses) seemingly coming from “SARS” informing them that they have a refund waiting for them.  (Wow! a tax refund) Clicking on the hyperlink in the email takes you to a fake “e-filing” site that has hyperlinks for the four big South African banks and instructions to log on to your Internet banking site for “confirmation of your details”.  When you follow the Nedbank link (as an example), you are taken to a copy of the Nedbank internet banking site that asks for profile, pin and password.  Supplying these takes you to a second page that asks you for your mobile number.  Submitting information on this page takes you to a page that requests the reference number sent to your cellphone.
 
Do not authorise any cellphone message that comes through if you end up in the above situation.  Furthermore, do not click on any hyperlinks in emails or divulge your account or mobile number details to anyone over the phone or via email.  Banks will never ask you to access internet banking through a link in an email, neither will banks ever ask for your mobile number when you access internet banking.

Another particulary sneaky phishing attack surfaced today. 

It comes from “Linda Perez” and has a subject line of “Administrator (Sorry for the inconvenience)” 

It asks you to contact the “sender” with your username and password so they can “expand your mailbox manually” 

Of course this is a phishing attack, and you should never respond to such mails. 

Do not respond, flag the sender as Junk Mail and delete the message.

ARTICLE BY DAVID WILES

Email

Tags: ,

This entry was posted on Wednesday, February 6th, 2013 at 2:08 pm and is filed under E-mail, General, Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.

 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.