Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

Security

Phishing alert: Zoom invite

Thursday, November 5th, 2020

Please be on the lookout for a new tactic that phishing scammers are employing to get your personal details, passwords and to gain access to your university account.

These scammers are using “Zoom” video conference invitations to fool their intended victims and steal passwords and other personal details.

 

Above is one such example. Take note of the highlighted the warning signs that reveal the scam. This particular scam is “custom” programmed for specific university e-mail addresses and might target your address, as the e-mail addresses are embedded into the phishing web page and the e-mail itself.

If you do get such an e-mail please report it to IT Cyber Security as soon as possible on the ICT Partner Portal.

If you have accidentally responded to the phisher and already provided them with your personal details, it is vitally important that you immediately change your password. Make sure the new password is completely different, and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts.

After changing your password, also log a request on the ICT Partner Portal in order for your devices to be checked for malicious software. 

[ARTICLE BY DAVID WILES]

Safelinks protecting you against phishing

Thursday, October 8th, 2020

 In January 2020 Information Technology activated a preventative security tool called Safe Links to protect all staff and students from email phishing attempts.

You might have noticed that some of the links in your emails suddenly started displaying a very long link which starts with https://eur03.safelinks.protection.outlook.com/ followed by the rest of the web link. This is an extra obstacle built in to our Microsoft security features which checks if a site has been listed as dangerous and prevents you from clicking on it. If you do click on it, you will see the following warning:

Definition of Safe Links

“Safe Links is a feature in Office 365 Advanced Threat Protection that provides URL scanning and rewriting of inbound email messages in mail flow, and time-of-click verification of URLs and links in email messages and other locations. Safe Links scanning occurs in addition to the regular anti-spam and anti-malware protection in inbound email messages in Exchange Online Protection (EOP). Safe Links scanning can help protect your organisation from malicious links that are used in phishing and other attacks.”  

With this added feature we eliminated some of the risk facing staff and students when it comes to phishing and other security attacks from hackers. However, this does not mean you shouldn’t still be vigilant when you open an email.

Familiarise yourself with the basic tell-tale signs of a phishing email. Think before you click on a link or open an attachment. Information Technology can only protect you up to a point, the rest is your responsibility – this is especially true in these times when you work from home.

 

 

Reminder to enrol for MFA

Tuesday, September 8th, 2020

Last month we told you about the planned implementation of MFA (Multi-factor Authentication). Thank you to the 28 671 staff and students who have already enrolled to use MFA..

If you are still unsure what MFA entails, here is some information

Although we have not activated MFA yet, soon all staff and students will be required to use multi factor authentication when using any of the Microsoft 365 applications (Outlook, Sharepoint Online, OneDrive for Business, etc.) to protect their information university’s network. If you haven’t enrolled yet, we strongly advise you do so as soon possible by following these steps.

If you have any questions first consult our FAQs and if this does not answer your question, please log your request on our ICT Partner Portal and a technician will contact you. If you have any questions you would like to add to our FAQs, you’re welcome to send an email to help@sun.ac.za and we’ll add them to the list.

Multi-factor authentication (MFA) FAQs

Thursday, August 6th, 2020

Information Technology recently enabled MFA for our staff and students. From mid-August all staff and students will be required to use multi factor authentication to secure their information and the university’s network. 

FREQUENTLY ASKED QUESTIONS 

What is MFA?  

Multi-Factor Authentication adds a second layer of security to your account to ensure that your account stays safe, even if someone else knows your password. This will mean that, for certain services, you will be prompted to provide more information in order to authenticate your identity as a Stellenbosch University student or staff member. More about MFA here. 

Why is it so important that I enrol for MFA?  

By enrolling for MFA, you ensure that your account is more secure. 

How do I enrol for MFA? 

By following the steps set out in the .pdf document. 

What must I do if the document does not open? 

If the document does not open, it could be due to a slow internet connection or you do not have a PDF reader (e.g. Adobe Acrobat) installed. Please also clear your browser history or try to open the link in a different browser.  

How can a PDF reader be installed? 

Please raise a request on the ICT Partner Portal that is available at https://servicedesk.sun.ac.za  

What can I do if I have problems to enrol for MFA? 

If you are struggling to enrol for MFA, please log a request on the ICT Partner Portal and a technician will contact you.  

When do I have to enrol for MFA? 

Please enrol for MFA as soon as possible. You have a choice to enrol for 14 days after the email was sent to you from IT communication. After the 14 days have passed you will not have a choice and you will have to enrol for MFA. 

How will I know that I have successfully enrolled for MFA? 

A confirmation message will be displayed on the last screen of the enrolment process. 
You are now enrolled for Multi Factor Authentication via SMS.

What must I do if I don’t see the  screens as indicated on the enrolment document? 

Raise a request on the ICT Partner Portal at https://servicedesk.sun.ac.za  

Will I be charged for the MFA authentication SMS’s? 

No, the SMS’s are at the cost of the University. 

Can I enrol for MFA if I stay in an area without cell phone signal? 

No, you need a cellphone with reception to enrol for MFA.

Which IT services will be activated for MFA? 

Communication will be sent by IT communications to inform staff and students about the services that will be activated for MFA. 

What will happen if a service is activated for MFA? 

Before you can access the service you will be requested to enter the one-time pin number that will be sent to the cell phone number that you have indicated during the enrolment process. 

Enrol for MFA

Monday, July 27th, 2020

We are well aware of the growing risks of working online – whether it’s at our offices or at home as we’ve been doing recently. The downside of working from home is that it opens opportunities for cyber-attacks and security risks are higher.  You can easily fall prey to these security risks when there are more distractions and concerns than usual while working from home.

To protect our staff and students from security attacks in our current situation, as well as when we return to our offices one day, it is important to implement extra security measures. Information Technology has been researching and testing multi factor authentication or MFA over the past few months as an additional measure to protect personal information and data. Read more about MFA here or watch the explanatory video by tech expert Tom Scott.

In short, this will mean that, for certain services, you will be prompted to provide more information in order to authenticate your identity as a Stellenbosch University student or staff member. 

By mid-August all staff and students will be required to use multi factor authentication to secure their information and the university network. Although MFA is not mandatory at the moment, you can already enrol by​ following these steps.

If you have any questions first consult our FAQs and if this does not answer your question, please log your request on our ICT Partner Portal and a technician will contact you.

 

© 2013-2020 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.