Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

Tips

Before you leave …

Monday, November 30th, 2020

The December holiday is almost here and especially this year, we’re all looking forward to escaping for a week or two. But before you leave, there are a few things you can do now to ensure that your return is seamless. Here are a few tips: 

  1. Activate your Out of Office function on your sun.ac.za Outlook mailbox and indicate in the message when you will be available again in case someone needs to contact you. Also, indicate who will be responsible during your time away and add their email address to your Out of Office.
  2. Make sure that your relevant work-related data is accessible for usage by your colleagues while you are away. However, do NOT give your password to colleagues when as this poses a security risk.
  3. If your sun password might expire during your holiday, rather change it before you go. If it expires while you are away you will be locked out of your account and it will cause unnecessary stress to deactivate it in January. 
  4. If you receive a phishing email on your sun account over the holiday and clicked on links or typed in your username and password, your account may be compromised. Immediately change your password at www.sun.ac.za/password and log a service request on the ICT Partner Portal. Your device will then be checked and scanned after the holiday. Remember that you can also report spam directly to Microsoft by using the handy Report Message function in Outlook.
  5. Information Technology will also be closing, like the rest of the University, on 24 December and opening again on 4 January. If possible, please log your IT requests as soon as possible before you leave. If you have a critical problem, it might be difficult to assist you a day before you leave or on the last Friday since suppliers also close over the festive season.

Error reporting FAQs

Wednesday, October 7th, 2020

How do I report an IT problem, request or enquiry?

Option 1
Log a service request on our ICT Partner Portal
 with the following information:

1. Description of problem
2. Telephone number
3. Room Number
4. Department and building
5. Asset number of computer, laptop, printer, etc.

Requests will be logged automatically and reference number sent via email.

For video instructions on how to log a request on the ICT Partner Portal, click here. More information on our Service Catalogue.

Option 2
Contact the IT Service Desk – 021 808 4367

We require username and asset number in order to assist OR leave a voicemail message.


How do I follow up on the IT request I have logged?

Whether you have called the IT Service Desk at 0218084367, sent an email to help@sun.ac.za or logged a request via the ICT Partner Portal at https://servicedesk.sun.ac.za you can do the following:

  1. Log in at https://servicedesk.sun.ac.za with your username and password.
  2. Select: Requests, My requests. The status of all the requests that you have raised will be displayed.

How do I follow up if I sent an email to help@sun.ac.za?

If you send an email to help@sun.ac.za it automatically logs a request on the IT Service Portal. You can check on the status of your request as follows:

  1. Log in at https://servicedesk.sun.ac.za with your username and password.
  2.  Select: Requests, My requests. The status of all your requests will be displayed.

How do I follow up on a request I reported by calling the IT Contact Centre?

If you call the IT Contact Centre, the service agent will log a request on your behalf on the IT Service Portal. You can check on the status of your request as follow:

  1. Log in at https://servicedesk.sun.ac.za with your username and password.
  2. Select: Requests, My requests. The status of all your requests will be displayed.

Can you follow up on a request emailing help@sun.ac.za again?

If your request have already been logged and you have a reference number, please do not send another email to help@sun.ac.za. This will log a second, duplicate request which will only clog up the system and cause confusion. The same goes for replying to emails from help@sun.ac.za. Rather click on the request number and add your comment on the system.


How do I add a comment to my request?

  1. Log in at https://servicedesk.sun.ac.za with your username and password.
  2. Select: Requests, My requestsThe status of all the requests that you have raised will be displayed.
  3. Click on the reference number of a request to see its details.
  4. Type your comment in the text box and click on Add. The comment will be added to the request. You can also add screen shots for clarification

What does the different status options mean?

WAITING ON SUPPORT =you are waiting for a response / feedback from IT regarding your request.

WAITING ON CUSTOMER =IT is waiting on a response / feedback from you regarding your request.

IN PROGRESS = your request is being attended to.

ESCALATED =your request is escalated for further investigation.

RESOLVED =your request has been resolved.

CLOSED = your request has been closed.

 

 

How do I report phishing?

Thursday, October 17th, 2019

You’ve received a suspicious email, what should you do with it? Firstly, don’t click on any links. But just as important, send it to us so we can prevent more staff and students falling prey to the scam. We encourage our customers to submit potential phishing examples for review. Using these submissions, the Cyber Security Incident Response Team (CSIRT) can learn from the analysis of these messages. This collectively helps to improve the level of virus and spam detection.

What is phishing?

Phishing attacks are designed to steal a person’s login and password details so that the cyber criminal can assume control of the victim’s social network, email, and online bank accounts. Seventy percent of internet users choose the same password for almost every web service they use. This is why phishing is so effective, as the criminal, by using the same login details, can access multiple private accounts and manipulate them for their own good. 

More on how to recognise a phishing email. 

Report phishing

  1. On the ICT Partner Portal:
  1. By sending an email:​​
  • Start up a new mail addressed to csirt@sun.ac.za.​​
  • Use the Title “SPAM” (without quotes) in the Subject.​​
  • With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure* and a small icon with a light yellow envelope will appear in the attachments section of the – New Mail.​​
  • Send the mail.​​

*Spam or phishing examples must be sent in either.EML or .MSG format as an attachment and must not be forwarded. This ensures the original email can be analysed with its full Internet message headers intact. Alternatively, use the mail application to save the email (usually located under File | Save As) as an .EML or .MSG format to a folder location, and attach the saved file to a new email.

How to avoid phishing scams

Friday, May 24th, 2019

We are often asked by staff and students what they can do to stop phishing scams, and what software they should install to prevent them from becoming victims. In some cases students have asked us to fix their computers and to install software to block phishing scams.

Of course that request is impossible to fulfil. Phishing scams are like the common cold. Just like you cannot prevent the common cold, you can only adopt a lifestyle, and take precautionary measures to reduce your risk of infection. They will always be there and will always adapt and change. As long as there are people who are uninformed or careless who fall for these scams, phishing attacks will continue.

The best way to reduce your risk is to report all suspected phishing scams on ICT Partner Portal. (Full details at the end of this post). Here are some basic rules to help you to identify phishing scams:

  • Use common sense
    Never click on links, download files or open attachments in email or social media, even if it appears to be from a known, trusted source.
  • Watch out for shortened links
    Pay particularly close attention to shortened links. Always place your mouse over a web link in an email (known as “hovering”) to see if you’re being sent to the right website.
  • Does the email look suspicious?
    Read it again. Many phishing emails are obvious and will have implausible and generally suspicious content.
  • Be wary of threats and urgent deadlines
    Threats and urgency, especially coming from what claims to be a legitimate company, are a giveaway sign of phishing. Ignore the scare tactics and rather contact the company via phone.
  • Browse securely with HTTPS
    Always, where possible, use a secure website, indicated by https:// and a security “lock” icon in the browser’s address bar, to browse.
  • Never use public, unsecured Wi-Fi, including Maties Wi-Fi, for banking, shopping or entering personal information online
    Convenience should never be more important than safety.

If you do receive a phishing e-mail, please report it as soon as possible. Once you have reported the spam or phishing mail, you can delete it immediately.

You can report this on IT’s request logging system, the ICT Partner Portal.

  • Go to the ICT Partner Portal.
  • Fill in your information and add the email as an attachment. Your request will automatically be logged on the system and the appropriate measures will be taken by the system administrators to protect the rest of campus.

[ARTICLE BY DAVID WILES]

Protecting yourself from spearphishing attacks

Tuesday, March 12th, 2019

For a large enterprise like Stellenbosch University phishing attacks are the most common cybercrime.

In the late 1990s and early 2000s, we were all inundated with spam emails, selling everything from fake pharmaceuticals to cheap perfumes. With spam, cybercriminals use a blanket approach sending emails to as many people as possible, hoping a few gullible customers will be funding further spam emails.

General “shotgun” phishing is still a problem today, but the past 18 months have seen a rise in a more sinister form of cyberattack,  spearphishing, which is much more targeted to an individual or an enterprise’s email system.

Spearphishing is similar to phishing, it’s also a vector for identity theft where cybercriminals try to get users to hand over personal and sensitive information without their knowledge.

Cybercriminals view phishing attacks as a profitable and an easy way to gain access to an enterprise enabling them to launch more sophisticated attacks, for example, spearphishing attacks. Humans are, after all,  the weakest link and thus the most effective target for criminals looking to infiltrate a network like the university.

Even though spearphishing is more focused than its less-sophisticated relative phishing, everyone can apply the following principles to protect yourself and the university against cybercriminal activity:

Use common sense when it comes to phishing attacks
Be sensible and smart while browsing online and checking your emails. Never click on links, download files or open attachments in email or social media, even if it appears to be from a known, trusted source. You should never click on links in an email to a website unless you are absolutely sure it’s authentic. If you have any doubt, open a new browser window and type the address into the address bar. Always be wary of emails asking for confidential information – especially if it asks for personal details or banking information. The university and your bank will never request sensitive information via email. They do not need it. They have it all already.

Watch out for shortened links
Pay particularly close attention to shortened links, especially on social media. Cybercriminals often use Bit.ly, Tinyurl.com, Goo.gl or Tr.im to trick you into thinking you are clicking a legitimate link when in fact, you are being inadvertently directed to a fake site. Always place your mouse over a web link in an email (known as “hovering”) to see if you’re being sent to the right website.

Does the email look suspicious? Read it again
Many phishing emails are obvious. They will be filled with plenty of spelling mistakes, CAPITALISATION and exclamation marks. They will also have impersonal salutations – e.g. ‘Dear Valued Customer’ or ‘Dear Sir/Madam’ salutations – and will have implausible and generally suspicious content. Cybercriminals will often intentionally make mistakes in their emails bypass spam filters and improve responses. 

Be wary of threats and urgent deadlines
Sometimes the university does need you to do something urgently, however, this is an exception rather the rule. For example, you all have been getting reminders to reactivate your network account by the end of March. Threats and urgency, especially coming from what claims to be a legitimate company, are a giveaway sign of phishing. Some of these threats may include notices of a fine or advising you to take action to stop your account from being closed. Ignore the scare tactics and rather contact the company via phone.

Browse securely with HTTPS
You should always, where possible, use a secure website, indicated by https:// and a security “lock” icon in the browser’s address bar, to browse. This is particularly important when submitting sensitive information online, such as credit card details.

Never use public, unsecured Wi-Fi, including MatiesWiFi, for banking, shopping or entering personal information online. Convenience should never be more important than safety. When in doubt, use your mobile’s 3/4G or LTE connection.

[ARTICLE by David Wiles]

 

© 2013-2021 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.