[:en]A fast-spreading spam e-mail caused problems on campus last week. Some students and staff clicked on a malicious link in a phishing e-mail and subsequently gave a hacker access to their Outlook cloud e-mail accounts. The criminal proceeded to use their e-mail addresses and mailbox to spam all their contacts. Since it was sent from a @sun address, receivers of the spam didn’t suspect anything. (An example of the e-mail, with dangerous links removed, is shown below)

Unfortunately, due to the mass e-mails sent from these mailboxes, Microsoft automatically blocked the users’ accounts and they were unable to access e-mail. 

Please remember to look for the general characteristics of a phishing e-mail before you click on links in e-mail. Just because it’s sent from a @sun address , it does not mean it’s safe.

If you suddenly don’t have access to your e-mail, contact the IT helpdesk (x4367). If you’ve clicked on a suspicious link, change your password immediately.

 

---

From: Known address <knownaddress1@sun.ac.za>
Sent: 05 October 2016 12:26 PM
To: SU address <knownaddress@sun.ac.za>
Subject: PI Doc copy

 

Please confirm PI doc copy below using Google documents
for your account to be credited.

Continue to Gdocs

Kind regards

[:af]

ʼn Gemorspos het verlede week soos `n veldbrand op kampus versprei. Toegang is tot sommige personeel en studente se Outlook wolkpos verkry, omdat hulle gekliek het op ʼn skakel in ʼn phishing e-pos. Die slagoffers se e-posadresse is gevolglik gebruik om gemorspos aan hul kontakte te stuur. Aangesien die e-pos vanaf ʼn @sun adres gestuur is, het ontvangers geen onraad vermoed nie. (Sien onder ʼn voorbeeld van die betrokke e-pos, met die vals skakels verwyder)

Weens die massa gemorspos wat vanaf die e-posrekeninge gestuur is, het Microsoft outomaties hierdie gebruikers se rekeninge gesluit en kon hulle nie e-pos gebruik nie.

Onthou om altyd bedag te wees en uit te kyk vir die kenmerke van phishing. Net omdat ʼn e-pos vanaf ʼn universiteitsadres gestuur word, beteken nie noodwendig dat dit veilig is nie. 

Indien jy skielik nie toegang tot jou e-pos het nie, kontak die IT Dienstoonbank. (x4367). Indien jy op ʼn potensieël gevaarlike skakel gekliek het, verander dadelik jou wagwoord. 

---

From: Known address <knownaddress1@sun.ac.za>
Sent: 05 October 2016 12:26 PM
To: SU address <knownaddress@sun.ac.za>
Subject: PI Doc copy

Please confirm PI doc copy below using Google documents
for your account to be credited.

Continue to Gdocs

Kind regards

Tags: Outlook365, phishing, spam

This entry was posted on Thursday, October 6th, 2016 at 10:55 am and is filed under E-mail, Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.