E-mail « Informasietegnologie

E-mail

[:en]Phishing remains prevalent[:af]Phishing steeds algemeen[:]

Wednesday, January 13th, 2016

[:en]

Attempts to harvest staff’s personal information in order to gain access to bank accounts, remains a thorny issue.

Unfortunately we can’t warn you against every potentially dangerous e-mail, but we can show you what to look for so you don’t fall prey to one of these scams. Look out for these signs:

1. The e-mail is never addressed to you personally – it’s a generic heading. (e.g. Dear client)
2. It asks the receiver to divulge personal information, for example your ID number, password or username.
3. The e-mail asks you to click on a link to “activate” your account. Don’t click on any links in e-mails (unless it’s an official IT e-mail) and also don’t copy and paste it in your web browser.
4. Usually a short time limit is given, for example “within 24 hours”.
5. Make sure the request is official and legal by calling the company and confirming.
6. Do not send sensitive information by e-mail. Legitimate companies won’t ask you to send data by e-mail.

Above all, the best defence is being attentive and cautious. Report suspect email to sysadm@sun.ac.za and also read our articles on security on our blog, as well as the fortnightly newsletter, Bits & Bytes.

[:af]

Pogings om personeel se persoonlike inligting te oes om toegang tot bankrekeninge te kry, bly `n netelige kwessie.

Ongelukkig kan ons nie personeel waarsku teen elke e-pos bedreiging nie, maar ons kan uitwys waarna om te kyk sodat jy nie `n slagoffer word nie. Let spesifiek op die volgende:

1. Die e-pos is nie persoonlik aan jou gerig nie, dis net `n generiese aanhef. (byvoorbeeld “Dear client”)
2. Dit vra persoonlike inligting, byvoorbeeld jou ID-nommer, wagwoord of gebruikersnaam.
3. Dit versoek dat jy op `n skakel kliek om jou rekening te “aktiveer”. Moenie kliek op skakels in e-posse nie (behalwe amptelike IT e-posse) en moet dit nie kopieer en plak in jou webblaaier nie.
4. Daar is gewoonlik `n kort tydsbeperking gekoppel aan die versoek, byvoorbeeld “binne 24 uur”.
5. Maak seker die versoeke is wettig deur die maatskappy se telefoonnommer te skakel en uit te vind.
6. Moenie sensitiewe informasie met e-pos stuur nie. Wettige maatskappye sal nie vra dat jy data per e-pos aan hulle stuur nie.

Bo en behalwe bogenoemde, is die beste veiligheidsmaatreël oplettendheid en versigtigheid. Meld verdagte e-posse aan by sysadm@sun.ac.za en lees ook artikels oor sekuriteit op ons blog, sowel as die twee-weeklikse nuusbrief, Bits & Bytes.

[:]

Tags: phishing
Posted in E-mail, Security | Comments Off on [:en]Phishing remains prevalent[:af]Phishing steeds algemeen[:]

E-mails with a hidden agendaE-posse met `n versteekte agenda

Wednesday, October 14th, 2015

Two e-mails trying to scam staff out of their information, and potentially money, materialised in our mailboxes last week.

The first is a familiar one attempting to get you to reactivate to increase your webmail quota.

The source of the scam is Russia, and it uses a man-in-the-middle method to send out the mail. This method takes the e-mail credentials from a staff member who has inadvertently given their e-mail details to the scammers. It typically occurs when you respond to a “you have won/inherited X-amount of money in a lucky draw/online survey/death of a unknown relative/government official” e-mail or click on an advert on a compromised website.

The scammers use your e-mail address and, if it is also infected with malware or a virus, your PC, to send an e-mail to all accounts within the same organisation.

The use of a university e-mail as the alleged sender often lulls us into thinking it is legitimate and we respond. We forget that “senders” and most mail details in an e-mail can be forged by these scammers.

The mail below is an example of one such scam. It might be useful to remember that personnel currently have 1Gb of mailbox storage, and students have 50Gb through Office365. The dangerous links have been removed.

The second e-mail targets Pick & Pay clients with an e-mail on Smart Shopper credits. (see example below with active links removed)

Take note of the following:

1. The e-mail is never addressed to you personally – it’s just a generic heading.
2. It asks the receiver to divulge personal information, e.g, Smartshopper number and ID number.
3. The wording is somewhat threatening – “make sure” and “must”.

With the information sourced by the e-mail, Smartshopper cards can be duplicated. Since your ID number is also joined with your Smartshopper card, not only your credits are at risk, but also the possibility of identity theft.

Never respond to this sort of mail. Information Technology will never send such a mail about your mailbox size and Pick & Pay also won’t communicate with its clients in this way. If in doubt phone the IT Service Desk.

From: University, Personnel, Address <faultyaddress@sun.ac.za>

Sent: Wednesday, 14 October 2015 08:24
Subject: 500MB

Dear E-mail User,

Your webmail quota has exceeded the set quota which is 500MB. you are currently running on 1.3GB. To re-activate and increase your webmail quota please verify and update your webmail Account In order to re-activate and increase your webmail quota click link : http://phishing.site.in.russia/ LOGON WITH YOUR LOGIN DETAILS TO COMPLETE UPGRADE.

Failure to do so may result in the cancellation of your webmail account. You may not be able to send or receive new mail until you re-validate your mailbox.

Thanks, and sorry for the inconvenience.

Admin/ Webmaster/ Local host

From: Pick N Pay [mailto:faultyaddress@pnp.co.za]

Sent: Tuesday, 20 October 2015 05:42
Subject: Your R700 Pick N Pay (PNP) Shopping Voucher ready for claim

Attention PNP Smart Card Owner,

You have qualified to receive a shopping voucher of R700 to shop for groceries at any “PNP” outlet near you. Make sure you have your SMART SHOPPER CARD with you before you can proceed.

CLICK HERE TO PROCEED

Regards,

PNP

[INFORMATION SUPPLIED BY DAVID WILES]

Twee e-posse wat hul bes probeer om jou inligting vas te lê, het die week in universiteitsposbusse verskyn.

Die eerste is `n e-pos wat beweer dat jy moet heraktiveer sodat jou webmail spasie vergroot kan word.

Die oorsprong hiervan is Rusland en dit gebruik die “middelman” metode om die e-pos uit te stuur. Die “middelman” metode gebruik die e-pos besonderhede van `n personeellid wat onbewustelik hul e-pos inligting aan kuberkrakers verskaf het. Dit gebeur gewoonlik as `n persoon reageer op `n “jy het X-bedrag gewen/geërf in `n gelukkig trekking/aanlyn opname/afsterwe van `n onbekende familielid/regeringsamptenaar”- e-pos of gekliek op `n webwerf wat besmet is.

Die kuberkrakers gebruik dan die e-posadres en soms ook die rekenaar, indien dit ook besmet is met `n virus of malware, om e-pos te stuur aan al die e-posadresse binne dieselfde organisasie.

Die bekende @sun adres maak ons gerus. Ons dink dis veilig en reageer sonder om twee keer te dink daaroor. Ons vergeet dat skelms slim is en feitlik enigiets kan namaak.

Onder is `n voorbeeld van die e-pos. Die aktiewe skakels is ook verwyder vir jou eie veiligheid.

Onthou dat personeel tans `n 1GB e-pos stoorspasie het en studente 50GB op Office365.

Die tweede teiken Pick & Pay kliënte met `n e-pos oor Smart Shopper-punte.

Let op die volgende:

1. Die e-pos is nie persoonlik aan jou gerig nie, dis net `n generiese aanhef.
2. Dit vra persoonlike inligting soos jou ID-nommer en Smartshopper nommer.
3. Die bewoording is dreigend – “make sure” and “must”.

Met die inligting wat ingewin word deur die e-pos, kan Smartshopper kaarte gedupliseer word. Aangesien jou ID-nommer ook aan jou Smartshopper-kaart gekoppel is, is die risiko nie net dat jy punte of krediet gaan verloor nie, maar dat dit ook verdere implikasies hê.

Sien ook onder `n voorbeeld waar die skadelike skakels reeds verwyder is.

Moet nooit reageer op hierdie tipe e-posse nie. Informasietegnologie sal nooit so `n e-pos stuur oor jou posbus grootte nie en Pick & Pay sal ook nie so met sy kliënte kommunikeer nie . As jy twyfel, skakel eerder die IT Dienstoonbank.

From: University, Personnel, Address <faultyaddress@sun.ac.za>

Sent: Wednesday, 14 October 2015 08:24
Subject: 500MB

Dear E-mail User,

Failure to do so may result in the cancellation of your webmail account. You may not be able to send or receive new mail until you re-validate your mailbox.

Thanks, and sorry for the inconvenience.

Admin/ Webmaster/ Local host

From: Pick N Pay [mailto:faultyaddress@pnp.co.za]

Sent: Tuesday, 20 October 2015 05:42
Subject: Your R700 Pick N Pay (PNP) Shopping Voucher ready for claim

Attention PNP Smart Card Owner,

You have qualified to receive a shopping voucher of R700 to shop for groceries at any “PNP” outlet near you. Make sure you have your SMART SHOPPER CARD with you before you can proceed.

CLICK HERE TO PROCEED

Regards,

PNP

[INLIGTING VERSKAF DEUR DAVID WILES]

Tags: phishing, webmail
Posted in E-mail, Security | Comments Off on E-mails with a hidden agendaE-posse met `n versteekte agenda

Phishing scam: Ibanking confirmation

Monday, September 28th, 2015

Scammers never give up, and this latest iteration tries to disguise itself as a message from Capitec Bank. It is poorly executed with some glaring mistakes, but nevertheless they still catch people in South Africa. (Did you know that according to a report from the South African Banking Risk Information Centre (SABRIC), South African were scammed out of R2.2 billion by phishing scams in 2013 alone.)

Below is a e-mail that is making its rounds again, this time from Capitec.

Note several tell-tale signs that this is a phishing scam:

The email has improper spelling or grammar
The hyperlinked URL is different from the one shown (this one comes from a hijacked domain based in the USA)
The email urges you to take immediate action
The email requests for personal information
…and for the technically-inclined the most obvious mistake is the IP address.

[IP addresses are a unique string of numbers separated by full stops that identifies each computer using the Internet Protocol to communicate over a network. These addresses are 4 sets of numbers each between 0 and 255 (256 unique values) The university’s IP address ALWAYS begins with 146.232…]

In this case the IP address is fake. There will never be an IP with a value of 362…

—————————————————————————————————

From: Capitec. [mailto:capitec@cnserv.co.za]
Sent: 25 September 2015 12:57 PM
To: Victim, IAMA, Mej <iamavictim@sun.ac.za>
Subject: Ibanking confirmation

Dear valued Client

An ip address 82.128.362.135 made some incorrect logon attempts
with your remote pin.

Please respond to this by following the reference below and you
will be guided through the secure restore process.

Restore ebanking access (this link has been cleaned up and is no longer a danger)

You may experience future problems with your
online access by failing to attend to this matter.

Ebanking Service

—————————————————————————————————–

[ARTICLE BY DAVID WILES]

Tags: Capitec
Posted in E-mail, Security | Comments Off on Phishing scam: Ibanking confirmation

Regret sending that e-mail?Spyt oor daai e-pos?

Tuesday, September 22nd, 2015

Maybe you are extremely irritated with a colleague, or worse, your boss and want to vent your anger. So you send an e-mail.

Practically just as you press the send button, you realise it might not have been such a great idea. For all the hotheads out there, we might have a solution for you. That is, if you use Gmail.

In June this year Gmail activated a function called Undo Send. If you make a typo or regret sending a message, you can undo the action by enabling Undo send. This setting gives you the option to take back a message you just sent.

To enable Undo Send:

Click the gear in the top right .
Select Settings.
Scroll down to Undo Send and click Enable.
Set the cancellation period (the amount of time you have to decide if you want to unsend an email).
Click Save Changes at the bottom of the page.

If you had Undo Send turned on in Gmail Labs, your Undo Send setting will be on by default.

To give you time to undo, Gmail delays sending the message for a few seconds. Under the Undo Send function you can also set the cancellation period to 1, 3 or 20 seconds. Once that window of time passes the email is sent normally and cannot be undone as it is already transferred from your mail server to the recipient’s mail server. If you don’t select Undo within the time limit, your message will be sent.

Just take note that Undo send may not work if you experience connection issues.

For all the Outlook users out there, don’t despair. Outlook also has a function to recall messages. Just as with Gmail there are also limitations as to what you can do with the recall function. The success or failure of a recall depends on the recipients’ settings in Microsoft Outlook.

For example, if the message has already been read by the recipient, it will not be recalled. If it has been delivered, both the new and old message will be in the recipient’s mailbox. However, the recipient will be informed that you, the sender, deleted the message from his or her mailbox.

For full instructions on how to use Outlook’s recall function, click here.

[SOURCE: www.howtogeek.com]

Dalk is jy baie vies vir `n kollega, of erger – jou baas – en wil jy jou frustrasie uitdruk. En dan stuur jy `n e-pos.

Die oomblik nadat jy die send-knoppie gedruk het, besef jy dit was waarskynlik nie so `n goeie idee nie. Vir al die impulsiewes daarbuite het Gmail `n veiligheidsnet ingebou.

In Junie vanjaar het Gmail die Undo Send funksie geaktiveer. As jy `n tikfout maak of spyt is oor `n boodskap, kan jy dit ongedaan maak deur Undo send te aktiveer. Hierdie verstelling gee jou die opsie om die boodskap wat jy gestuur het te herroep.

Om Undo Send te aktiveer:

Kliek op die rat in die regterkantse hoek bo .
Kies Settings.
Rol af tot by Undo Send en kliek Enable.
Kies die kansellasie-tydperk (die tydperk wat jy het om te besluit of jy die e-pos wil herroep)
Kliek Save Changes onderaan die bladsy.

Indien jy Undo Send aangesit het in Gmail Labs, sal die Undo Send verstelling by verstek aan wees.

Om jou die geleentheid gee om `n e-pos te herroep, vertraag Gmail die versending vir `n paar sekondes. Sodra die tydperk verby is en die e-pos, soos normaal gestuur is, kan dit nie gestop word nie aangesien dit reeds oorgestuur is van jou e-posbediener na die ontvanger se e-posbediener. As jy nie Undo binne die tydbeperking kies nie, sal jou boodskap gestuur word.

Neem kennis dat Undo send moontlik nie mag werk as jy probleme met jou verbinding het nie.

Vir al die Outlook-gebruikers is daar ook `n oplossing. Outlook het `n opsie op boodskappe te herroep. Net soos met Gmail is daar ook beperkinge op wat jy kan doen met die herroep-funksie. Die sukses of mislukking hang af van die ontvanger se verstellings in Microsoft Outlook.

Byvoorbeeld, as die boodskap reeds deur die ontvanger gelees is, sal dit nie herroep word nie. Indien dit reeds afgelewer is, sal beide die nuwe en ou boodskappe in die ontvanger se posbus lê. Die ontvanger sal wel ingelig word dat jy, die versender, die boodskap uit sy posbus verwyder het.

Vir volledige instruksies oor die gebruik van Outlook se herroepfunksie, kliek hier.

[BRON: www.howtogeek.com]

Tags: Gmail, Outlook, unsend
Posted in E-mail | Comments Off on Regret sending that e-mail?Spyt oor daai e-pos?

New html phishing scam Nuwe html “phishing”

Wednesday, August 26th, 2015

There are a number of e-mails arriving in student and personnel accounts that have malware/virus infected attachments, usually *disguised* as .html files.

The e-mails have subject lines like “UCount reward confirmation” and “Confirmation of epayment” and have .html attachments. After clicking the link on the webpage that appear, you will be sent to a fraudulent site, which looks just like the institution’s web site and you will be asked for various sensitive information. Although the Trojan attachment does not install anything into the system, it utilizes the “social engineering” technique to force users fill in their personal data on a fraudulent web site.

Always beware when asked for private information.
Do not click on links in e-mail and do not copy-paste them into your browser.
Open a new browser window and type in the company’s correct address.
Make sure such requests are genuine by, for example, calling a known company’s phone number.
Do not send sensitive information by e-mail. Legitimate companies do not ask you to send important data by e-mail.

Be careful out there. The reason why scammers are so successful is because they catch people regularly!

[ARTICLE BY DAVID WILES]

Op die oomblik ontvang heelwat studente- en personeelrekeninge e-pos met “malware” of virusbesmette aanhangsels, gewoonlik *versteek* as .html leêrs.

Die e-posse se onderwerpe sluit onderwerptitels in soos “UCount reward confirmation” en “Confirmation of epayment”. Daarmee saam word `n .html dokument gestuur.

Nadat jy op die skakel op die webblad (.html dokument) gekliek het, sal jy herlei word na `n vals webwerf. Die webwerf sal wel lyk soos die instelling se webwerf, maar dis bloot `n kopie. Die webwerf sal, onder andere, persoonlike en vetroulike inligting van jou vra.

Alhoewel die Trojan-aanhangsel nie enigiets op jou rekenaar installeer nie, gebruik dit `n sosiaal-gefabriseerde tegniek om gebruikers te dwing om persoonlike inligting op `n valse webwerf in te voer.

Wees altyd versigtig wanneer privaatinligting gevra word.
Moenie kliek op skakels in e-posse nie en moet dit nie kopieer en plak in jou webblaaier nie.
Maak `n nuwe blaaier-oortjie oop en tik die betrokke maatskappy se regte adres in.
Maak seker die versoeke is wettig deur, byvoorbeeld, die maatskappy se telefoonnommer te skakel.
Moenie sensitiewe informasie met e-pos stuur nie. Wettige maatskappy sal nie vra dat jy data per e-pos aan hulle versend nie.

Wees versigtig daar buite. Kubermisdadigers is so suksesvol omdat hulle so gereeld mense uitvang!

[ARTIKEL DEUR DAVID WILES]

Posted in E-mail, Security | Comments Off on New html phishing scam Nuwe html “phishing”

IT links

SU Links

[:en]Recent Posts[:af]Onlangse bydraes

[:en]Categories[:af]Kategorieë

[:en]Archives[:af]Argiewe