SEARCH

  • [:en]Recent Posts[:af]Onlangse bydraes

  • [:en]Categories[:af]Kategorieë

  • [:en]Archives[:af]Argiewe

E-mail

« Older Entries
Newer Entries »

CBT Locker virus on campusCBT Locker ransomware op kampus

Wednesday, February 18th, 2015

A growing number of incidents of the CBT Locker virus, which has more than 50 variants, has been spotted on campus. This virus is also considered ransomware and infects your PC when you visit lesser known websites and particularly if you download games and movies.

The ransomware copies all the data on your harddrive, encrypts and deletes it and you’re left with gibberish. A ransom fee is demanded, but the odds that you’ll get your data back at all, are slim.

There is no way to recover data if your PC has been attacked by one of the the Locker viruses.

• DO NOT open .ZIP attachments unless specifically requested from the sender. View the email header or send a separate email to validate the sender before opening attachments.
• Regularly back up data to your network space or an external hard drive. Data residing on user devices will be permanently lost in the event of a ransomware
• DO NOT click embedded hyperlinks in email. Although the Crypto Locker ransomware threat is normally sent as an attached .ZIP file, ransomware has been downloaded from opening malicious websites.
• Stay away from unknown, suspicious websites offering game or movie downloads and torrents and DO NOT click on any pop-ups.
• Report suspect email to sysadm@sun.ac.za.

Toenemende insidente van die CBT Locker virus, waarvan daar meer as 50 variante bestaan, word tans op kampus waargeneem. Hierdie virus word ook beskou as ransomware, en beland op jou rekenaar as jy minder bekende webwerwe besoek en byvoorbeeld speletjies of flieks aflaai.

Die ransomware kopieer alle data op jou hardeskyf, enkripteer en vee dit uit en slegs `n gebrabbel bly oor. `n Losprys word geëis as jy jou data wil terughê, maar die kans vir herwinning is skraal.

Daar is geen manier waarop die data teruggkry kan word as jou rekenaar besmet is met een van die Locker-virusse nie.

• MOENIE .ZIP aanhangsels oopmaak tensy spesifiek so versoek deur die sender nie. Kyk eers na die e-pos se hofie en stuur `n aparte e-pos om die sender te bevestig voordat jy die aanhangsel bloot oopmaak.
• Rugsteun jou data op `n gereelde basis na `n eksterne hardeskyf of jou netwerkspasie. Data op gebruikers se toestelle sal permanent verlore wees as dit besmet word deur ransomware.
• MOENIE op hiperskakels in e-posse kliek nie. Alhoewel die Crypto Locker ransomware soms deur minder van `n aangehegte .ZIP leêr gestuur word, kan dit ook afgelaai word deur skadelike webwerwe te besoek.
• Bly weg van onbekende, suspisieuse webwerwe en torrents wat speletjies of flieks aanbied en MOENIE op enige pop-ups kliek nie.
• Meld suspisieuse e-posse aan by sysadm@sun.ac.za

Email

Posted in E-mail, Security | Comments Off on CBT Locker virus on campusCBT Locker ransomware op kampus

Outwit phishing attemptsFnuik phishing-pogings

Friday, February 13th, 2015

Over the past two weeks we’ve already recorded at least three incidents where phishing e-mails were sent to SU staff. Although we try to warn users against specific e-mails and block these e-mails on server level as soon as we’re aware of them, it’s almost impossible to protect e-mail users against each and every fraudulent e-mail.

The responsibility lies with the e-mail user in recognising the tell-tale signs and establishing whether it’s a phishing e-mail or not. Unfortunately 99% of the time it is and if you’re ever in doubt over clicking on a link, rather don’t. Go directly to the institution’s website and log in from there or contact the company or bank to confirm whether they sent it.

The latest example of such an e-mail is an e-mail which seems to be from Discovery and (of course) promises a reward. This is also a way to entice you into clicking on the links. Also look out for bad spelling, grammar and formatting. The links may look convincing, but when you move the mouse over them, are they really Discovery’s website links? By merely noticing this, you can immediately confirm that this is indeed an attempt at phishing. More hints on recognising fraudulent e-mails can be found here.

Immediately delete the e-mail and don’t click on the links or fill in any information. If you’ve supplied your info, immediately change your password and PIN and contact the institution to inform them of the breach. You can also send an e-mail to  sysadm@sun.ac.za with the subject SPAM and attach the suspect e-mail. IT system administrators will then be able to block the e-mail and protect other staff against it.

 

EXAMPLE OF “PHISHING” E-MAIL:

FROM: DiscoveryCard <discoverycards@discovery.co.za>
SUBJECT: DiscoveryCard: 09 Feb:- Last chance to redeem your 7000 Discovery miles Point

Attention Valued Customer,

Your Discovery Card was credited with 7000 Miles (R700) as a reward for been a loyal customer last  2 weeks today ( Final notice) , but you did not claim it, we are giving you another chance. Follow the instructions below:-

  1. Click this link http://www.discovery.co.za/portal/individual/login 
  2. Then enter your www.discovery.co.zaUsername and Password and click login
  3. Update your Discovery Credit Card  details and click update after you have completed it( Note:-Do not fail to enter the full details correctly, because the system will credit the R700 on the card details entered).

Regards,

Discovery Miles Team

 

 

Stuur ‘n e-pos aan sysadm@sun.ac.za met Subject: SPAM en heg dan die verdagte e-pos met Insert Item aan.

 

 

 

Binne die afgelope twee weke was ten minste reeds 3 insidente waar phishing e-posse na US-personeel gestuur is. Alhoewel ons telkens gebruikers probeer waarsku teen spesifieke e-posse en dit ook, sodra ons bewus is daarvan, blokkeer op bedienervlak, is dit bykans onmoontlik e-posgebruikers teen elke moontlike aanval te beskerm.

Die onus berus by die e-posgebruiker om uit te kyk vir die gevaartekens en self te bepaal of dit wel pespos is. Ongelukkig is dit wel 99% van die tyd en as jy enigsins twyfel of jy op `n skakel moet kliek, moet dit liewer nie doen nie. Gaan direk na die instansie se webblad en teken van daar aan of skakel eerder die maatskappy of bank self om te bevestig.

Die nuutste voorbeeld hiervan is `n e-pos wat voorkom of dit van Discovery kom en natuurlik iets belowe – hoe anders sal hulle jou dan kan vang? Kyk ook uit vir slegte spelling, grammatika en formatering. Die skakels mag oortuigend lyk, maar as jy met jou muis daaroor beweeg, is dit regtig Discovery se webadres. Bloot uit hierdie twee observasies, kan jy dadelik vasstel dat dit `n phishing-poging is. Lees meer oor hoe om hierdie tipe e-posse uit te ken hier.

Vee die e-pos dadelik uit en moenie op enige skakels kliek of enige inligting invul nie. Indien jy dit wel gedoen het, verander onmiddellik jou wagwoord en PIN-nommer en kontak die instansie self.  Jy kan ook  ‘n e-pos aan sysadm@sun.ac.za met die Subject: SPAM stuur en die verdagte e-pos met Insert Item aanheg. Sodoende kan IT se stelseladministrateurs die e-pos blok en ander personeel daarteen beskerm word.

 

 VOORBEELD VAN “PHISHING” E-POS:

FROM: DiscoveryCard <discoverycards@discovery.co.za>
SUBJECT: DiscoveryCard: 09 Feb:- Last chance to redeem your 7000 Discovery miles Point

Attention Valued Customer,

Your Discovery Card was credited with 7000 Miles (R700) as a reward for been a loyal customer last  2 weeks today ( Final notice) , but you did not claim it, we are giving you another chance. Follow the instructions below:-

  1. Click this link http://www.discovery.co.za/portal/individual/login 
  2. Then enter your www.discovery.co.zaUsername and Password and click login
  3. Update your Discovery Credit Card  details and click update after you have completed it( Note:-Do not fail to enter the full details correctly, because the system will credit the R700 on the card details entered).

Regards,

Discovery Miles Team

 

 

 

 

Email

Posted in E-mail, Security | Comments Off on Outwit phishing attemptsFnuik phishing-pogings

Whatsapp for you PCWhatsapp vir jou rekenaar

Friday, February 13th, 2015

whatsappMany of us practically break out in hives if we’re outside the cellphone or WiFi reception range, while others are at their happiest in the middle of nowhere with no cellphone tower in sight. If you fall into the first category, you’re probably a devoted WhatsApp user.

The good news is that, from the end of January, WhatsApp will not only be limited to your phone, but also on your tablet or PC. Whatsapp Web gives users the convenience of sending and receiving messages via a website.

Your chats will be automatically synchronised between your phone and PC. The only limitation at this stage is Google Chrome as prerequisite. If you’d like to use WhatsApp on your PC, you’ll find detailed instruction on Cnet, as well as an instructional video.

Unfortunately with the convenience and accessibility of WhatsApp also comes risk. If you use WhatsApp on a regular basis, look out for the following scams.

A new Wangiri campaign, where users are encouraged to make expensive international calls, is doing the rounds.  Wangiri is a type of cellphone fraud where the perpetrator randomly calls cell numbers and puts down the phone after one ring. A missed call shows on the victim’s phone and he calls back since he believes the call was intended for him. In actual fact he’s calling a very expensive premium number.

In this instance WhatsApp users receive a message with a contact card attached and the message asks the cellphone owner call back. Read more on this scam here.

A second example is an SMS campaign which could cost WhatsApp users R210-00 a month. An SMS with the following wording is received:

“You have not updated to the latest WhatsApp add-ons. Click here now [URL]. (Free MSG) 31655 optout dial 0110621424”.

A link guides users to a screen with the message “Update your wall 4 WhatsApp”. Fine print below indicates that you’re actually subscribing to a social network called Buddiechat, which will cost you R7-00 per day.

WhatsApp users unknowingly click on the link because they believe it’s legitimate  WhatsApp communication or because they’re too preoccupied to read. Read the full article on mybroadband. 

 

whatsappBaie van ons raak paniekbevange as ons buite selfoon of  WiF-ontvangs  is, terwyl ander op hul gelukkigste is in die middel van nerens met geen selfoontoring in sig. As jy in die eerste kategorie val, is jy waarskynlik ook `n geswore WhatsApp-gebruiker. 

Die goeie nuus is dat WhatsApp vanaf einde Januarie nie net op jou foon beskikbaar is nie, maar ook op jou tablet of rekenaar. Whatsapp Web gee aan gebruikers die gerief om gebruikers boodskappe te laat stuur en ontvang deur middel van `n webwerf.

Jou gesprekke sal ook outomaties gesinkroniseer word tussen Whatapp op jou selfoon en die toepassing op jou rekenaar.  Die enigste nadeel is dat dit slegs gebruik kan word met Google Chrome. As jy WhatsApp op jou rekenaar wil gebruik, kan jy die volledige instruksies op Cnet bekom.

Met die gemak en toeganklikheid van WhatsApp kom egter ook `n bietjie risiko. As jy gereeld Whatapp gebruik, kyk ook uit vir hierdie nuutste bedrogpogings.

 `n Nuwe WhatsApp Wangiri veldtog is tans in omloop waar gebruikers genoop word om `n internasionale oproep te maak wat gevolglik tot geweldige hoë kostes ly. 

Wangiri is `n tipe telefoonbedrog waar die skuldige lukrake nommers skakel en die foon neersit na een lui. `n Gemisde oproep wys dan op die ontvanger se foon. Die selfoongebruiker skakel terug omdat hy glo die oproep was vir hom bedoel en inderwaarheid skakel hy ‘n premium (en duur!) nommer.

WhatsApp-gebruikers kry `n boodskap met `n kontak aangeheg wat vra dat die “persoon” teruggebel word. Lees meer oor dié nuutste skema hier.

`n Tweede voorbeeld is `n SMS-veldtog kan WhatsApp-gebruikers R210-00 per maand uit die sak jaag. `n SMS word ontvang met die volgende bewoording word ontvang:

“You have not updated to the latest WhatsApp add-ons. Click here now [URL]. (Free MSG) 31655 optout dial 0110621424”. `n Skakel lei gebruikers na `n skerm met die boodskap “Update your wall 4 WhatsApp”.

Die fynskrif onderaan dui aan dat jy eintlik inskryf vir `n sosiale netwerk genaamd Buddiechat wat jou R7-00 per dag uit die sak gaan jaag. Gebruikers kliek onwetend op die skakel omdat hulle glo dis wettige WhatsApp-kommunikasie of omdat hulle in gedagte is. 

Lees die volledige artikel op mybroadband. 

Email

Posted in Apps, Communication, E-mail | Comments Off on Whatsapp for you PCWhatsapp vir jou rekenaar

Update: E-mail for pensionersNuutste: E-pos vir pensionarisse

Thursday, February 5th, 2015

Recently we mentioned that the e-mail policy for pensioners would change from June 2015. As clearly noted from the comments, this decision unfortunately caused some dissatisfaction.

We would like to announce that, until further notice, the current status quo regarding e-mail for pensioners will be maintained. You can therefore continue with reregistration and the use of your @sun.ac.za e-mail service as before.

For any enquiries, please contact the IT Service Desk.

Ons het onlangs berig dat die e-posbeleid vir pensionarisse vanaf Junie 2015 aangepas sou word. Soos duidelik uit kommentaar blyk, het dit ongelukkig ontevredenheid veroorsaak.

Ons wil hiermee aankondig dat tot en met verdere kennisgewing, die huidige status quo wel behoue sal bly. U kan dus voortgaan met herregistrasie en die gebruik van u @sun.ac.za e-posdiens soos in die verlede.

Vir enige verdere navrae, kontak gerus die IT Dienstoonbank.

Email

Posted in E-mail | Comments Off on Update: E-mail for pensionersNuutste: E-pos vir pensionarisse

Phishing alert

Monday, February 2nd, 2015

Please take note that there’s a new phishing attack on sun e-mail addresses. We’ve blocked it on server level, so users should not receive the suspicious e-mail.

If you receive an email claiming to be from the IT department (see example below), do not open it or click on any of the links.

This is a phishing email attempting to acquire your passwords and other information. Immediately delete the email and do not reply to it.

IT e-mails will always be in the same format with IT’s name, correct contact details, the SU logo and and English and Afrikaans version. Please read our guidelines on how to distinguish between an offical e-mail and a phishing e-mail HERE.

 

 

From: Stellenbosch University [mailto:abiederm@kent.edu]
Sent: 31 January 2015 11:13
Subject: Dear Stellenbosch University Email user

Dear Stellenbosch University Email user,

Due to database maintenance equipment that is happening in our Stellenbosch University mail message center. Our Stellenbosch University message center must be reset due to the large number of spam messages we receive daily in our database. The maintenance of quarantine will help us avoid this dilemma every day and with the new improved software will provides our Stellenbosch University Email users with a secure mail system and new security system to protect our users from getting their Stellenbosch University accounts being hacked.

To validate your Stellenbosch University Email mailbox, kindly CLICK LINK  http://webmaintance.weebly.com. to visit the Stellenbosch University

customer secure LINK specified on this email and fill out the account validation form to validate your Stellenbosch University email powered account:

 

Thanks,

All rights reserved © 2007 – 2009 Stellenbosch University

Private Bag X1, Matieland, 7602, Stellenbosch, South Africa

 

Email

Posted in E-mail, Security | Comments Off on Phishing alert

« Older Entries
Newer Entries »