SEARCH

  • [:en]Recent Posts[:af]Onlangse bydraes

  • [:en]Categories[:af]Kategorieë

  • [:en]Archives[:af]Argiewe

Security

« Older Entries
Newer Entries »

[:en]Spear phishing attack using a staff email[:]

Monday, September 20th, 2021

[:en]

If you receive an e-mail from Prof. Wolfgang Preiser – Head of the Department of Virology asking about a “PAYMENT”, you might be tempted to quickly answer and offer your assistance.

However, this was a spear-phishing scam designed to fool its victims into thinking the mail was sent out by someone like Prof Preiser.

We are getting several reports from personnel within his department saying that they are getting e-mail from Prof. Preiser and were concerned if his e-mail account has been compromised and if this is a phishing attack.

Here is what the phishing scam looks like.

An example of the spear phishing email using Prof Preiser's details

Click for a larger image.

Please note that the name, has been forged and that a “throwaway” execs.com e-mail address has been used with forged details inserted. The Professor’s account has not been compromised. 

The message below also serves as a warning and should give you an indication that this is not an email from an @sun address. Do not click links or open attachments unless you recognise the sender and know the content is safe.

CAUTION: This email originated from outside of the University. 

Additionally there is a standard warning from Microsoft to also warn you.

This is a spear-phishing attack where an institution is attacked by impersonating prominent or public figures within the enterprise to gain access to the enterprise. The targets in this method of attack are usually subordinates of high-ranking personnel, to fool them into sending money or obtaining personal details of these personnel members.

Keep an eye open for this scam, and please report it to IT Cyber Security if you find it in your inbox by logging it on the ICT Partner Portal. Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.​​

If you accidentally clicked on the link and already gave any personal details to the scammers it is vitally important that you immediately go to the USERADM page (either http://www.sun.ac.za/password or www.sun.ac.za/useradm) and change your password immediately.

Make sure the new password is completely different and a strong password that will not be easily guessed. Also change the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts.

Contact the IT Service Desk if you are still unsure.

[ARTICLE BY DAVID WILES]

[:]

Email

Tags: ,
Posted in News, Security | Comments Off on [:en]Spear phishing attack using a staff email[:]

[:en]Phishing scam: “Proof of Payment”[:]

Friday, August 27th, 2021

[:en]

Over 2 billion people worldwide have purchased goods or services online during the pandemic. The danger of all this convenient shopping with Takealot, Checkers or any online store is that people provide their credit card number without diligence.

One of the most prevalent scams NOW is called POP or Proof of Payment Receipt. There are a number of new phishing scams with the subject “Proof of Payment” or “Suspicious Bank transaction” at the moment. 

Here is one such scam that is currently being reported by personnel and students at Tygerberg. 

Click for larger image

Click for larger image

The way that this scam works is that the scammers are trying to get their victims to click on the link and go to a specially engineered site to steal passwords and login credentials. Often bank account details and cell phone numbers are asked for, and this is how the scammers get access to bank accounts and can do SIM swaps, to steal money and personal details.

Notice how the mail details have been forged to make the sender and the recipient the same. This is to disguise the true sender and to bypass the mail filters which would normally accept mail from within an organisation. In this case this sender used a “throw-away” Outlook.com e-mail address and then forged the headers to change the sender. In this case there is a possibility that the government address has been compromised.

If you get one of these e-mails or one similar looking (scammers change tactics very quickly) please report it to IT on the ICT Partner Portal. Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.​​

Secondly blacklist the sender under Junk mail, and perhaps even block the entire domain. You can do this by using the Report Message add-in on Outlook (available on your toolbar on the far right) More about the add-in on our blog or you can find the instructions on this .PDF

 

[ARTICLE BY DAVID WILES]

[:]

Email

Tags:
Posted in E-mail, News, Security | Comments Off on [:en]Phishing scam: “Proof of Payment”[:]

[:en]Extra layer of security added to campus computers [:af]Ekstra vlak van sekuriteit vir rekenaars op kampus [:]

Monday, August 2nd, 2021

[:en]

Cyber crime is a constantly evolving field. Even though the majority of viruses were created as pranks, it’s essential to stay informed of the various risks that exist on the internet if you want to stay safe online. Here’s a breakdown of the basics: 

Malware, or malicious software, is a catch-all term for any type of malicious computer program. Malware is the most common type of online threat.

Ransomware is an emerging form of malware that locks the user out of their files or their device, then demands an anonymous online payment to restore access.

Adware is a form of malware that hides on your device and serves you advertisements. Some adware also monitors your behaviour online so it can target you with specific ads.

Spyware is a form of malware that hides on your device, monitors your activity, and steals sensitive information like bank details and passwords.

The world of cyber crime is very similar to that of technology. Every year, new trends, breakthroughs, and tools emerge.

You’ve probably noticed a Malwarebytes Threat Scan icon on your desktop or laptop (Figure 1). Don’t worry, this isn’t a brand-new type of malware. Stellenbosch University’s IT department has added an extra layer of security to campus computers.

Figure 1

Malwarebytes Incident Response is the trusted standard in automated endpoint remediation. Unfortunately, with the current environment, some malware will return after removal and Malwarebytes will prompt you to initiate a restart (Figure 2).

Figure 2

This is because the malware will sync to your browsers profile and will be synced back to your device after it has been removed.  If you are experiencing such daily prompts for restarts by Malwarebytes, we suggest that you log a request on the ICT Partner Portal for a technician to assist with further remediation.

[ARTICLE BY BRADLEY VAN DER VENTER]

[:af]

Kubermisdaad is ʼn veld wat voortdurend ontwikkel. Alhoewel die groter meerderheid virusse aanvanklik as poetse geskep is, is dit deesdae noodsaaklik om op hoogte te bly met die verskeie risiko’s op die internet as jy veilig aanlyn wil wees. Hier is ʼn kort opsomming van die basiese gevare: 

Malware, of malicious software, is ʼn oorkoepelende term vir enige kwaadwillige rekenaarprogram. Malware is die mees algemene vorm van aanlyn-bedreiging. 

Ransomware is ʼn nuwe vorm van malware wat gebruikers se toegang tot dokumente of toestelle sluit en dan anoniem ʼn aanlynbetaling eis om toegang te herstel. 

Adware is ʼn vorm van malware wat versteek is op jou toestel en advertensies aan jou vertoon. Sommige adware monitor ook jou aanlyngedrag sodat dit pasgemaakte advertensies vir jou kan wys. 

Spyware is ʼn vorm van malware wat versteek is op jou toestel, jou aktiwiteite monitor en sensitiewe data soos bankinligting en wagwoorde steel. 

Die wêreld van kubermisdaad is soortgelyk aan die van tegnologie. Elke jaar is daar nuwe tendense, deurbrake en hulpmiddele. 

Jy het moontlik opgemerk dat daar onlangs ʼn Malwarebytes Threat Scan ikoon op jou skootrekenaar of tafelrekenaar se skerm verskyn het (Figuur 1). Moenie skrik nie, dis nie ʼn nuwe tipe malware nie! Universiteit Stellenbosch se IT-afdeling het ʼn ekstra vlak van sekuriteit op kampusrekenaars bygevoeg. 

Figuur 1

Malwarebytes Incident Response is vertroude standaard in outomatiese eindpunt remediasie. Ongelukkig, onder huidige omstandighede, beteken dit dat sommige malware kan terugkeer nadat dit verwyder is. Indien dit gebeur sal Malwarebytes jou aanpor om jou rekenaar af en aan te sit, soos aangedui in Figuur 2.

Figuur 2

Dit gebeur omdat die malware moet sinkroniseer met jou webblaaier se profiel. Dit sal weer terug sinkroniseer met jou toestel nadat dit verwyder is. Indien jy daagliks sulke versoeke van Malwarebytes kry om jou rekenaar af te sit, stel ons voor dat jy ʼn versoek aanteken op die ICT Partner Portal sodat ʼn tegnikus jou kan help. 

[ARTIKEL DEUR BRADLEY VAN DER VENTER]

[:]

Email

Tags:
Posted in News, Notices, Security, Tips, Training | Comments Off on [:en]Extra layer of security added to campus computers [:af]Ekstra vlak van sekuriteit vir rekenaars op kampus [:]

[:en]The Protection of Personal Information Act (POPIA) is here[:af]Die Wet op Beskerming van Persoonlike Inligting (POPIA) is hier[:]

Sunday, July 4th, 2021

[:en]

The Protection of Personal Information Act (4 of 2013) (POPIA) is in full effect from 1 July 2021.  A brief summary of the POPIA Act is available here.

To support the University community’s readiness for POPIA, the Division for Information Governance has launched a series of guides and tools at www.sun.ac.za/privacy, including our institutional privacy regulations, an online privacy impact self-assessment, and channels for reporting incidents or breaches of personal information.

The Division for Information Governance also offers awareness sessions, facilitated privacy impact assessments, and internal advisory and consulting services by request. For more details, contact privacy@sun.ac.za

Also read POPIA: How valuable is personal information?

Everlytic, the digital messaging platform, also has various of helpful articles on its website, as well as a handy POPIA Powerpoint guide.

[:af]

Die Wet op Beskerming van Persoonlike Inligting (4 van 2013) (POPIA) het op 1 Julie 2021 ten volle in werking getree. `n Kort opsomming van die POPIA-wet is beskikbaar hier.

Ter ondersteuning van die Universiteit van Stellenbosch se voorbereiding om gereed te wees vir POPIA, het die Afdeling Inligtingsoorsigbestuur ʼn reeks gidse en gereedskap gepubliseer op www.sun.ac.za/privaatheid.  Dit sluit in die institusionele privaatheidsregulasies, ʼn aanlyn privaatheidsimpak assessering asook kanale om insidente en oortredings in die gebruik van persoonlike inligting aan te meld. 

Vir meer inligting volg asb. die skakel na www.sun.ac.za/privacy.  Sessies oor bewusmaking, gefasiliteerde impakstudies op privaatheid en interne advies- en konsultasiedienste is ook beskikbaar op versoek. Vir meer inligting, kontak privacy@sun.ac.za

Lees ook: POPIA: Hoe waardevol is jou inligting?

Everlytic, die digitale boodskap-platform, het ook `n verskeidenheid nuttige artikels op sy webwerf, sowel as `n handige POPIA Powerpoint-gids

[:]

Email

Posted in News, Notices, Security | Comments Off on [:en]The Protection of Personal Information Act (POPIA) is here[:af]Die Wet op Beskerming van Persoonlike Inligting (POPIA) is hier[:]

[:en]Downloading of films and series can be traced and fined[:af]Aflaai van onwettige flieks en reekse kan beboet word[:]

Thursday, May 20th, 2021

[:en]

With a fast internet connection and unlimited, “free” internet, it’s possible to download movies and series to your heart’s content. Unless you use a pay streaming platform it’s also illegal. Additionally, if you use the university’s network and/or devices it’s also a breach of the university’s Electronic Communications Policy – a policy all students and staff agree to when they annually activate their network access. Therefore your network access can be revoked if you are caught downloading and hosting illegal content.

Up to a few years back television networks and film companies weren’t geared to trace and stop downloading and distribution of illegal movies. It was just too difficult and not cost-effective. This is no longer the case – even in South Africa. Everything you do online can be tracked and traced.  

Information Technology receive regular notifications from companies such as Warner Bros. and Columbia Pictures indicating that illegal, copyrighted material is being downloaded and seeded (distributed) from IP addresses within the university’s network. These emails include the specific IP address which we can trace to the user, the material downloaded and distributed and at which times. When we receive these notifications, we immediately send an email to the user of the address with a written warning. If they do not comply, these companies will take legal action.

The distribution or seeding of copyrighted material without a licence is both a criminal and civil offence in South Africa, even if distribution takes place from BitTorrent. Just because it’s available via a torrent, it doesn’t mean it’s legal.

In South Africa, under the Copyright Law of 1978, you can be sentenced for up to 5 years in prison and a fine of up to R10,000 for each item you distribute. Between 2010 and 2012, 200,000 people have been sued for uploading and downloading copyright material via BitTorrent.

So before you download the latest episode of your favourite series or stream movies from an illegal file sharing site, consider the consequences. There are many legal options to watch media online, from Netflix  to Showmax, so rather be safe and legal.

MORE INFORMATION:

How does BitTorrent and seeding work?

http://en.wikipedia.org/wiki/BitTorrent 

http://www.bittorrent.com/help/guides/beginners-guide

 

Example of a warning letter:

We are writing this letter on behalf of Columbia Pictures Industries, Inc. (“Rights Holder”) who own certain rights under copyright law in the title White House Down.

You are receiving this notice because your Internet account was identified as having been used recently to copy and/or distribute illegally the copyrighted motion pictures and/or television shows listed at the bottom of this notice. This notice provides you with the information you need in order to take immediate action that can prevent serious legal and other consequences. These actions include:

1. Stop downloading or uploading without authorization any motion pictures or TV shows owned or distributed by Rights Holder; and
2. Permanently delete from your computer(s) all unauthorized copies you may have already made of these movies and TV shows.
If this notice is being received by an Internet Service Provider (ISP), please forward the notice to the individual associated with the activities.
The unauthorized distribution or public performance of copyrighted works constitutes copyright infringement under the Copyright Act, Title 17 U.S Code Section 106(3)-(4). This conduct may also violate the Berne Convention for the Protection of Literary and Artistic Works and The Universal Copyright Convention, as well as bilateral treaties with other countries that allow for protection of Rights Holder copyrighted works even beyond U.S borders.
Below is the detail for your reference:
– ————- Infringement Details ———————————-
Title: White House Down
Timestamp: 2013-09-19T23:18:28Z
IP Address: 146.232.***.**
Port: *****
Type: BitTorrent
Torrent Hash: *************************************

 [SOURCE: http://mybroadband.co.za]

 

 

[:af]

Met `n vinnige internetkonneksie en onbeperkte, “gratis” internet is dit vandag moontlik om die nuutste flieks en reekse af te laai. Indien jy nie `n betaal stroomplatform gebruik nie, is dit ook onwettig. Verder, as jy die universiteit se toerusting en/of netwerk gebruik, is dit `n oortreding van die Elektroniese Kommunikasiebeleid – `n beleid wat elke student en personeellid onderteken wanneer hulle jaarliks netwerktoegang heraktiveer word. Gevolglik kan jou netwerktoegang ook opgehef word as jy onwettige materiaal aflaai en aan ander gebruikers verskaf.

 Tot `n paar jaar gelede het TV-netwerke en filmmaatskappye nie te veel moeite gedoen om die aflaai en verspreiding van onwettige flieks en reeks te kniehalter nie. Dit was eenvoudig te moeilik en nie koste-effektief nie. Dis egter nie meer die geval nie. 

Informasietegnologie ontvang gereeld e-posse van maatskappye soos Warner Bros. en Columbia Pictures wat aandui dat onwettige, kopiereg materiaal afgelaai en versprei word vanaf IP-adresse binne die universiteit se netwerk.  Hierdie e-posse sluit die presiese IP-adres wat die onwettige materiaal afgelaai het, sowel as die naam van die materiaal wat afgelaai en versprei is, in. IT word gevolglik genoodsaak om die persoon aan wie die adres behoort te kontak en `n skriftelike waarskuwing te gee.

Die verspreiding (seeding) van kopieregmateriaal sonder `n lisensie is beide `n kriminele en siviele oortreding in Suid-Afrika, selfs al is die verspreiding oor BitTorrent. In Suid-Afrika, onder die Kopiereg Wet van 1978, kan dié oortreding jou in die tronk laat beland vir tot 5 jaar en `n boete van tot R10,000 vir elke item wat jy versprei.

Tussen 2010 en 2012, is 200,000 mense gedagvaar vir die oplaai en aflaai van kopieregmateriaal deur BitTorrent.

So, voordat jy die nuutste episode van jou gunsteling reeks gou aflaai, oorweeg eers mooi of jy die kans wil waag. Dis dalk veiliger om van `n wettige diens soos Netflix of Showmax gebruik te maak.

MEER INLIGTING:

Hoe werk BitTorrent en “seeding”?

http://en.wikipedia.org/wiki/BitTorrent 

http://www.bittorrent.com/help/guides/beginners-guide

 

 

[:]

Email

Tags: , , , ,
Posted in Internet, Security, Students | 1 Comment »

« Older Entries
Newer Entries »