%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R 12 0 R ] /Count 2 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250714124905+00'00') /ModDate (D:20250714124905+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Length 5576 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 73.757 521.469 672.977 re f 0.773 0.773 0.773 rg 0.773 0.773 0.773 RG 45.266 746.734 m 566.734 746.734 l 565.984 745.984 l 46.016 745.984 l f 566.734 746.734 m 566.734 73.757 l 565.984 73.757 l 565.984 745.984 l f 45.266 746.734 m 45.266 73.757 l 46.016 73.757 l 46.016 745.984 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(PHISHING SCAM DISGUISED AS AN OUTSURANCE R400 PREMIUM )] TJ ET BT 61.016 676.134 Td /F1 14.4 Tf [(CLAIM)] TJ ET 0.400 0.400 0.400 rg BT 61.016 647.326 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 647.326 Td /F3 9.0 Tf [(January 01,1970)] TJ ET BT 173.588 647.326 Td /F2 9.0 Tf [( by )] TJ ET BT 188.096 647.326 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 619.837 Td /F4 9.0 Tf [(This week a phishing scam is in the disguise of an alleged payout by Outsurance of a R400 premium, is circulating. Now if )] TJ ET BT 61.016 608.848 Td /F4 9.0 Tf [(you are an Outsurance member, then this scam can fool you, but there are a number of telltale points that will reveal this )] TJ ET BT 61.016 597.859 Td /F4 9.0 Tf [(mail to be a scam:)] TJ ET BT 78.360 577.886 Td /F4 9.0 Tf [(1.)] TJ ET BT 91.016 577.870 Td /F4 9.0 Tf [(So-called branding \(with an Outsurance Logo and a Sender that looks like it comes from Outsurance\) are easily )] TJ ET BT 91.016 566.881 Td /F4 9.0 Tf [(counterfeited.)] TJ ET BT 78.360 555.908 Td /F4 9.0 Tf [(2.)] TJ ET BT 91.016 555.892 Td /F4 9.0 Tf [(Outsurance has most of your details if you are a client and the salutation will always be your name and never just )] TJ ET BT 91.016 544.903 Td /F4 9.0 Tf [("Dear Client".)] TJ ET BT 78.360 533.930 Td /F4 9.0 Tf [(3.)] TJ ET BT 91.016 533.914 Td /F4 9.0 Tf [(Outsurance does not use Dropbox to deliver ANY documents. They will always use their own systems and usually )] TJ ET BT 91.016 522.925 Td /F4 9.0 Tf [(send PDF documents after informing you via e-mail AFTER calling you personally and confirming some personal )] TJ ET BT 91.016 511.936 Td /F4 9.0 Tf [(details.)] TJ ET BT 78.360 500.963 Td /F4 9.0 Tf [(4.)] TJ ET BT 91.016 500.947 Td /F4 9.0 Tf [(Outsurance will have a registered contact e-mail address on their system, but they will never ask for your e-mail )] TJ ET BT 91.016 489.958 Td /F4 9.0 Tf [(password. Hopefully, you do not use your University of Stellenbosch e-mail address for as your personal contact )] TJ ET BT 91.016 478.969 Td /F4 9.0 Tf [(address.)] TJ ET BT 78.360 467.996 Td /F4 9.0 Tf [(5.)] TJ ET BT 91.016 467.980 Td /F4 9.0 Tf [(This e-mail's grammar is terrible. It is very unprofessional and the use of threats such as "PAYOUT will be denied if )] TJ ET BT 91.016 456.991 Td /F4 9.0 Tf [(details are inconsistent/wrong" is usually a typical tactic of phishers.)] TJ ET BT 78.360 446.018 Td /F4 9.0 Tf [(6.)] TJ ET BT 91.016 446.002 Td /F4 9.0 Tf [(Scammers are wanting personal details and your signature. Why? So they can use it to gain access to your other )] TJ ET BT 91.016 435.013 Td /F4 9.0 Tf [(accounts that have money, like bank accounts, or use your signature \(that you sent them\) to sign forged cheques )] TJ ET BT 91.016 424.024 Td /F4 9.0 Tf [(etc.)] TJ ET BT 61.016 404.035 Td /F4 9.0 Tf [(Standard Bank South Africa recently lost R300 million in ATM fraud in Japan this week. The criminals used forged credit )] TJ ET BT 61.016 393.046 Td /F4 9.0 Tf [(cards. No doubt the details on those cards were obtained using names and details that they obtained from phishing scams )] TJ ET BT 61.016 382.057 Td /F4 9.0 Tf [(such as this Outsurance scam. Crime syndicates often exchange and share data they obtain amongst their fellow )] TJ ET BT 61.016 371.068 Td /F4 9.0 Tf [(syndicates and use it to commit fraud.)] TJ ET BT 61.016 351.079 Td /F4 9.0 Tf [(Here is an example of the Outsurance scam mail that is circulating at the moment. We removed the "DropBox" link and )] TJ ET BT 61.016 340.090 Td /F4 9.0 Tf [(the attached file for your safety.)] TJ ET BT 61.016 320.101 Td /F4 9.0 Tf [(~~~)] TJ ET BT 61.016 289.312 Td /F4 9.0 Tf [(From: OUTsurance [mailto:premium@OUTsurance.co.za] )] TJ ET BT 61.016 278.323 Td /F4 9.0 Tf [(Sent: 24 May 2016 08:45 AM)] TJ ET BT 61.016 267.334 Td /F4 9.0 Tf [(To: Recipients )] TJ ET BT 61.016 256.345 Td /F4 9.0 Tf [(Subject: Claim your Outsurance R400 premium)] TJ ET BT 61.016 236.356 Td /F4 9.0 Tf [(Dear Client,)] TJ ET BT 61.016 216.367 Td /F4 9.0 Tf [(Your monthly R400 premium PAYOUT is ready. Please log in to our DropBox document file with correct Email address )] TJ ET BT 61.016 205.378 Td /F4 9.0 Tf [(and Email Password registered with us to confirm details. PAYOUT will be denied if details are inconsistent/wrong. )] TJ ET BT 61.016 194.389 Td /F4 9.0 Tf [(Download, print and sign the forms, attach and email back to us for payment to be effected.)] TJ ET BT 61.016 174.400 Td /F4 9.0 Tf [(OUTsurance premium PAYOUT)] TJ ET 0.153 0.153 0.153 RG 0.18 w 0 J [ ] 0 d 61.016 173.249 m 189.041 173.249 l S BT 61.016 154.411 Td /F4 9.0 Tf [(Thank you.)] TJ ET BT 61.016 134.422 Td /F4 9.0 Tf [( 2015 OUTsurance Insurance Company Limited and OUTsurance Life Insurance Company Limited A Member of the )] TJ ET BT 61.016 123.433 Td /F4 9.0 Tf [(Rand Merchant Insurance Holdings \(RMI\) Group and an Authorised Financial Services Provider FSP \(896\))] TJ ET BT 61.016 103.444 Td /F4 9.0 Tf [()] TJ ET BT 432.949 83.455 Td /F4 9.0 Tf [([ARTICLE BY DAVID WILES])] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Page /Parent 3 0 R /Contents 13 0 R >> endobj 13 0 obj << /Length 618 >> stream 0.153 0.153 0.153 rg 0.153 0.153 0.153 RG 0.18 w 0 J [ ] 0 d 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 719.245 521.469 38.739 re f 0.773 0.773 0.773 rg 0.773 0.773 0.773 RG 45.266 719.245 m 566.734 719.245 l 565.984 719.995 l 46.016 719.995 l f 566.734 757.984 m 566.734 719.245 l 565.984 719.995 l 565.984 757.984 l f 45.266 757.984 m 45.266 719.245 l 46.016 719.995 l 46.016 757.984 l f 61.016 734.995 m 550.984 734.995 l 550.984 735.745 l 61.016 735.745 l f 0.400 0.400 0.400 rg BT 61.016 749.193 Td /F2 9.0 Tf [(Posted in:E-mail,Security | | With 0 comments)] TJ ET endstream endobj xref 0 14 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000312 00000 n 0000000341 00000 n 0000000479 00000 n 0000000542 00000 n 0000006170 00000 n 0000006282 00000 n 0000006397 00000 n 0000006517 00000 n 0000006625 00000 n 0000006690 00000 n trailer << /Size 14 /Root 1 0 R /Info 5 0 R >> startxref 7360 %%EOF May « 2016 « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

May, 2016

« Older Entries
Newer Entries »

How safe is information on your device?

Wednesday, May 25th, 2016

Smartphones frequently act as the control centres where we schedule meetings, send e-mails and socialise. To satisfy these needs, they require personal information.

Our lives are documented and stored in e-mails, social networks and the apps we install on our phones. All this information syncs seamlessly with your work PC or your tablet. And after initial  set up, it might not even prompt you for a password again. Wonderful news if you are terrible at remembering passwords. Also, wonderful news if you are the thief who steals a smartphone.

What information would a clever criminal get his hands on if you lose your smartphone now? Banking information? A copy of your ID or passport saved somewhere in your e-mail? All your holiday photos on Dropbox? 

Here are a few tips to ensure he won’t be able to get to it:

  1. Always enable the password option on your phone to lock your screen. Most phones have various options – typing in a password, a pin code or even swiping a sequence of dots. This is your first line of defence.
  2.  Don’t select “remember password” on any of your apps or your e-mail applications. Yes, it is a nuisance to type in your password, but do you really want someone else to read your e-mails? 
  3. Turn off cookies and autofill. This prevents your device from remembering your username and possibly even your password at websites you regularly visit.
  4. If you need to access sensitive information, e.g. banking, rather go to the website, via a web browser, than using an app.
  5. Set up your phone to be tracked if you do lose it. (Read our previous instructions on locating lost or stolen devices here.) A device can also be wiped remotely in some cases, which at least ensures that your information doesn’t end up being used, even though your actual device is.

Remember that you also need to remove ALL personal data (for example e-mails, SMS’s and telephone numbers) and anything which could connect you to the phone when you sell or dispose of it. 

Email

Posted in Apps, E-mail, Security | Comments Off on How safe is information on your device?

One password less

Thursday, May 12th, 2016

We have good news for everyone who struggles to remember a plethora of passwords. Soon there will be one less when we simplify AIS/Tera Term’s login procedure.  

This new development means that you will soon be able to log into sun022, the system which, among others, hosts Tera Term, with your standard network username and password.

Phase one of the process is a “soft roll-out”, where SSO (Same Sign On) will be implemented. During this period, you will still be able to log in with your network username or, until it expires, with your existing AIS username. When your AIS password expires, the IT Service desk will not be able to reset it and you will have to start using your network username and password.

The primary AIS usernames of current AIS users (with more than one AIS username) will be connected to their network username.

After SSO is implemented, newly created AIS users’ usernames will be set to their SU number. This also implies that AIS usernames, roles, and functions will not be reused.

Take note that passwords for these functions should not be shared among staff and that, in doing so, the Electronic Communications Policy is violated. The new SSO approach also means that one password will give also give you access to your private Human Resources information. In other words, if you share your password, you also share your personal information.

For any enquiries, please contact the IT Service desk at 808 4367.

Email

Tags:
Posted in General | Comments Off on One password less

Phishing scammmers change tactics

Tuesday, May 10th, 2016

Earlier this week Tygerberg was subjected to a particularly pervasive attempt by phishing fraudsters to obtain usernames and passwords from users by fooling them to “Activating” their Outlook 2016 account.

Although mostly unsuccessful due to the fact that most personnel are wide awake and sensitive to phishing attacks, this does not stop the attempts. The fraudsters merely change their tactics. Stealing data and gaining access to personal details such as usernames and passwords is very, very profitable!

Today’s phishing scam uses a different method by hiding behind an educational institution’s name and adding a “throw-away” website address at the end.

——————————————————————

Dear Account User,

We are shutting down your Bulk SMS, Cellfindportal today in a course to activate Microsoft Outlook Web access 2016. You need to upgrade your Bulk SMS, Cellfindportal immediately otherwise it will be deactivated. 

To activate go to http://bulk-sms-cellfindportal-sun.ac.za.webeden.co.uk 

The Information Technology department encourages you to take the following measures to protect your account.

Sincerely

IT Customer Support Center© 2016 CELL FIND LLC. All Rights Reserved

The University of Stellenbosch is a charitable body, registered in

Republic of South Africa, with registration number ZA005336.

——————————————————————

We’ve removed the dangerous part of the mail, but you hopefully can see how we can be fooled if we see the “sun.ac.za” address and see the “disclaimer” at the end, and think that it is from the University.

Information Technology will never send you mail like this and if they do mail you, it will always be branded and linked to a sun.ac.za site, and the grammar will be a lot better than this example, and will be bilingual at least!

[ARTICLE BY DAVID WILES]

Email

Posted in E-mail, Security | Comments Off on Phishing scammmers change tactics

272 million e-mail addresses hacked

Monday, May 9th, 2016

On Wednesday the Internet was abuzz with news of a Wisconsin security firm obtaining a database of 272 million e-mail addresses, with their associated passwords, from a Russian fraudster.

How did a cyber criminal get his hands on the e-mail addresses and passwords?

Easily, by using the same phishing tricks that we regularly warn you about – using an e-mail, warning you about upgrades to Outlook and that you must “CLICK” on the link to activate the upgrades or your account. Victims literally give their e-mail address and password to the fraudster.

Several of our colleagues were fooled by the mail and did actually go to the site and unwittingly gave their details to the scammers. Luckily, we were able to help them quickly to undo the damage.

However, in retrospect, a deeper problem was picked up:

The stolen passwords and email addresses from the Russian database, which included Gmail, Yahoo and Russia’s mail.ru accounts, were not hacked directly from GMail or Yahoo but they had been taken from various smaller, less secure websites where people use their email addresses along with the SAME password to log in.

Those people who tend to use the same password for multiple sites as well as their email are at risk and should change their email password and avoid using “one password for everything”. It is like having a master key for every lock on your house. If that key is stolen then burglars can get access to every locked door in your house using one key!

Secondly, if you suspect your e-mail password has been compromised and you change your password, it should always be changed to something COMPLETELY different. In other words if your password is for instance “Christopher123”, then changing your password to “Christopher124” is not good enough that change is easily guessed.

If you have a Gmail or Yahoo account and are concerned that your e-mail address is possibly on the Russian database, then you can go to the following links: (they are safe as they do not ask for passwords)

http://securityalert.knowem.com/
https://haveibeenpwned.com/

[ARTICLE BY DAVID WILES]

 

Email

Posted in E-mail | Comments Off on 272 million e-mail addresses hacked

Fake library activation e-mail

Friday, May 6th, 2016

An e-mail regarding reactivation of library accounts is being circulated to staff and students. (see below) You will never be asked to reactivate your library access. 

The e-mail below contains a malicious link and should you use it and log in, it will harvest your details and abuse it elsewhere. 

Please ignore and delete this e-mail immediately. It seems phishing criminals are getting more and more clever and their e-mails are also getting more convincing. Be vigilant and don’t believe everything you read.

————————————————————————

From: Fake SU name [mailto:fakeaddress@sun.ac.za] –
Sent: 06 May 2016 08:34
To: Another fake SU name <fakeaddress2@sun.ac.za>
Subject: Library Services

Dear User,

This message is to inform you that your access to your library account will soon expire. You will have to login to your account to continue to have access to the library services.
You need to reactivate it just by logging in through the following URL. A successful login will activate your account and you will be redirected to your library profile.

http://fakeaddresswhichalmostlookslikethelibrarys

If you are not able to login, please contact Fake SU name at fakeaddress@sun.ac.za for immediate assistance.

Sincerely,

Fake SU name
Information Technology
Stellenbosch University Home
021 808 9965
fakeaddress@sun.ac.za

Email

Posted in Security | Comments Off on Fake library activation e-mail

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.