%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250718070202+00'00') /ModDate (D:20250718070202+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R 16 0 R 18 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 5169 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 243.125 521.469 503.609 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 243.500 520.719 502.859 re S 0.773 0.773 0.773 rg 61.016 258.875 m 550.984 258.875 l 550.984 259.625 l 61.016 259.625 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(PHISHING: SABC TV LICENCE PAYMENT REQUEST)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(January 01,1970)] TJ ET BT 173.588 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 188.096 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(The SABC slogan goes: “Pay your TV licence. It’s the right thing to do” or something to that effect. Falling for this phishing )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(scam, will NOT be the right thing to do.)] TJ ET BT 61.016 606.442 Td /F4 9.0 Tf [(This phishing scam from the “SABC” about payment of your TV Licence, is very clever as it uses a so-called encrypted-)] TJ ET BT 61.016 595.453 Td /F4 9.0 Tf [(PDF to capture data like the victim's ID Number, Passport Number or Company Registration number. Once the data is )] TJ ET BT 61.016 584.464 Td /F4 9.0 Tf [(captured, it asks you for banking account details etc. to do the “payment” for a TV Licence. The data is captured by the )] TJ ET BT 61.016 573.475 Td /F4 9.0 Tf [(PDF, which is then sent to a server controlled by the criminals, who will use it to defraud them of their money.)] TJ ET BT 61.016 553.486 Td /F4 9.0 Tf [(This is what the phishing email looks like \(with the dangerous parts removed\):)] TJ ET 0.592 0.592 0.592 rg 0.592 0.592 0.592 RG 305.016 543.788 m 306.516 543.788 l 305.766 543.038 l 305.766 543.038 l f 1.000 1.000 1.000 rg 1.000 1.000 1.000 RG 305.016 541.538 m 306.516 541.538 l 305.766 542.288 l 305.766 542.288 l f 306.516 543.788 m 306.516 541.538 l 305.766 542.288 l 305.766 543.038 l f 0.592 0.592 0.592 rg 0.592 0.592 0.592 RG 305.016 543.788 m 305.016 541.538 l 305.766 542.288 l 305.766 543.038 l f 0.153 0.153 0.153 rg BT 61.016 523.747 Td /F3 9.0 Tf [(From:)] TJ ET 0.373 0.169 0.255 rg BT 89.015 523.747 Td /F2 9.0 Tf [(forged_address@lettersonline.co.za)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 89.015 522.596 m 233.213 522.596 l S 0.153 0.153 0.153 rg BT 233.213 523.747 Td /F2 9.0 Tf [( [)] TJ ET 0.373 0.169 0.255 rg BT 238.217 523.747 Td /F2 9.0 Tf [(mailto:forged_address@lettersonline.co.za)] TJ ET 0.18 w 0 J [ ] 0 d 238.217 522.596 m 408.920 522.596 l S 0.153 0.153 0.153 rg BT 408.920 523.747 Td /F2 9.0 Tf [(] )] TJ ET BT 61.016 512.758 Td /F3 9.0 Tf [(Sent:)] TJ ET BT 83.516 512.758 Td /F2 9.0 Tf [( Monday, 24 July 2017 13:14)] TJ ET BT 61.016 501.769 Td /F3 9.0 Tf [(To:)] TJ ET BT 75.011 501.769 Td /F2 9.0 Tf [( University, Address <)] TJ ET 0.373 0.169 0.255 rg BT 162.788 501.769 Td /F2 9.0 Tf [(noreply@sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 162.788 500.618 m 239.954 500.618 l S 0.153 0.153 0.153 rg BT 239.954 501.769 Td /F2 9.0 Tf [(> <)] TJ ET 0.373 0.169 0.255 rg BT 252.968 501.769 Td /F2 9.0 Tf [(noreply@sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 252.968 500.618 m 330.134 500.618 l S 0.153 0.153 0.153 rg BT 330.134 501.769 Td /F2 9.0 Tf [(>)] TJ ET BT 61.016 481.780 Td /F3 9.0 Tf [(Subject:)] TJ ET BT 96.521 481.780 Td /F2 9.0 Tf [( SABC requires you to make payment on your TV license account)] TJ ET BT 61.016 461.791 Td /F2 9.0 Tf [(Hi, )] TJ ET BT 61.016 450.802 Td /F2 9.0 Tf [(Please find attached correspondence for your attention. The attachment is password protect. )] TJ ET BT 61.016 429.013 Td /F2 9.0 Tf [(The password for the attachment will be one of the following three options: )] TJ ET BT 61.016 418.024 Td /F2 9.0 Tf [(1. Your ID Number )] TJ ET BT 61.016 407.035 Td /F2 9.0 Tf [(2. Your Passport Number )] TJ ET BT 61.016 396.046 Td /F2 9.0 Tf [(3. Your Company Registration Number )] TJ ET BT 61.016 374.257 Td /F2 9.0 Tf [(Kind Regards)] TJ ET BT 61.016 363.268 Td /F2 9.0 Tf [(LettersOnline Team)] TJ ET 0.592 0.592 0.592 rg 0.592 0.592 0.592 RG 305.016 353.570 m 306.516 353.570 l 305.766 352.820 l 305.766 352.820 l f 1.000 1.000 1.000 rg 1.000 1.000 1.000 RG 305.016 351.320 m 306.516 351.320 l 305.766 352.070 l 305.766 352.070 l f 306.516 353.570 m 306.516 351.320 l 305.766 352.070 l 305.766 352.820 l f 0.592 0.592 0.592 rg 0.592 0.592 0.592 RG 305.016 353.570 m 305.016 351.320 l 305.766 352.070 l 305.766 352.820 l f 0.153 0.153 0.153 rg BT 61.016 333.529 Td /F4 9.0 Tf [(The PDF attachment will ask you for a password if you open it.  Do not open or enter any details on this PDF. The SABC )] TJ ET BT 61.016 322.540 Td /F4 9.0 Tf [(will never send you an email with a link or attached file to demand that you pay your licence. Neither will they send an )] TJ ET BT 61.016 311.551 Td /F4 9.0 Tf [(unbranded mail or with no personalised salutation.)] TJ ET BT 458.968 291.562 Td /F4 9.0 Tf [([Article by David Wiles])] TJ ET 0.400 0.400 0.400 rg BT 61.016 273.073 Td /F2 9.0 Tf [(Posted in:E-mail,Phishing,Security | Tagged:Phishing,SABC | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 89.0147 522.9142 233.2127 532.0717 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (mailto:letters@lettersonline.co.za) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 238.2167 522.9142 408.9197 532.0717 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (mailto:forged_address@lettersonline.co.za) >> endobj 16 0 obj << /Type /Annot /Subtype /Link /A 17 0 R /Border [0 0 0] /H /I /Rect [ 162.7877 500.9362 239.9537 510.0937 ] >> endobj 17 0 obj << /Type /Action /S /URI /URI (mailto:noreply@sun.ac.za) >> endobj 18 0 obj << /Type /Annot /Subtype /Link /A 19 0 R /Border [0 0 0] /H /I /Rect [ 252.9677 500.9362 330.1337 510.0937 ] >> endobj 19 0 obj << /Type /Action /S /URI /URI (mailto:noreply@sun.ac.za) >> endobj xref 0 20 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000305 00000 n 0000000334 00000 n 0000000472 00000 n 0000000575 00000 n 0000005796 00000 n 0000005908 00000 n 0000006023 00000 n 0000006143 00000 n 0000006251 00000 n 0000006378 00000 n 0000006464 00000 n 0000006592 00000 n 0000006685 00000 n 0000006813 00000 n 0000006889 00000 n 0000007017 00000 n trailer << /Size 20 /Root 1 0 R /Info 5 0 R >> startxref 7093 %%EOF July « 2017 « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

July, 2017

Newer Entries »

Warning about DirectAxis Financial Services spam

Wednesday, July 19th, 2017

There have been reports of personnel and students getting numerous “spam” messages from DirectAxis Financial Services offering financial loans at 5% interest. This email is sent from a number of  “throwaway” e-mail addresses like outlook.com, Hotmail and webmail.co.za.

Some students and personal are struggling to manage their finances and these “offers” can be very tempting.

There are usually attached PDFs with each message where the company advertises loans and abnormally low-interest rates, and although currently there is no embedded malware or links to servers where you would be asked to give your user name and password, the spammers nevertheless ask you for your ID NUMBER, Full Names, Occupation, Monthly income and Contact details, which can be used for identity theft.

Although DirectAxis is a legitimate South African microlender, in the past, their company letterhead has been forged and used by criminals to commit fraud. Secondly, this particular Company has a number of charges against it by the Direct Marketing Association of South Africa for using ”spam databases” to spam millions of South Africans with their adverts. This puts them in violation of the “Protection of Personal Information Act” [http://www.justice.gov.za/legislation/acts/2013-004.pdf]

Don’t be fooled by companies offering you loans at a ridiculously low-interest rate (Here are some handy tips to spot frauds)

  • Any company that says it doesn’t care about your credit history has no intention of lending you money. A legitimate lending institution wants to know whether you pay your bills on time and in full. It needs some assurance that you’ll repay what you borrow.
  • Search the business’ website for an address where it legally does business. Lenders and loan brokers must be registered in the country where they conduct business.
  • One should never pay to get a personal loan. Many scammers ask borrowers to provide a prepaid debit card for insurance, collateral or fees.
  • Make sure a padlock icon appears somewhere on the web pages where you’re asked to type in personal information. Don’t override any warning saying a site’s security certificate has expired and pay attention to the URLs you click on.
  • When you find a lender online, go through the site to determine its physical location. Do they provide a street address? However it may be a fake! If you don’t find any indication of their location, you should avoid the lender.
  • Some websites appear to offer different types of personal loans but aren’t actually lenders, but sell your personal information to other loan companies. Many “microlenders” merely collect your personal and financial information for other companies.
  • Don’t fall for the “Act Now” urgency plea. Many criminals often give you a deadline and say their offer won’t exist tomorrow.

[Article by David Wiles]

Email

Tags:
Posted in E-mail, Security | Comments Off on Warning about DirectAxis Financial Services spam

Network access problems: update

Thursday, July 13th, 2017

On Tuesday, during an update of PCs on our network, contradictory instructions were sent to devices, which caused some users’ network access to be blocked.

Regular updates ensure that all PCs adhere to the necessary security requirements and are vital in our fight against cybercrime.

We apologise for the inconvenience and assure you that necessary measures will be put in place to prevent any similar occurrences. A big thank you to staff in the various departments who assisted us in correcting the problem.

If you have any enquiries, please let us know by logging a request on ServiceNow or calling our Service Desk at 808 4367.

 

 

Email

Posted in Connectivity | Comments Off on Network access problems: update

Fix for network access problem

Wednesday, July 12th, 2017

Some users will experience network problems since yesterday afternoon. Outlined below, is the easiest way to fix the problem.

STEPS:

1.       Click Start menu button

2.       Type “firewall.cpl” , then enter – this open the firewall options.

3.       Click on “Turn Windows Firewall on or off”

4.       Then Click “Turn off Windows Firewall” at every options

 

 

5.       Click “OK” to set these options.

6.       Now you should see your network return.

7.       Restart your PC, after which you have to go back to your firewall, and turn it on

8.       Click “Turn on Windows Firewall” at every option

9.       Click “OK” to set option.

Email

Tags:
Posted in Connectivity | Comments Off on Fix for network access problem

Defeat ransomware: Backup your data

Wednesday, July 5th, 2017

The destructive Petya ransomworm caused destruction and major interruptions of services around the world last week. Unfortunately, it’s becoming progressively more difficult to avoid these attacks as cybercriminals become more clever and inventive in their methods. While there are ways to prevent that you fall prey to such an attack, there’s one thing you can do which will ensure that you are safe. And it’s not technical or difficult to do.

Once a week, backup all your data. Yes, this is a menial, boring administrative task – and we all hate those, but by ensuring that your data is safe and sound elsewhere, it won’t matter if your PC is infected by ransomware or any other malware. If you do lose your data, you will have another version available. 

Here are a few quick tips to help you:

  1. Choose one day a week which suits you and make an appointment in your diary to do a weekly backup.
  2. Try not to overwrite your previous backup. Rather make consecutive copies in various folders on your external hard drive or on your network space and name each with the particular day’s date. If any of the documents become corrupt for some reason, you can always fall back on a previous version.
  3. Regularly check that the medium on which you made your backup is still in working order and you’re able to access your documents.
  4. Use more than one backup medium, for example, your network space AND an external hard drive.

Where should you backup data?

  1. Each staff member has access to his/her own network space (usually the h-drive) where you can save an allocated amount of data for free. You have 1GB at your disposal to backup your most critical documents. At an extra cost of R10-00 per 1GB this space can also be increased. This network space is also available via the web at storage.sun.ac.za if you find yourself away from the SU network. 
  2. On your departmental network space (usually the g-drive). The departmental drive can be used for files used by more than one person and 15GB is allocated to each department. SharePoint can also be used by groups for sharing documents.
  3. OneDrive allows each staff member 5TB of storage space. This is available via the Office365 suite. https://portal.office.com/
  4. If you choose to have your data close at hand, get yourself an external hard drive. Never save important data on a flash drive – its sole function is for transporting data from one device to another and is not a dependable medium for backup. Just ensure that these devices are stored somewhere else (not also in your office) or in a safe. If confidential, SU documents are kept on an external hard drive, files have to be protected with a password or encrypted. Keep in mind that if you lose the password, not even IT can salvage your data.
  5. Alternatively, you can save data in the cloud. We’ve already mentioned OneDrive, but GoogleDrive or Dropbox are also examples of this. It is extremely important that cloud storage is only for personal use, not for any academic information or sensitive data. Also keep in mind that if you use more than one device, you have to sync data across devices and this will incur costs.

More tips on backups, as well as activating Windows’ automatic backup function on www.backblaze.com.

 

 
Email

Tags: ,
Posted in E-mail, Security, Tips | Comments Off on Defeat ransomware: Backup your data

Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.