%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20240517092409+00'00') /ModDate (D:20240517092409+00'00') /Title (IT-artikels) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 4586 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 182.860 521.469 563.874 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 183.235 520.719 563.124 re S 0.773 0.773 0.773 rg 61.016 617.359 m 550.984 617.359 l 550.984 618.109 l 61.016 618.109 l f 1.000 1.000 1.000 rg BT 278.868 698.693 Td /F1 10.5 Tf [(POST LIST)] TJ ET 0.200 0.200 0.200 rg BT 212.789 670.111 Td /F1 14.4 Tf [(INFORMASIETEGNOLOGIE)] TJ ET BT 221.824 643.466 Td /F1 11.7 Tf [(INFORMATION TECHNOLOGY)] TJ ET BT 61.016 583.841 Td /F1 14.4 Tf [(MORE INFORMATION ON CURRENT PHISHING ATTACK)] TJ ET 0.400 0.400 0.400 rg BT 61.016 564.033 Td /F3 9.0 Tf [(The university is in the middle of a serious spear-phishing attack and is the direct target of a group of criminals who have )] TJ ET BT 61.016 553.044 Td /F3 9.0 Tf [(registered and set up a South African website to fool university users into providing their e-mail addresses, usernames )] TJ ET BT 61.016 542.055 Td /F3 9.0 Tf [(and passwords. )] TJ ET BT 61.016 522.066 Td /F3 9.0 Tf [(Undoubtedly the same criminal cartel is now using e-mail accounts that were compromised in the last attack. )] TJ ET BT 495.176 522.066 Td /F3 9.0 Tf [(\(This time a )] TJ ET BT 61.016 511.077 Td /F3 9.0 Tf [(senior lecturer at Stellenbosch Campus\))] TJ ET BT 221.072 511.077 Td /F3 9.0 Tf [( The registered a South African domain name and have disguised the website to )] TJ ET BT 61.016 500.088 Td /F3 9.0 Tf [(look like the university’s WebMail Login page.)] TJ ET BT 61.016 480.099 Td /F3 9.0 Tf [(Spear phishing is an email-spoofing attack that targets a specific organization or individual like the university and is not )] TJ ET BT 61.016 469.110 Td /F3 9.0 Tf [(typically initiated by random hackers, but by perpetrators out for financial gain. As with emails used in regular phishing )] TJ ET BT 61.016 458.121 Td /F3 9.0 Tf [(expeditions, spear-phishing messages appear to come from a trusted source. This case a sun.ac.za address. The )] TJ ET BT 61.016 447.132 Td /F3 9.0 Tf [(apparent source of the email is likely to be an individual within the recipient's own company -- generally, someone in a )] TJ ET BT 61.016 436.143 Td /F3 9.0 Tf [(position of authority -- or from someone the target knows personally, thus its potential danger.)] TJ ET BT 61.016 416.154 Td /F4 9.0 Tf [(It is important that you do NOT click on any of the included links in the mail or enter your username or password.)] TJ ET BT 61.016 405.165 Td /F3 9.0 Tf [(You should never do this at any time, as Information Technology would never ask you to do so!)] TJ ET BT 61.016 385.176 Td /F3 9.0 Tf [(Just because the mail looks legitimate and the web page *looks* like it is genuine, does not make it so.)] TJ ET BT 61.016 365.187 Td /F3 9.0 Tf [(If you have received mail that looks like this please immediately report it to the Information Technology Security Team )] TJ ET BT 61.016 354.198 Td /F3 9.0 Tf [(using the following method:)] TJ ET BT 61.016 334.209 Td /F3 9.0 Tf [(Send the spam/phishing mail to )] TJ ET 0.373 0.169 0.255 rg BT 189.077 334.209 Td /F3 9.0 Tf [(help@sun.ac.za)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 189.077 333.058 m 253.742 333.058 l S 0.400 0.400 0.400 rg BT 61.016 314.220 Td /F3 9.0 Tf [(If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and )] TJ ET BT 61.016 303.231 Td /F3 9.0 Tf [(password you should immediately go to )] TJ ET 0.373 0.169 0.255 rg BT 221.081 303.231 Td /F3 9.0 Tf [(http://www.sun.ac.za/useradm)] TJ ET 0.18 w 0 J [ ] 0 d 221.081 302.080 m 341.627 302.080 l S 0.400 0.400 0.400 rg BT 341.627 303.231 Td /F3 9.0 Tf [( and change the passwords on ALL your university )] TJ ET BT 61.016 292.242 Td /F3 9.0 Tf [(accounts \(making sure the new password is completely different, and is a strong password that will not be easily )] TJ ET BT 61.016 281.253 Td /F3 9.0 Tf [(guessed.\) as well as changing the passwords on your social media and private email accounts \(especially if you use the )] TJ ET BT 61.016 270.264 Td /F3 9.0 Tf [(same passwords on these accounts.\))] TJ ET BT 61.016 250.275 Td /F3 9.0 Tf [(Please be careful out there. These criminals are now targeting the university, no doubt based on their past successes. )] TJ ET BT 61.016 239.286 Td /F3 9.0 Tf [(Keep alert and on the lookout.)] TJ ET BT 458.968 219.297 Td /F3 9.0 Tf [([Article by David Wiles])] TJ ET BT 61.016 200.808 Td /F3 9.0 Tf [(Posted in:E-mail,Phishing,Security | Tagged:Phishing | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 189.0767 333.3766 253.7417 342.5341 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (mailto:help@sun.ac.za) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 221.0807 302.3986 341.6267 311.5561 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (http://www.sun.ac.za/useradm) >> endobj xref 0 16 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000305 00000 n 0000000334 00000 n 0000000469 00000 n 0000000558 00000 n 0000005196 00000 n 0000005308 00000 n 0000005415 00000 n 0000005531 00000 n 0000005651 00000 n 0000005779 00000 n 0000005852 00000 n 0000005980 00000 n trailer << /Size 16 /Root 1 0 R /Info 5 0 R >> startxref 6060 %%EOF More information on current phishing attack « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

«
»

More information on current phishing attack

The university is in the middle of a serious spear-phishing attack and is the direct target of a group of criminals who have registered and set up a South African website to fool university users into providing their e-mail addresses, usernames and passwords. 

Undoubtedly the same criminal cartel is now using e-mail accounts that were compromised in the last attack. (This time a senior lecturer at Stellenbosch Campus) The registered a South African domain name and have disguised the website to look like the university’s WebMail Login page.

Spear phishing is an email-spoofing attack that targets a specific organization or individual like the university and is not typically initiated by random hackers, but by perpetrators out for financial gain. As with emails used in regular phishing expeditions, spear-phishing messages appear to come from a trusted source. This case a sun.ac.za address. The apparent source of the email is likely to be an individual within the recipient’s own company — generally, someone in a position of authority — or from someone the target knows personally, thus its potential danger.

It is important that you do NOT click on any of the included links in the mail or enter your username or password. You should never do this at any time, as Information Technology would never ask you to do so!

Just because the mail looks legitimate and the web page *looks* like it is genuine, does not make it so.

If you have received mail that looks like this please immediately report it to the Information Technology Security Team using the following method:

Send the spam/phishing mail to help@sun.ac.za

If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and password you should immediately go to http://www.sun.ac.za/useradm and change the passwords on ALL your university accounts (making sure the new password is completely different, and is a strong password that will not be easily guessed.) as well as changing the passwords on your social media and private email accounts (especially if you use the same passwords on these accounts.)

Please be careful out there. These criminals are now targeting the university, no doubt based on their past successes. Keep alert and on the lookout.

[Article by David Wiles]

Email

Tags:

This entry was posted on Monday, August 7th, 2017 at 9:50 am and is filed under E-mail, phishing, Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.

 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.