%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> /XObject << /I1 12 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250528203250+00'00') /ModDate (D:20250528203250+00'00') /Title (Report 05-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 13 0 R 15 0 R 17 0 R 19 0 R 21 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 3896 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 142.409 521.469 604.325 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 142.784 520.719 603.575 re S 0.773 0.773 0.773 rg 61.016 158.159 m 550.984 158.159 l 550.984 158.909 l 61.016 158.909 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(PHISHING: SUBJECT UNUSUAL LOGIN ATTEMPT)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(January 01,1970)] TJ ET BT 173.588 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 188.096 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(A new phishing attempt on staff and students of Stellenbosch University by means of a fake website was launched earlier )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(this week.The website has been blocked by IT in the meantime so you will not be able to access it.)] TJ ET BT 61.016 606.442 Td /F4 9.0 Tf [(The mail will be simple with a subject line of Unusual Login Attempt.)] TJ ET BT 61.016 586.453 Td /F4 9.0 Tf [(The recipient field has been spoofed to hide the sender and recipient and the content of the mail is simply a link that says:)] TJ ET BT 61.016 566.464 Td /F4 9.0 Tf [(For Details )] TJ ET BT 110.021 566.464 Td /F4 9.0 Tf [(Verify)] TJ ET 0.153 0.153 0.153 RG 0.18 w 0 J [ ] 0 d 110.021 565.313 m 133.025 565.313 l S BT 133.025 566.464 Td /F4 9.0 Tf [( \(with the Verify links to a website called stellenboschuniversity.weebly.com\) \(See example below\))] TJ ET q 375.000 0 0 189.750 61.016 365.516 cm /I1 Do Q BT 61.016 347.725 Td /F4 9.0 Tf [(If you suspect an email is a phishing attempt, please immediately report it to the Information Technology Security Team. )] TJ ET BT 61.016 336.736 Td /F4 9.0 Tf [(With your help, we can block the malicious website as soon as possible and quarantine the compromised sun account )] TJ ET BT 61.016 325.747 Td /F4 9.0 Tf [(from which the email is sent. If you are not sure how to recognise a phishing email, )] TJ ET 0.373 0.169 0.255 rg BT 392.657 325.747 Td /F4 9.0 Tf [(here are a few tips.)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 392.657 324.596 m 469.193 324.596 l S 0.153 0.153 0.153 rg BT 469.193 325.747 Td /F4 9.0 Tf [( Also have a look at )] TJ ET BT 61.016 314.758 Td /F4 9.0 Tf [(examples of)] TJ ET 0.373 0.169 0.255 rg BT 109.535 314.758 Td /F4 9.0 Tf [( previous phishing attempts.)] TJ ET 0.18 w 0 J [ ] 0 d 109.535 313.607 m 221.585 313.607 l S BT 61.016 294.769 Td /F1 9.0 Tf [(Instructions to report a phishing, spam or malware incident.)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 293.339 m 317.579 293.339 l S 0.153 0.153 0.153 rg BT 61.016 274.780 Td /F4 9.0 Tf [(If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and )] TJ ET BT 61.016 263.791 Td /F4 9.0 Tf [(password you should immediately go to )] TJ ET 0.373 0.169 0.255 rg BT 221.081 263.791 Td /F4 9.0 Tf [(http://www.sun.ac.za/useradm)] TJ ET 0.18 w 0 J [ ] 0 d 221.081 262.640 m 341.627 262.640 l S 0.153 0.153 0.153 rg BT 341.627 263.791 Td /F4 9.0 Tf [( and change the passwords on ALL your university )] TJ ET BT 61.016 252.802 Td /F4 9.0 Tf [(accounts \(making sure the new password is completely different, and is a strong password that will not be easily )] TJ ET BT 61.016 241.813 Td /F4 9.0 Tf [(guessed.\) as well as changing the passwords on your social media and private e-mail accounts \(especially if you use the )] TJ ET BT 61.016 230.824 Td /F4 9.0 Tf [(same passwords on these accounts.\))] TJ ET BT 432.949 210.835 Td /F4 9.0 Tf [([ARTICLE BY DAVID WILES])] TJ ET BT 548.482 190.846 Td /F4 9.0 Tf [()] TJ ET 0.400 0.400 0.400 rg BT 61.016 172.357 Td /F2 9.0 Tf [(Posted in:E-mail,Phishing,Security | Tagged:Phishing | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /XObject /Subtype /Image /Width 500 /Height 253 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 6556>> stream JFIF;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82 C    !'"#%%%),($+!$%$C   $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?y$#Nx7PQvϘ2FbisFk|K3aD҄ M_ۃMiq 88@is\xxRvIVvOJ27HqO `2+Ց.|9@ܮ wSkcdFUVUecKCI⻸}#rR w`r>TuQ@Q@Q@RPE%-Q@QIK@RPE%-Q@QIK@RPE%-Q@Q@Q@(4PEP(QfoT sz߁ձSU%#.QdxQT?ו\-ʷ@ &n9ӌ]ӳ=.B(`I=G?魤I"6GNWA..c;_Minn DH\xՈn|9aqn-B8]Cn'W/-^pLn0q{ 5`y$y;z)k.,n'oپ2cr+e4[!0"Am <U9{!ڱ7),vbl}ҞOo"EEQv~VM6_7|q xn"X27&u{YIJOpG#~e~lFc,^ Mt4U)7RER6=1ϯ6`ュb, G]&nⵍ[::]}ɍwO5n{c"9w He> ܻ<c+Ntmb.Ax-QU3*cVmt,A;epO8Lt&6W sS[jvwrV1J2ʬ IYX#tRjVsk/,pP*լ?}jHtee# AQMZEPEPEPEPEPEPEU G[Z%X N!S-1Ep1EWKy'_ ߯$z52q@hػ[ qz}jh."MȒ/QEQEQEQEQEQEC7?? "3^7?? *}OU{[uG'@!LoiZqK^,ȬK VF[ ̶6֝smx +Zu~w@+"տ/_΄4pB+_Vf7h_[Ew̋q"4ԀN @=OE "KXAu^\#I$ΫlE@/I\Ds!|×WڧȠ2*9!Pȑ`I 3EPt٘9\=O8K #I0ɝr@Zh}<=vZhGns1F,0I9AV ՠ{y(,}C8bzζ(`9|-qj(!Hnj{7r1dm aݹǥlL k-IJ_yS>|nI$yL{Vm۩X'I䚳Eȿխ>(((((())h msCWݒXH<ǏJ/bw-*)9H=x1۬ M`ŏ\u M[޲6ݬ|,68IRIof3gQX` q[vmdhF9,jQEQEQEQEQEQE `x&C\p0],r̥NAKMlt%Jܹg'4KIz7Q@>6ILHX{sN_Vf/m^qI閫kmĹ-s'խ?Y4! ʱߴ#+s dI]y@8RHO=Emxm Cv-RQ.Z9!aV#85RF񍎗nO[w|\“ֽ?#Q[KgW$EZEVe6|rɮZӵh,35iJY $Wa_QMrlyԚ?{J 4w-{{}Ѓ98=shRK=6[جR&gIpvq{VGG0#Bxs\mue;<$۠ȪZ׆'SQq*<:oʏSQq*<:oʏSQq*<:oʏSQq*<:ʏRyQq*uT_ʏ*?/KE'ʏR@ TT_ʖO*?/G򥢀ʏRyQq*uT_ʏ*?/KE'ʏR@ TT_ʖO*?/G򥢀ʏRyQq*uT_ʏ*?/KE'ShR5yO'_ʗO濕:g_ʏ)?T(R5|T(Zq*)P^qMCS񵍝4$h?Pw(ۥz5Blm0FnBFn}3@ /tR,"]:KIc L1c*wm=+CF5cOj,W?gKX J b$b; zz]ceĥ:sҬAY[XXc!T0Ē1Iɒ|c\yo-$y~ҋnQ(մb}\%OY ##'Hg4 Z]+CӬd^N=~Cӣ*F(W*rzzPju=K)uHۂBCQ?MFi60F `?v8|ᥒiF8 pxw_.M>`F <zG- $drMsj.'#2oUET x 繮T[Rɷ(c)$S`xj̺dwZ]]Ŵ> endobj 14 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/en/2016/10/how-to-recognise-a-phishing-e-mail/) >> endobj 15 0 obj << /Type /Annot /Subtype /Link /A 16 0 R /Border [0 0 0] /H /I /Rect [ 109.5347 313.9252 221.5847 323.0827 ] >> endobj 16 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/en/?s=phishing) >> endobj 17 0 obj << /Type /Annot /Subtype /Link /A 18 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 303.5599 61.0157 303.5599 ] >> endobj 18 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/) >> endobj 19 0 obj << /Type /Annot /Subtype /Link /A 20 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 293.9362 317.5787 303.0937 ] >> endobj 20 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/) >> endobj 21 0 obj << /Type /Annot /Subtype /Link /A 22 0 R /Border [0 0 0] /H /I /Rect [ 221.0807 262.9582 341.6267 272.1157 ] >> endobj 22 0 obj << /Type /Action /S /URI /URI (http://www.sun.ac.za/useradm) >> endobj xref 0 23 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000332 00000 n 0000000369 00000 n 0000000507 00000 n 0000000617 00000 n 0000004565 00000 n 0000004677 00000 n 0000004792 00000 n 0000004912 00000 n 0000005020 00000 n 0000011744 00000 n 0000011872 00000 n 0000011996 00000 n 0000012124 00000 n 0000012216 00000 n 0000012342 00000 n 0000012467 00000 n 0000012594 00000 n 0000012719 00000 n 0000012847 00000 n trailer << /Size 23 /Root 1 0 R /Info 5 0 R >> startxref 12927 %%EOF Phishing: Subject “Unusual Login Attempt” « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

«
»

Phishing: Subject “Unusual Login Attempt”

A new phishing attempt on staff and students of Stellenbosch University by means of a fake website was launched earlier this week. The website has been blocked by IT in the meantime so you will not be able to access it. 

The mail will be simple with a subject line of “Unusual Login Attempt”. 

The recipient field has been spoofed to hide the sender and recipient and the content of the mail is simply a link that says:

“For Details Verify” (with the Verify links to a website called “stellenboschuniversity.weebly.com”) (See example below)

If you suspect an email is a phishing attempt, please immediately report it to the Information Technology Security Team. With your help, we can block the malicious website as soon as possible and quarantine the compromised sun account from which the email is sent. If you are not sure how to recognise a phishing email, here are a few tips. Also have a look at examples of previous phishing attempts.

Instructions to report a phishing, spam or malware incident.

If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and password you should immediately go to http://www.sun.ac.za/useradm and change the passwords on ALL your university accounts (making sure the new password is completely different, and is a strong password that will not be easily guessed.) as well as changing the passwords on your social media and private e-mail accounts (especially if you use the same passwords on these accounts.)

[ARTICLE BY DAVID WILES]

 

Email

Tags:

This entry was posted on Monday, October 30th, 2017 at 4:09 pm and is filed under E-mail, phishing, Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.

 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.