A large number of phishing e-mails are arriving in university mailboxes from GMail accounts with subjects like “DOCS” or “PAYMENT”.
The e-mail reads “Hello, Please find attached, Thanks.” or something similar.
The attachment is usually a PDF. When you attempt to open it, it seems to be encrypted and asks you to enter personal details to access the document.
The PDF is in fact an executable file that installs malware on your computer to steal personal details, such as passwords etc. This way the scammers can get hold of personal details and defraud you.
Earlier this week a person at Tygerberg campus was defrauded of over R6000 when they sent an EFT payment to a catering supplier who was using a hijacked GMail account.
The scammer intercepted the victim’s mail and inserted their own bank account details into the attached invoice. The EFT was then paid to the scammer’s account instead of the supplier.
Compromised GMail, Yahoo!Mail and Hotmail accounts are often used by fraudsters, so it is imperative that you do not respond to mails such as these.
If someone wants to send you a document, they should at least contact you and tell you that they are sending the mail before sending it, usually not unannounced.
It is far too easy for scammers to defraud people, because we are not alert enough and too trusting. Please be careful.
Also read more on phishing and other security risks on our blog.
[ARTICLE BY DAVID WILES]
Tags: phishing