Please note that there is currently a new, and dangerous phishing scam making the rounds throughout the university.
Unfortunately, several *internal* e-mail addresses, including students and personnel that were earlier compromised, are being used to spread the phishing scam. With both students and personnel being distracted by the FeesMustFall protest actions both within the faculty and at the Main Campus, they are less alert to the ongoing threat from outside and this seems to have resulted in a number of personnel and student account details being “hijacked”and used.
The mail comes from a university address, so victims think that it has to be legitimate, which heightens the threat.
Below is the phishing scam. Please do not respond to it. The criminals are trying to trick you into providing them with your e-mail details and password. These are used to gain access to the account which is then used to propagate the scam further and gain access to more personal data within the university.
The dangerous part of the phishing scam has been deactivated by removing the link to the phishers server currently in Brazil and redirecting them to an internal page.
From: Compromised University Address <noreply@sun.ac.za>
Sent: Wednesday, 21 September 2016 05:59
Subject: ITS Service Desk
With the strengthening off our security system and improving your mailing experience, We have detected your mail settings are out of date. To enhance computer system security and comply with federal audit requirements, ITS requires all Sever Users to update their account , kindly click ITS to update your account to the latest OutlookWebApp . Sign in and automatically update your mailbox by filling out the requirements correctly.
___________________
Sincerely,
ITS Service Desk
Click Here
[ARTICLE BY DAVID WILES]
Tags: phishing