View a PDF here: Phishing and Report Message Infographic
Email security
Friday, March 31st, 2023Phishing scam from compromised university account
Tuesday, November 23rd, 2021Please keep an eye out for an e-mail from a sun email address with the subject line of FYI_Order/Approval.
It is a phishing scam with a link to a website that is designed to compromise security and steal details such as banking details, login names and passwords.
The owner of the affected account has already put an Out-of-office notification on her account telling people to ignore the mail sent from her account, but the account is probably still compromised and under the control of the scammers.
Once in the university domain the scammers will continue to attack the university network to steal more information or to obtain bank account details, etc.
Here is an example of one of the mails:
Please report this phishing mail if you receive it from the above mentioned address or any other sun address. Here is how you report it:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Go to https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115.
Fill in your information and add the email as an attachment. Your request will automatically be logged on the system. Please add the suspicious email as an attachment to the request.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If you have accidentally clicked on the link and already given any personal details to the phishers it is vitally important that you immediately go to the USERADM page (either http://www.sun.ac.za/password or www.sun.ac.za/useradm and change your password immediately.) Make sure the new password is completely different and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts. Contact the IT Service Desk if you are still unsure.
[ARTICLE BY DAVID WILES]
How to recognise a phishing e-mail
Tuesday, October 5th, 2021We can’t warn you against every phishing e-mail– there’s a new variation every day. You are the only person who can protect yourself from phishing scams and identity theft. The only way to do this is to learn to recognise a harmful e-mail by paying attention and keeping an eye out for a few tell-tale signs.
1. Well-known companies used as bait
These e-mails are sent out to thousands of different e-mail addresses and often the person sending them has no idea who you are. If you have no affiliation with the company the e-mail address is supposedly coming from, it’s fake. For example, if the e-mail is sent by ABSA, but you are a Standard Bank client. Also, see a list of types of companies generally used in phishing e-mails below.
2. Spelling and grammar
Improper spelling and grammar is a dead giveaway. Look for obvious errors.
3. Lack of client information
Phishers use a generic greeting. For example, the e-mail greets you as “ABSA customer” or “Dear user”, etc. If the company was sending you information regarding your faulty account, they would mention your account details or name in the e-mail. A company would go through the trouble to address a client by name and won’t ask you for your information. Banks have your information on their system.
4. Deadlines/Sense of urgency
Phishing e-mails demand an immediate response or stipulate a specific deadline, creating a sense of urgency and prompting you to respond before you’ve looked at the e-mail properly. For example, demanding that you log in and change your account information within 24 hours or your account will be closed.
5. Malicious links
Although many phishing e-mails are getting better at hiding the true URL you are visiting, often these e-mails will show a URL that is unrelated to the company. Move your mouse over the link and look at the display address. Is this the website address of the company who seems to be sending the e-mail? If not, it’s clearly a phishing e-mail.
6. Attachments
Phishing e-mails occasionally include an attachment which contains malware. When opened, it will run and install a small programme on your PC, which hackers use to gain access to your PC and information.
Typical phishing topics
• Account issues, such as accounts or passwords expiring, accounts being hacked, out-of-date accounts, or account information has to be changed.
• Credit cards expiring or being stolen, a duplicate credit card, credit card transactions, etc.
• Confirming orders, requesting that you log in to confirm recent orders or transactions before a delivery can be made.
• Winning a prize or getting something for free. Both Woolworths and Pick ‘n Pay’s have been used in fake campaigns to lure people into providing personal details.
Company names phishers generally use
• Any major bank. ABSA and Standard Bank are both popular choices in South Africa.
• Insurance companies, for example, Outsurance.
• Internet service providers
• Apple or Microsoft claiming your account has been suspended.
• E-mail providers, e.g. Gmail or Yahoo
• SARS. Especially at this time of year. (We’ve had a few of these.)
• DHL or any delivery company claiming they have a package for you.
• Your company’s medical aid, for example, Discovery
• Your company’s IT department
• Casinos and lotteries
• Online dating websites
• Popular websites such as Amazon, Facebook, MySpace, PayPal, eBay, Microsoft, Apple, Hotmail, YouTube, etc.
A few tips to keep you safe
• Never follow links in an e-mail you’re uncertain of. Rather visit the page by typing the address of the company in your browser. For example, instead of clicking on the “ABSA URL” in the e-mail, type http://www.absa.co.za in your web browser and log in at their official website.
• Never send personal information by e-mail. If a company is asking for your personal account information or claiming your account is invalid, visit the website and log in to the account as you normally would. If everything seems in order and there aren’t any urgent notifications from your bank, you should be fine.
• If you are still not sure about the status of your account or are concerned about your personal information, contact the company directly, either through an e-mail address provided on their website, over the phone or visit your local branch.
• Delete the e-mail and don’t click on links or fill in any information.
• If you’ve already divulged your information, immediately change your password or PIN and contact the institution to inform them of the breach.
• To report spam or phishing e-mails send an e-mail to sysadm@sun.ac.za with the subject SPAM with the suspect e-mail attached. IT system administrators will then be able to block the e-mail to protect other users.
[SOURCE: www.computerhope.com]
Step Up to Stronger Passwords
Tuesday, October 5th, 2021Weak and reused passwords continue to be a common entry point for account or identity takeover and network intrusions. Simple steps and tools exist to help you achieve unique, strong passwords for your accounts.
A password is often all that stands between you and sensitive data. It’s also often all that stands between a cyber criminal and your account. Below are tips to help you create stronger passwords, manage them more easily, and take one further step to protect against account theft.
- Always: Use a unique password for each account so one compromised password does not put all of your accounts at risk of takeover.
- Good: A good password is 10 or more characters in length, with a combination of uppercase and lowercase letters, plus numbers and/or symbols — such as pAMPh$3let. Complex passwords can be challenging to remember for even one site, let alone using multiple passwords for multiple sites; strong passwords are also difficult to type on a smartphone keyboard (for an easy password management option, see “best” below).
- Better: A passphrase uses a combination of words to achieve a length of 20 or more characters. That additional length makes it’s exponentially harder for hackers to crack, yet a passphrase is easier for you to remember and more natural to type. To create a passphrase, generate four or more random words from a dictionary, mix in uppercase letters, and add a number or symbol to make it even stronger — such as rubbishconsiderGREENSwim$3. You’ll still find it challenging to remember multiple passphrases, though, so read on.
- Best: The strongest passwords are created by password managers — software that generates and keeps track of complex and unique passwords for all of your accounts. All you need to remember is one complex password or passphrase to access your password manager. With a password manager, you can look up passwords when you need them, copy and paste from the vault, or use functionality within the software to log you in automatically. Best practice is to add two-step verification to your password manager account. Keep reading!
- Step it up! When you use two-step verification (a.k.a., two-factor authentication or login approval), a stolen password doesn’t result in a stolen account. Anytime your account is logged into from a new device, you receive an authorization check on your smartphone or another registered device. Without that second piece, a password thief can’t get into your account. It’s the single best way to protect your account from cyber criminals.
Resources
- Check out http://twofactorauth.org to see a list of services that offer two-step verification.
- Learn more about passwords and securing your accounts from the National Cyber Security Alliance.
- Consider whether a password manager is the right choice for you.
- Explore Five Ways to Upgrade your Password this Password Day, which is observed in May each year.
- Find more videos and a quiz at http://passwordday.org.
Remember to check your Junk Email folder
Monday, August 30th, 2021To ensure that staff and students aren’t exposed to malicious phishing or spam emails our system administrators and security team had to enable a stricter spam filter earlier this year as added protection.
A spam filter assigns every message, received and sent, a spam confidence level based on the likelihood that the message is spam. Depending on its level an inbound message may be relayed directly to the user’s Junk Email folder. The filter looks at certain criteria contained in the email it rates, for example too many hyperlinks or a suspicious file attached. Tweaking the filter can be tricky – we don’t want you to miss important emails, but at the same time it’s our responsibility to protect you and all our staff from harmful attacks.
For this reason, it’s important that you regularly look in your Junk Email folder in case the spam filter might have relayed it there.
The main purpose of Microsoft Outlook’s Junk Email Filter helps is to reduce unwanted email messages in your Inbox. Junk email, also known as spam, is moved by the filter away to the Junk Email folder. This is done at an institutional level by Microsoft (as mentioned above), but you can also flag or “un”flag messages from a person or company as Junk email.
How to change your spam filter’s preferences.
How to tag an email as junk mail.
How to report spam or junk email to Microsoft. (downloadable PDF-document)
If you have any questions, please log a request on the ICT Partner Portal.