%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20210614235701+00'00') /ModDate (D:20210614235701+00'00') /Title (IT-artikels) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Length 6741 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 64.231 521.469 682.503 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 64.606 520.719 681.753 re S 0.773 0.773 0.773 rg 61.016 617.359 m 550.984 617.359 l 550.984 618.109 l 61.016 618.109 l f 1.000 1.000 1.000 rg BT 278.868 698.693 Td /F1 10.5 Tf [(POST LIST)] TJ ET 0.200 0.200 0.200 rg BT 212.789 670.111 Td /F1 14.4 Tf [(INFORMASIETEGNOLOGIE)] TJ ET BT 221.824 643.466 Td /F1 11.7 Tf [(INFORMATION TECHNOLOGY)] TJ ET BT 61.016 583.841 Td /F1 14.4 Tf [(WARNING: SEXTORTION SCAM)] TJ ET 0.400 0.400 0.400 rg BT 61.016 564.033 Td /F3 9.0 Tf [(There is a "sextortion" email making the rounds at the moment and with many personnel and students still working )] TJ ET BT 61.016 553.044 Td /F3 9.0 Tf [(andstudying from home, many are concerned about the risks.)] TJ ET BT 61.016 542.055 Td /F3 9.0 Tf [(†)] TJ ET BT 61.016 531.066 Td /F3 9.0 Tf [("The device has been successfully hacked" is a new Ďsextortioní email scam for 2021. This email scam, like most )] TJ ET BT 61.016 520.077 Td /F3 9.0 Tf [(sextortion scams, relies on ďsocial engineeringĒ, a process through which the scammers induce shame, panic or guilt. The )] TJ ET BT 61.016 509.088 Td /F3 9.0 Tf [(scammers \(the authors of the email\) claim that they obtained material compromising the user \(because of a computer )] TJ ET BT 61.016 498.099 Td /F3 9.0 Tf [(hack, email account hack, router hack, etc\) and threaten to publish it if the ransom is not paid. None these claims are true )] TJ ET BT 61.016 487.110 Td /F3 9.0 Tf [(in any way; they are just deception.)] TJ ET BT 61.016 476.121 Td /F3 9.0 Tf [(†)] TJ ET BT 61.016 465.132 Td /F3 9.0 Tf [(The ďThe device has been successfully hackedĒ email message says that someone successfully hacked the recipientís )] TJ ET BT 61.016 454.143 Td /F3 9.0 Tf [(device and monitored it for a long time. The hacker claims that this was made possible by a virus installed on the device )] TJ ET BT 61.016 443.154 Td /F3 9.0 Tf [(when the user visited the adult site. Using this virus, the hacker was able to record a video that compromises the user, and )] TJ ET BT 61.016 432.165 Td /F3 9.0 Tf [(gained access to the userís personal contacts, instant messengers, and social networks. If the recipient pays $1300 in )] TJ ET BT 61.016 421.176 Td /F3 9.0 Tf [(Bitcoin, the hacker promises to delete all the data. Next, the scam email contains the bitcoin address to which the ransom )] TJ ET BT 61.016 410.187 Td /F3 9.0 Tf [(should be transferred. This email is just a sextortion scam, and all the statements are fake.†)] TJ ET BT 61.016 399.198 Td /F3 9.0 Tf [(†)] TJ ET BT 61.016 388.209 Td /F3 9.0 Tf [(What to do when you receive the "The device has been successfully hacked" SCAM: )] TJ ET 0.400 0.400 0.400 RG 85.866 371.036 m 85.866 371.449 85.696 371.858 85.404 372.150 c 85.113 372.442 84.703 372.611 84.291 372.611 c 83.878 372.611 83.469 372.442 83.177 372.150 c 82.885 371.858 82.716 371.449 82.716 371.036 c 82.716 370.624 82.885 370.214 83.177 369.923 c 83.469 369.631 83.878 369.461 84.291 369.461 c 84.703 369.461 85.113 369.631 85.404 369.923 c 85.696 370.214 85.866 370.624 85.866 371.036 c f BT 91.016 368.220 Td /F3 9.0 Tf [(Do not panic.)] TJ ET 85.866 360.047 m 85.866 360.460 85.696 360.869 85.404 361.161 c 85.113 361.453 84.703 361.622 84.291 361.622 c 83.878 361.622 83.469 361.453 83.177 361.161 c 82.885 360.869 82.716 360.460 82.716 360.047 c 82.716 359.635 82.885 359.225 83.177 358.934 c 83.469 358.642 83.878 358.472 84.291 358.472 c 84.703 358.472 85.113 358.642 85.404 358.934 c 85.696 359.225 85.866 359.635 85.866 360.047 c f BT 91.016 357.231 Td /F3 9.0 Tf [(Do not pay a ransom.)] TJ ET 85.866 349.058 m 85.866 349.471 85.696 349.880 85.404 350.172 c 85.113 350.464 84.703 350.633 84.291 350.633 c 83.878 350.633 83.469 350.464 83.177 350.172 c 82.885 349.880 82.716 349.471 82.716 349.058 c 82.716 348.646 82.885 348.236 83.177 347.945 c 83.469 347.653 83.878 347.483 84.291 347.483 c 84.703 347.483 85.113 347.653 85.404 347.945 c 85.696 348.236 85.866 348.646 85.866 349.058 c f BT 91.016 346.242 Td /F3 9.0 Tf [(If thereís a link in the scam email, do not click it, otherwise you might unwittingly install malware or ransomware on )] TJ ET BT 91.016 335.253 Td /F3 9.0 Tf [(your computer.)] TJ ET BT 61.016 315.264 Td /F3 9.0 Tf [(The mail will come from several e-mail addresses, which might very from user to user. Scammers use thousands of "throw-)] TJ ET BT 61.016 304.275 Td /F3 9.0 Tf [(away" e-mail addresses to send out these scams.)] TJ ET BT 61.016 293.286 Td /F3 9.0 Tf [(†)] TJ ET BT 61.016 282.297 Td /F3 9.0 Tf [(If you do get such an e-mail use one of the two methods below to report it to IT Cyber Security as soon as possible. This )] TJ ET BT 61.016 271.308 Td /F3 9.0 Tf [(way IT can filter and block the senders)] TJ ET 0.592 0.592 0.592 rg 0.592 0.592 0.592 RG 305.016 264.610 m 306.516 264.610 l 305.766 263.860 l 305.766 263.860 l f 1.000 1.000 1.000 rg 1.000 1.000 1.000 RG 305.016 262.360 m 306.516 262.360 l 305.766 263.110 l 305.766 263.110 l f 306.516 264.610 m 306.516 262.360 l 305.766 263.110 l 305.766 263.860 l f 0.592 0.592 0.592 rg 0.592 0.592 0.592 RG 305.016 264.610 m 305.016 262.360 l 305.766 263.110 l 305.766 263.860 l f 0.400 0.400 0.400 rg BT 61.016 244.569 Td /F4 9.0 Tf [(By reporting it on the ICT Partner Portal.??)] TJ ET BT 61.016 224.580 Td /F3 9.0 Tf [(Go to https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115.†)] TJ ET BT 61.016 204.591 Td /F3 9.0 Tf [(Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.??)] TJ ET BT 61.016 184.602 Td /F3 9.0 Tf [(If you have accidentally responded to the phisher and already provided them with your personal details, it is vitally )] TJ ET BT 61.016 173.613 Td /F3 9.0 Tf [(important that you immediately go to the USERADM page \(either http://www.sun.ac.za/password or )] TJ ET BT 61.016 162.624 Td /F3 9.0 Tf [(www.sun.ac.za/useradm and change your password immediately.\))] TJ ET BT 61.016 142.635 Td /F3 9.0 Tf [(Make sure the new password is completely different and is a strong password that will not be easily guessed, as well as )] TJ ET BT 61.016 131.646 Td /F3 9.0 Tf [(changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on )] TJ ET BT 61.016 120.657 Td /F3 9.0 Tf [(these accounts. Contact the IT HelpDesk if you are still unsure.)] TJ ET BT 432.949 100.668 Td /F3 9.0 Tf [([ARTICLE BY DAVID WILES])] TJ ET BT 61.016 82.179 Td /F3 9.0 Tf [(Posted in:E-mail,News,Security | | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj xref 0 12 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000305 00000 n 0000000334 00000 n 0000000469 00000 n 0000000532 00000 n 0000007325 00000 n 0000007437 00000 n 0000007544 00000 n 0000007660 00000 n trailer << /Size 12 /Root 1 0 R /Info 5 0 R >> startxref 7780 %%EOF E-mail « Informasietegnologie
Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

E-mail

Careful of Reply All

Tuesday, March 2nd, 2021

Last month some university staff’s mailboxes were flooded with an email advertising services in what we call an email storm. Apart from being disruptive, these emails weren’t harmful, but we would like to remind you of a five important things to keep in mind before you send email to large groups:

1. ALWAYS use the BCC field, NOT the CC field.
If you use the BCC field instead of the CC field the Reply All option is disabled. Therefore recipients won’t be able to Reply All and cause a flood of inconvenient emails.

2. DO NOT Reply All when you receive an email sent to multiple people.
If you receive an email that has been sent to a large number of people, please by default don’t Reply All. You will only be causing an unnecessary surge of emails and annoy your colleagues. If you need to comment only email the sender or the relevant people.

3. Advertising services or products on the SU network is not allowed.
No staff or student member is allowed to advertise any services on the SU network. This is stipulated in the Electronic Communications Policy which staff and students agree to when reactivating their network access every year.

4. If you need to send official mass communication, consult the Digital Communications Office.
The Digital Communications Office, a division of Corporate Communications, are responsible for campus-wide electronic communication. They use specific platforms to distribute information and will be able to advise you on the most efficient way of sending out your email.

5. Use SYMPA
If you regularly need to send out emails, you can use the SYMPA mailing solution. More information on SYMPA.

 

Change your password online

Thursday, February 25th, 2021

In the past, the IT Service Desk was your first stop when you forgot your password (we know, it happens to us too!) or had to change your password. Unfortunately, due to various security risks, as well as the very strict new data protection acts, the Service Desk is no longer allowed to change or reset your password for you.¬†(You can read more about the university’s own Data Privacy Regulation here)

We would like to encourage staff and students to use the Password Selfhelp website in future. We realise that this might be inconvenient, but for your and our own protection, we will have to follow this procedure. 

 The Password Selfhelp website (www.sun.ac.za/password) offers two options: 

  1. Change Password for users who know what their password is and want to change it. 
  2. Reset Password for users who forgot their password. 

To use the online Password Selfhelp, your cellphone number or an alternative email address has to be on the HR records, otherwise, you will not be able to change your password. You can update this information by logging onto SUN-e-HR though the staff portal,¬† http://my.sun.ac.za or contacting your department’s HR contact person.¬†

Select the My Profile link – Personal Information

Log on to SUN-e-HR.

Select Basic Details РUpdate, Other, Personal Email Address 

or

Select¬† Phone Numbers ‚Äď Update

During the password change process a PIN code, consisting of 8 numbers, will be SMSed or emailed to the user (depending on which option he/she selected) Please use this PIN to change your password on the self help website. As soon as the password has been changed, the user will be notified by means of SMS or email.

If you have not requested a password change, please notify the IT Service Desk immediately at 808 4367.

IMPORTANT!

If you are working from home you will also need to follow these instructions after you’ve changed your password to ensure that it sync properly across devices and accounts.

“PLEASE SUPPORT STIAS…” email causes a mail storm

Friday, February 19th, 2021

There is no reason to be worried or concerned about a mail that is being circulated with the subject line starting with “PLEASE SUPPORT STIAS…”

Although it is definitely spam¬†(defined as unsolicited commercial e-mail) it does not appear have any dangerous content and was sent out by a university user to over 300 addresses one of which was the general IT Service Desk email address. Because it was sent to the address which automatically logs service requests the account automatically emailed all the recipients with “Cancellation” e-mails, who then replied, etc. This was no fault on the side of the IT Service desk as it is an automatic process of the Jira logging software that IT uses to track its calls.

This is known as a mail storm in IT jargon when somebody replies to a single e-mail sent to a mailing list and inadvertently replies with a personal message to the entire mailing list leading to a snowball effect or a mail storm. It is like a dog chasing its own tail!

If you receive a mail with the subject line ICT-338035 FW: PLEASE SUPPORT STIAS – PLAN YOUR NEXT MEETING, WORKSHOP AND OR CONFERENCE WITH US”¬†¬†or¬†“PLEASE SUPPORT STIAS – PLAN YOUR NEXT MEETING, WORKSHOP AND OR CONFERENCE WITH US” just delete it.¬†

If you want to take it further and set up a mail filter to delete all mails with that particular Subject, then you can do so. However do not blacklist the sender or report it to the help@sun.ac.za address or it will just perpetuate the spam, and you could block legitimate e-mails from IT or the original sender.

Stay safe out there and thank you to everyone who flagged this email. It is encouraging when we have such observant and enthusiastic users.

[ARTICLE BY DAVID WILES]

 

Reactivate your username before 1 April

Monday, February 8th, 2021

Network access (usernames) for staff will expire at the end of March unless you reactivate your username.

We suggest that you reactivate yours as soon as possible to ensure uninterrupted access to IT services (internet, email, SUN-e-HR etc.). Keep in mind that the cost centre manager still has to approve your request before your username is reactivated; allow sufficient time for this to be done to avoid disruption of your service.

You will receive an email from helpinfo@sun.ac.za indicating that your username (“engagement”) will expire soon. Three notifications will be sent before the end of March. Alternatively, you can go directly to the reactivation page.

Once logged into the reactivation page, you can select the services you want to reactivate.  You are encouraged to read the ECP (Electronic Communication Policy) before reactivating.

Choose the services (network / email usernames and internet usernames) you want to register for (see images below).

 

Reactivation of internet usernames is no longer necessary and can be ignored.

Make sure you select the correct cost points and if you’re unsure ask your cost centre manager. Click Accept and Reactivate.

 You will receive a notification stating that your request has been submitted, as well as a confirmation email. 

The webpage will indicate that it will be activated as soon as it has been approved by the cost centre manager. When the cost centre manager approves the reactivation request access will be extended to the end of March next year.

If you have completed these steps successfully and still receive emails from helpinfo@sun.ac.za urging you to reactivate, please go back to the reactivation page and make sure the appropriate boxes are checked: Your Network / Email usernames Your Internet usernames

 If you are still not able to reactivate, please raise a request at servicedesk.sun.ac.za

Warning: Sextortion scam

Monday, February 1st, 2021
There is a “sextortion” email making the rounds at the moment and with many personnel and students still working andstudying from home, many are concerned about the risks.
 
“The device has been successfully hacked” is a new ‚Äėsextortion‚Äô email scam for 2021. This email scam, like most sextortion scams, relies on ‚Äúsocial engineering‚ÄĚ, a process through which the scammers induce shame, panic or guilt. The scammers (the authors of the email) claim that they obtained material compromising the user (because of a computer hack, email account hack, router hack, etc) and threaten to publish it if the ransom is not paid. None these claims are true in any way; they are just deception.
 
The ‚ÄúThe device has been successfully hacked‚ÄĚ email message says that someone successfully hacked the recipient‚Äôs device and monitored it for a long time. The hacker claims that this was made possible by a virus installed on the device when the user visited the adult site. Using this virus, the hacker was able to record a video that compromises the user, and gained access to the user‚Äôs personal contacts, instant messengers, and social networks. If the recipient pays $1300 in Bitcoin, the hacker promises to delete all the data. Next, the scam email contains the bitcoin address to which the ransom should be transferred. This email is just a sextortion scam, and all the statements are fake.¬†
 
What to do when you receive the “The device has been successfully hacked” SCAM:

  • Do not panic.
  • Do not pay a ransom.
  • If there‚Äôs a link in the scam email, do not click it, otherwise you might unwittingly install malware or ransomware on your computer.
The mail will come from several e-mail addresses, which might very from user to user. Scammers use thousands of “throw-away” e-mail addresses to send out these scams.
 
If you do get such an e-mail use one of the two methods below to report it to IT Cyber Security as soon as possible. This way IT can filter and block the senders

By reporting it on the ICT Partner Portal.‚Äč‚Äč

Go to https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115. 

Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.‚Äč‚Äč

If you have accidentally responded to the phisher and already provided them with your personal details, it is vitally important that you immediately go to the USERADM page (either http://www.sun.ac.za/password or www.sun.ac.za/useradm and change your password immediately.)

Make sure the new password is completely different and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts. Contact the IT HelpDesk if you are still unsure.

[ARTICLE BY DAVID WILES]

 

© 2013-2021 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.