%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> /XObject << /I1 20 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250717030502+00'00') /ModDate (D:20250717030502+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R 16 0 R 18 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 4521 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 242.069 521.469 504.665 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 242.444 520.719 503.915 re S 0.773 0.773 0.773 rg 61.016 257.819 m 550.984 257.819 l 550.984 258.569 l 61.016 258.569 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(CAREFUL OF )] TJ ET BT 157.813 693.716 Td /F2 14.4 Tf [(REPLY ALL)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F3 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F2 9.0 Tf [(February 03,2021)] TJ ET BT 177.584 664.909 Td /F3 9.0 Tf [( by )] TJ ET BT 192.092 664.909 Td /F2 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(Last month some university staff's mailboxes were flooded with )] TJ ET 0.373 0.169 0.255 rg BT 61.016 626.431 Td /F4 9.0 Tf [(an email advertising services in what we call an email storm)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 61.016 625.280 m 299.084 625.280 l S 0.153 0.153 0.153 rg BT 299.084 626.431 Td /F4 9.0 Tf [(. )] TJ ET BT 61.016 615.442 Td /F4 9.0 Tf [(Apart from being disruptive, these emails weren't harmful, but we )] TJ ET BT 61.016 604.453 Td /F4 9.0 Tf [(would like to remind you of a five important things to keep in mind )] TJ ET BT 61.016 593.464 Td /F4 9.0 Tf [(before you send email to large groups:)] TJ ET BT 61.016 573.475 Td /F1 9.0 Tf [(1. ALWAYS use the BCC field, NOT the CC field.)] TJ ET BT 61.016 562.486 Td /F4 9.0 Tf [(If you use the BCC field instead of the CC field the )] TJ ET BT 264.119 562.486 Td /F3 9.0 Tf [(Reply All)] TJ ET BT 61.016 551.497 Td /F4 9.0 Tf [(option is disabled. Therefore recipients won't be able to )] TJ ET BT 283.343 551.497 Td /F3 9.0 Tf [(Reply All)] TJ ET BT 61.016 540.508 Td /F4 9.0 Tf [(and cause a flood of inconvenient emails.)] TJ ET BT 61.016 518.719 Td /F1 9.0 Tf [(2. DO NOT )] TJ ET BT 108.527 518.719 Td /F2 9.0 Tf [(Reply All)] TJ ET BT 147.038 518.719 Td /F1 9.0 Tf [( when you receive an email sent to )] TJ ET BT 61.016 507.730 Td /F1 9.0 Tf [(multiple people.)] TJ ET BT 61.016 496.741 Td /F4 9.0 Tf [(If you receive an email that has been sent to a large number of )] TJ ET BT 61.016 485.752 Td /F4 9.0 Tf [(people, please by default don't )] TJ ET BT 185.315 485.752 Td /F3 9.0 Tf [(Reply All)] TJ ET BT 220.820 485.752 Td /F4 9.0 Tf [(. You will only be causing )] TJ ET BT 61.016 474.763 Td /F4 9.0 Tf [(an unnecessary surge of emails and annoy your colleagues. If )] TJ ET BT 61.016 463.774 Td /F4 9.0 Tf [(you need to comment only email the sender or the relevant )] TJ ET BT 61.016 452.785 Td /F4 9.0 Tf [(people.)] TJ ET BT 61.016 430.996 Td /F1 9.0 Tf [(3. Advertising services or products on the SU network is not )] TJ ET BT 61.016 420.007 Td /F1 9.0 Tf [(allowed.)] TJ ET BT 61.016 409.018 Td /F4 9.0 Tf [(No staff or student member is allowed to advertise any services on the SU network. This is stipulated in the )] TJ ET 0.373 0.169 0.255 rg BT 61.016 398.029 Td /F4 9.0 Tf [(Electronic Communications Policy)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 396.878 m 196.547 396.878 l S 0.153 0.153 0.153 rg BT 196.547 398.029 Td /F4 9.0 Tf [( which staff and students agree to when reactivating their network access every year.)] TJ ET BT 61.016 376.240 Td /F1 9.0 Tf [(4. If you need to send official mass communication, consult the Digital Communications Office.)] TJ ET 0.373 0.169 0.255 rg BT 61.016 365.251 Td /F4 9.0 Tf [(The Digital Communications Office)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 364.100 m 199.553 364.100 l S 0.153 0.153 0.153 rg BT 199.553 365.251 Td /F4 9.0 Tf [(, a division of Corporate Communications, are responsible for campus-wide electronic )] TJ ET BT 61.016 354.262 Td /F4 9.0 Tf [(communication. They use specific platforms to distribute information and will be able to advise you on the most efficient )] TJ ET BT 61.016 343.273 Td /F4 9.0 Tf [(way of sending out your email.)] TJ ET BT 61.016 321.484 Td /F1 9.0 Tf [(5. Use SYMPA)] TJ ET BT 61.016 310.495 Td /F4 9.0 Tf [(If you regularly need to send out emails, you can use the SYMPA mailing solution. )] TJ ET 0.373 0.169 0.255 rg BT 390.173 310.495 Td /F4 9.0 Tf [(More information on SYMPA.)] TJ ET 0.18 w 0 J [ ] 0 d 390.173 309.344 m 506.714 309.344 l S 0.153 0.153 0.153 rg BT 61.016 290.506 Td /F4 9.0 Tf [()] TJ ET 0.400 0.400 0.400 rg BT 61.016 272.017 Td /F3 9.0 Tf [(Posted in:E-mail,Notices | | With 0 comments)] TJ ET q 225.000 0 0 225.000 325.984 421.211 cm /I1 Do Q endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 625.5982 299.0837 634.7557 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (https://blogs.sun.ac.za/it/en/2021/02/please-support-stias-email/) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 397.1962 196.5467 406.3537 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (https://sunrecords.sun.ac.za/controlled/C4 Policies and Regulations/C4_Electronic Comm_2003.pdf) >> endobj 16 0 obj << /Type /Annot /Subtype /Link /A 17 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 364.4182 199.5527 373.5757 ] >> endobj 17 0 obj << /Type /Action /S /URI /URI (http://www.sun.ac.za/english/corporate-communication/contact-us) >> endobj 18 0 obj << /Type /Annot /Subtype /Link /A 19 0 R /Border [0 0 0] /H /I /Rect [ 390.1727 309.6622 506.7137 318.8197 ] >> endobj 19 0 obj << /Type /Action /S /URI /URI (https://blogs.sun.ac.za/it/en/2020/03/sending-emails-to-large-groups/) >> endobj 20 0 obj << /Type /XObject /Subtype /Image /Width 300 /Height 300 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 18140>> stream JFIF``ExifMM*i2 &0000 t2012:02:10 11:04:062012:02:10 11:04:06 2012-02-10T11:04:062014-08-20T16:41:07 C   %# , #&')*)-0-(0%()(C   (((((((((((((((((((((((((((((((((((((((((((((((((((,," }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?(((((((((((((((((((((((((((RK]ҴGQURy[Jo*ҢK$. ;A Ԁ?Zùߡ"OԥeD"GO%4eVzOS0jW@e:?ռ}~13#㤱ho̊ٱK]g{@OhƦESCt:U{)J'ҶdmJSjEQEŠ((((((((((*p).PqQKqc,W ψ:nξa"lb> O!5k—O/1Yt_סzߋ4"-Q/mǓO^g ,(bb{L3I4Hŏj*c-!Q/:kǾ$ Nh?KN9?533f%I9&ΩIJSzMJ4mN*+Xu] ?AL7ccBB'yKޱia] >"Dŏ%h ^ ʍ;UHפN[#uYXeH#ڝIIhkR:%ݒxŧB+-{K~Ѥ^u}_fSE|oVBKK:[k$LT=ǵvR:OT|axj%/B|aᣲPXe?*ޠ1lq+آ%dpYNA*ucU^,,v]O׍>ю+C((((((()LU 1vM$U2} i9;-{VtHdpxW'j2mMq&5v#}}OPF;N۰/$,<9H,ߍV<-x %g8ǹלgTp+F1# hueWK_#ֽ RiWwÓ<dv~ic WK֡9`Eq_6y4SSaC N}eYP AKCd|#2b]oLauσq 6n<k Ƨ+Qgc093^H@=4WSlx1G"_co&?_\ emrVr t:f{J^XId=ME0_Mxʏ0z2 x h&~ 橅`si>WrPΒ8oCRUb9y`hԲׯBw "Vt/u'-IZAKQ 'Rt+ZgZ{Γ̻V密~9b3m}? }?gu76(xNC׵B3'Ug?2j(<`(((((bBp9*kljcBI'ZJ UQ۩>޾r{-= 36qLf)>ZOSPF4 yE؟wU (W{rPMx{v ?Z%R\eEg[* O5f;hbHB" P:*ZP9s[3yi>(Š((((+{|wҺ*|) Fp>אj|uɊq¾4``Tg;HOʟZƭ5u1KZf܏VF>W )$~7 VTj-bQEQQEQEQEPx- q@(ՒlW̟I&|91!?J*x '= {D2]@&**GdY{USkEH|~uPA$^;ww?SJ4 \_OG:akM{ >! 3ORkS%NjW`Kr{2kg Cv~]Yt㷛^^EWQEבPd(f5-v'yFK3y׈/aM {0lS N`'c %9?w=l7Tu-F׾%)?A_޵Y|u?rYسI5 $5-Ϧ-NԑDvmXoTOzƿ1wf"g#$隐W~3x^bP5u,mTTO/ɯM]Do+ba?,sƲC"Ir 5E^ҵ}GI/m0W?P:5q#p]6B^}FEr-QϫY2EC"O> ubgUU{fYN#-ti*xC`D_C^#+_z>iUkz:OXbiwئӢڢXdF~5%P {*yS+fz?1Zqnk7hI#b2k/ ˮxoNԗY~ GR>pJ!~o5 ( ( (p+-PCnOA_>Uי!cv'JO]N5/^ڞ#QMGm&Z&֥x2,$iS]4_W|SgbSH~0[5WxvQHnGgÁ.jMvB\{bW~gaEW~R(ɮ_#NHI8jz6hKȯxIpp~DA\wy\kHiqR%'ָq_v7,S#յ}GXc~z*(.Rrw% =,<:Q]<; _^_2e!Oֺo7r.ngbos[STZf;>`9]cK3Ώz/^/ȔgλcY~ }Cm3 zıUW—*_?Gu?#})w= 7B]y?آtK\> |[Ye@rߠ5 | O_~峷yifpq~|\i/5 sb8~!XlP9~RKl}+߈~Mxq]u#5?3Ƣm+z׬ZցBڼZf~T+R7>vYdMN̜,OF9K'{l}g?Q^8QEQEQE#)4[X珯֬"++~%jܛZsuy4ܷڹ2mj<]GRƞpȑ}I^40~1wB3 ~5x7yK'νl 9iw?:Wƪ+h/@cKY:V3'^y$Y?A7O\+_Cxṣ QEyǼ:f`S싓ʽ:w%HΆG;p~9W>i f2+$[f{3t5#ϙo#dsnzdtk]s樟xf"ؠ?뢕[e/WFG *.#o56 &}QEW~.QEQE^w>bA/c! GwJנ|O.6g /My{އzFQ^aQ; \^\I.}e56~ТIqf1~/Vʵ;z hX %b[@IG5赱sW?V[`xooS>HaƟcY/^YNdMh R,{p*xuev~a:$ߔO\]z'[;O٫ #{y05eKQEQ@Q@s~2ӟ]%r=}>!˾szx>[>9l=#kN/yѲ(>>vU8ؗlhRNvO}N\ry{_1k&W9mי)oWτI<\h)Tfmߚ@)7v~B+/iF𶗧[qc}_'f_xJa(.}^_GwjTWQEzGQ@ݾX OZĺpܪ>״x[ع'W_?:anm?_QR\lRգ3wȫk^匇WUg)I+g=?uMAEμ*K5˸>Qpq檼N'r鮲IEW~P#)#>d+ j:u ?qI^ԛQQ]OͼOз]|^gslZ?ȾP ğWW?et뇽y"x˦ɥGEQ@Q@q?,]q6-|k!\5}VXZ;سB(O̷F@ߘ-U/ ͳj?J$~Vq}){^1^AIMxq$}K)zȥ)W~·?;wtd_k-7ZFn?`},i$lV= zx~}ƔڭJ}kGQE`I+ĺYZX#ki )p}|Ϫ]7?9ƒ{W_+čxpFzAk]^~.Q;J[_IA>+?FTU_\|:!-:!kJWzL4*TE1LDRq|GQ e~~٣V_5uy]NS=:>XzUAծHE;̅EuQ^Jg.gsaEE%ku/4αN}i-ܶb=k>t(mRtͮ7G )G2_Fץh5T,_ë0+Т(([o]Mb7Oc|)+8_~+jDL9\6V9;ycV +nlQH9柣R|4̜omqw@ڼsqAմnU1?:R+˚Yy>;H/-x0pz4wHs%\a_ǯY⣢KU)JYqSu$z7&Ӱj х}Gjz5j6)et#t?k;쮢ḉ$O5t+:RFY I٭SRq^ ᯍv> {F>nB9\|eФbF#C?%{WŒ}~k_z&g 30 9f_}pH`j/7ZY~ָT9&Ve\-^LR]C%;'w0h+7G=6j׉klTחIog`1^?+YȭFH=mE]ӧ*Pg#W'漾h?X}vWͺG9{TkGfC}R uVt k˨mcigF՘QW#Xƞ!s"DØԏ}*4Yr3*yv֞wnz73k&֟eÏ?AWCE**ziש*waES2 ( ( :Ulr@;|FK˩׷^-_MGӎ _6Ɍ+?&*;HrZrG>qSU 1!CѺ}jy3Vgڄ_Uu? uir>yȜdW5-}Kģ~}`[ |Tޛ>Gp c"'E훌dy]Å\K%}BH5xiy:/^φVT )F*աipsֻ.C3 luם[Oi16b?yu5>*U~fBQޭ%M\n aGFV}-ѽr56:\luo5El-mZ\8\g]-Id՘wKYlJ=XqC&:;#-O1HK^L0dA~[ǺTvv&+xCˈP t#JJeGJ4ݟkƤ]Wݟ=EkBHՇzIݼ2 SWVn rxeY!vE9VS5n.P)ͱ)+Q1IȘyKf95Nrz6eO F' $$׼D֖fQ׺xᦓښ'~X V԰ө+2 &5>}??#WuF '٤/^EҥQcjZt^EVQEQEQEQExOVON+ψS 3*О5BXH+ {$e u3 +(&( wºE#Kgo ;}5r2Y薲YΔg׆icj6N(O򫖾%M?_x~kUthF?* =(q&4DYMAg~vW}HdZyqʃ?3B΋W5ܑWxzk.oyn{9^;?cQ9k9Y`JGVQÎ޵TGv9TJGtO^␉!O6a sd?7^+E*UeJ\:3 aKV^~G*2T;~_ek(q|>UnG/ |'Oz!Wm3LI.h2ܢ+(((()RQEQEQEQEQEQEQEQEQEG4K"akH*dC ')UhIGy=jJT{jFTO=oM z|@x g޽7C}L*u&1 GE|EtԆc8g|<~hjZ~eݽކ@5f'G:2[V.\ԑGEC`j\U_]s{|K{ j_(W}??UdTo2 +xpDq,V=_gz33R荩]wK7GǍ4M/"RFߐ_Vjm݉hgU[ Jn/_|S/^ Wpad{?=~k?> L\2ՇmR.o ]QA4W0EBR6_K ZNrw{P[8ъ/_.}EW~^QEQEQEQEQEQEQEQEQE#(#/AZPx28+do|<fg}G_WSObW"mYݐSII}z1L+Jя^'sƞߋxr?q8N>#Ew >{ @qKuGklj7Wb˟ִ Ÿ(|7gU8,Þum -.h>ִ$ǷsGm"tCU >oS-{DDXy5+V"O^gioenpEopāT} PQؼ~'.jr킊(9(((((((((((ѫuEW{8_ vU~:5'5jQ@ˤ/HS% [#X#^)@KEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQE endstream endobj xref 0 21 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000332 00000 n 0000000369 00000 n 0000000507 00000 n 0000000610 00000 n 0000005183 00000 n 0000005295 00000 n 0000005414 00000 n 0000005530 00000 n 0000005638 00000 n 0000005765 00000 n 0000005882 00000 n 0000006009 00000 n 0000006156 00000 n 0000006283 00000 n 0000006398 00000 n 0000006526 00000 n 0000006647 00000 n trailer << /Size 21 /Root 1 0 R /Info 5 0 R >> startxref 24956 %%EOF E-mail « Informasietegnologie
Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

E-mail

Keeping SU data and information safe: The use of AI tools for meeting recordings

Tuesday, May 13th, 2025

MORE INFORMATION COMING SOON

We are compiling a list of frequently asked questions and further guidance on this topic. This blog post will be updated as soon as new resources become available. Please check back regularly for the latest. If you need support or have questions in the meantime, please log a request via the ICT Partner Portal.

 

(February 2025)

As part of our ongoing effort to keep Stellenbosch University (SU) data and information safe, AI tools for meeting recordings (e.g. Otter.ai, Fireflies.ai, Fathom and others) will be blocked due to the potential risk of a data breach and unauthorised exposure of SU’s confidential data. This includes any online platform used for recording meetings, webinars, online class sessions, live events or discussions. Whilst we want to continue leveraging the potential of AI, we must also take proactive steps to protect sensitive university information and mitigate risks. 

These risks and concerns include: 

  • Data security risks: Personal or sensitive university data can be processed by AI models without visibility on where or how the data will be stored or used.  
  • Public exposure risks: The data absorbed by the AI tool can inadvertently be shared or accessed by unauthorised parties.  
  • Compliance concerns: The use of AI tools may conflict with data protection policies or university regulatory requirements.  

Practical steps for meeting organisers 

A meeting organiser must ensure that AI tools are not introduced into discussions where sensitive or confidential information is shared. Sensitive information may include, but is not limited to, student records, financial details, research data, staff information and internal strategy discussions.

Before the meetings start, please check the following:  

  • Identify AI tools: Check whether any invited platform or application of a participant is using AI-driven technology to record the meeting in the participants’ list. The organiser is allowed to block or kick out the uninvited guest.  
  • Communicate security expectations: Inform the meeting participants about the AI restrictions.  
  • Agreement to record MS Teams meetings: Share with participants that the meeting will be recorded and ask if they agree to this. Share how the recording will be used. For meetings, the recording should only be used for minute-taking purposes and once the minutes have been approved, the recordings must be deleted.  

We appreciate your cooperation in safeguarding university data and your assistance in the ongoing effort to use technology responsibly. If you require assistance, please log a request on the ICT Partner Portal.   

Email security

Friday, March 31st, 2023

Phishing and Report Message

View a PDF here: Phishing and Report Message Infographic

Phishing scam from compromised university account

Tuesday, November 23rd, 2021

Please keep an eye out for an e-mail from a sun email address with the subject line of FYI_Order/Approval. 

It is a phishing scam with a link to a website that is designed to compromise security and steal details such as banking details, login names and passwords. 

The owner of the affected account has already put an Out-of-office notification on her account telling people to ignore the mail sent from her account, but the account is probably still compromised and under the control of the scammers.

Once in the university domain the scammers will continue to attack the university network to steal more information or to obtain bank account details, etc.

Here is an example of one of the mails:

 

Please report this phishing mail if you receive it from the above mentioned address or any other sun address. Here is how you report it:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Go to https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115.​​

Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.​​ Please add the suspicious email as an attachment to the request.

​​~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If you have accidentally clicked on the link and already given any personal details to the phishers it is vitally important that you immediately go to the USERADM page (either http://www.sun.ac.za/password or www.sun.ac.za/useradm and change your password immediately.) Make sure the new password is completely different and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts. Contact the IT Service Desk if you are still unsure. 

[ARTICLE BY DAVID WILES]

How to recognise a phishing e-mail

Tuesday, October 5th, 2021

We can’t warn you against every phishing e-mail– there’s a new variation every day. You are the only person who can protect yourself from phishing scams and identity theft. The only way to do this is to learn to recognise a harmful e-mail by paying attention and keeping an eye out for a few tell-tale signs.

phishme_how_to_spot_a_phishTypical characteristics

1. Well-known companies used as bait
These e-mails are sent out to thousands of different e-mail addresses and often the person sending them has no idea who you are. If you have no affiliation with the company the e-mail address is supposedly coming from, it’s fake. For example, if the e-mail is sent by ABSA, but you are a Standard Bank client. Also, see a list of types of companies generally used in phishing e-mails below.

2. Spelling and grammar
Improper spelling and grammar is a dead giveaway. Look for obvious errors. 

3. Lack of client information
Phishers use a generic greeting. For example, the e-mail greets you as “ABSA customer” or “Dear user”, etc. If the company was sending you information regarding your faulty account, they would mention your account details or name in the e-mail.  A company would go through the trouble to address a client by name and won’t ask you for your information. Banks have your information on their system.

4. Deadlines/Sense of urgency
Phishing e-mails demand an immediate response or stipulate a specific deadline, creating a sense of urgency and prompting you to respond before you’ve looked at the e-mail properly. For example,  demanding that you log in and change your account information within 24 hours or your account will be closed.

5. Malicious links
Although many phishing e-mails are getting better at hiding the true URL you are visiting, often these e-mails will show a URL that is unrelated to the company. Move your mouse over the link and look at the display address. Is this the website address of the company who seems to be sending the e-mail? If not, it’s clearly a phishing e-mail.

6. Attachments
Phishing e-mails occasionally include an attachment which contains malware. When opened, it will run and install a small programme on your PC, which hackers use to gain access to your PC and information. 

Typical phishing topics

• Account issues, such as accounts or passwords expiring, accounts being hacked, out-of-date accounts, or account information has to be changed.
• Credit cards expiring or being stolen, a duplicate credit card, credit card transactions, etc. 
• Confirming orders, requesting that you log in to confirm recent orders or transactions before a delivery can be made.
• Winning a prize or getting something for free. Both Woolworths and Pick ‘n Pay’s have been used in fake campaigns to lure people into providing personal details.

Company names phishers generally use

• Any major bank. ABSA and Standard Bank are both popular choices in South Africa.
• Insurance companies, for example, Outsurance.
• Internet service providers
Apple or Microsoft claiming your account has been suspended.
• E-mail providers, e.g. Gmail or Yahoo
• SARS. Especially at this time of year. (We’ve had a few of these.)
DHL or any delivery company claiming they have a package for you.
• Your company’s medical aid, for example, Discovery
• Your company’s IT department
• Casinos and lotteries
• Online dating websites
• Popular websites such as Amazon, Facebook, MySpace, PayPal, eBay, Microsoft, Apple, Hotmail, YouTube, etc.

A few tips to keep you safe

Never follow links in an e-mail you’re uncertain of. Rather visit the page by typing the address of the company in your browser. For example,  instead of clicking on the “ABSA URL” in the e-mail, type http://www.absa.co.za in your web browser and log in at their official website.
Never send personal information by e-mail. If a company is asking for your personal account information or claiming your account is invalid, visit the website and log in to the account as you normally would. If everything seems in order and there aren’t any urgent notifications from your bank, you should be fine.
• If you are still not sure about the status of your account or are concerned about your personal information, contact the company directly, either through an e-mail address provided on their website, over the phone or visit your local branch.
• Delete the e-mail and don’t click on links or fill in any information.
• If you’ve already divulged your information, immediately change your password or PIN and contact the institution to inform them of the breach.
• To report spam or phishing e-mails send an e-mail to sysadm@sun.ac.za with the subject SPAM with the suspect e-mail attached. IT system administrators will then be able to block the e-mail to protect other users.

[SOURCE: www.computerhope.com]

 

Step Up to Stronger Passwords

Tuesday, October 5th, 2021

Weak and reused passwords continue to be a common entry point for account or identity takeover and network intrusions. Simple steps and tools exist to help you achieve unique, strong passwords for your accounts.

 A password is often all that stands between you and sensitive data. It’s also often all that stands between a cyber criminal and your account. Below are tips to help you create stronger passwords, manage them more easily, and take one further step to protect against account theft.

  • Always: Use a unique password for each account so one compromised password does not put all of your accounts at risk of takeover.
  • Good: A good password is 10 or more characters in length, with a combination of uppercase and lowercase letters, plus numbers and/or symbols — such as pAMPh$3let. Complex passwords can be challenging to remember for even one site, let alone using multiple passwords for multiple sites; strong passwords are also difficult to type on a smartphone keyboard (for an easy password management option, see “best” below).
  • Better: A passphrase uses a combination of words to achieve a length of 20 or more characters. That additional length makes it’s exponentially harder for hackers to crack, yet a passphrase is easier for you to remember and more natural to type. To create a passphrase, generate four or more random words from a dictionary, mix in uppercase letters, and add a number or symbol to make it even stronger — such as rubbishconsiderGREENSwim$3. You’ll still find it challenging to remember multiple passphrases, though, so read on.
  • Best: The strongest passwords are created by password managers — software that generates and keeps track of complex and unique passwords for all of your accounts. All you need to remember is one complex password or passphrase to access your password manager. With a password manager, you can look up passwords when you need them, copy and paste from the vault, or use functionality within the software to log you in automatically. Best practice is to add two-step verification to your password manager account. Keep reading!
  • Step it up! When you use two-step verification (a.k.a., two-factor authentication or login approval), a stolen password doesn’t result in a stolen account. Anytime your account is logged into from a new device, you receive an authorization check on your smartphone or another registered device. Without that second piece, a password thief can’t get into your account. It’s the single best way to protect your account from cyber criminals.

Resources

 

 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.