%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250727155956+00'00') /ModDate (D:20250727155956+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Length 6801 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 125.618 521.469 621.116 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 125.993 520.719 620.366 re S 0.773 0.773 0.773 rg 61.016 141.368 m 550.984 141.368 l 550.984 142.118 l 61.016 142.118 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(WARNING: SEXTORTION SCAM)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(January 02,2021)] TJ ET BT 173.588 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 188.096 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(There is a "sextortion" email making the rounds at the moment and with many personnel and students still working )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(andstudying from home, many are concerned about the risks.)] TJ ET BT 61.016 615.442 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 604.453 Td /F4 9.0 Tf [("The device has been successfully hacked" is a new ‘sextortion’ email scam for 2021. This email scam, like most )] TJ ET BT 61.016 593.464 Td /F4 9.0 Tf [(sextortion scams, relies on “social engineering”, a process through which the scammers induce shame, panic or guilt. The )] TJ ET BT 61.016 582.475 Td /F4 9.0 Tf [(scammers \(the authors of the email\) claim that they obtained material compromising the user \(because of a computer )] TJ ET BT 61.016 571.486 Td /F4 9.0 Tf [(hack, email account hack, router hack, etc\) and threaten to publish it if the ransom is not paid. None these claims are true )] TJ ET BT 61.016 560.497 Td /F4 9.0 Tf [(in any way; they are just deception.)] TJ ET BT 61.016 549.508 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 538.519 Td /F4 9.0 Tf [(The “The device has been successfully hacked” email message says that someone successfully hacked the recipient’s )] TJ ET BT 61.016 527.530 Td /F4 9.0 Tf [(device and monitored it for a long time. The hacker claims that this was made possible by a virus installed on the device )] TJ ET BT 61.016 516.541 Td /F4 9.0 Tf [(when the user visited the adult site. Using this virus, the hacker was able to record a video that compromises the user, and )] TJ ET BT 61.016 505.552 Td /F4 9.0 Tf [(gained access to the user’s personal contacts, instant messengers, and social networks. If the recipient pays $1300 in )] TJ ET BT 61.016 494.563 Td /F4 9.0 Tf [(Bitcoin, the hacker promises to delete all the data. Next, the scam email contains the bitcoin address to which the ransom )] TJ ET BT 61.016 483.574 Td /F4 9.0 Tf [(should be transferred. This email is just a sextortion scam, and all the statements are fake. )] TJ ET BT 61.016 472.585 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 461.596 Td /F4 9.0 Tf [(What to do when you receive the "The device has been successfully hacked" SCAM: )] TJ ET 0.153 0.153 0.153 RG 85.866 444.423 m 85.866 444.835 85.696 445.245 85.404 445.537 c 85.113 445.828 84.703 445.998 84.291 445.998 c 83.878 445.998 83.469 445.828 83.177 445.537 c 82.885 445.245 82.716 444.835 82.716 444.423 c 82.716 444.011 82.885 443.601 83.177 443.309 c 83.469 443.018 83.878 442.848 84.291 442.848 c 84.703 442.848 85.113 443.018 85.404 443.309 c 85.696 443.601 85.866 444.011 85.866 444.423 c f BT 91.016 441.607 Td /F4 9.0 Tf [(Do not panic.)] TJ ET 85.866 433.434 m 85.866 433.846 85.696 434.256 85.404 434.548 c 85.113 434.839 84.703 435.009 84.291 435.009 c 83.878 435.009 83.469 434.839 83.177 434.548 c 82.885 434.256 82.716 433.846 82.716 433.434 c 82.716 433.022 82.885 432.612 83.177 432.320 c 83.469 432.029 83.878 431.859 84.291 431.859 c 84.703 431.859 85.113 432.029 85.404 432.320 c 85.696 432.612 85.866 433.022 85.866 433.434 c f BT 91.016 430.618 Td /F4 9.0 Tf [(Do not pay a ransom.)] TJ ET 85.866 422.445 m 85.866 422.857 85.696 423.267 85.404 423.559 c 85.113 423.850 84.703 424.020 84.291 424.020 c 83.878 424.020 83.469 423.850 83.177 423.559 c 82.885 423.267 82.716 422.857 82.716 422.445 c 82.716 422.033 82.885 421.623 83.177 421.331 c 83.469 421.040 83.878 420.870 84.291 420.870 c 84.703 420.870 85.113 421.040 85.404 421.331 c 85.696 421.623 85.866 422.033 85.866 422.445 c f BT 91.016 419.629 Td /F4 9.0 Tf [(If there’s a link in the scam email, do not click it, otherwise you might unwittingly install malware or ransomware on )] TJ ET BT 91.016 408.640 Td /F4 9.0 Tf [(your computer.)] TJ ET BT 61.016 388.651 Td /F4 9.0 Tf [(The mail will come from several e-mail addresses, which might very from user to user. Scammers use thousands of "throw-)] TJ ET BT 61.016 377.662 Td /F4 9.0 Tf [(away" e-mail addresses to send out these scams.)] TJ ET BT 61.016 366.673 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 355.684 Td /F4 9.0 Tf [(If you do get such an e-mail use one of the two methods below to report it to IT Cyber Security as soon as possible. This )] TJ ET BT 61.016 344.695 Td /F4 9.0 Tf [(way IT can filter and block the senders)] TJ ET 0.592 0.592 0.592 rg 0.592 0.592 0.592 RG 305.016 337.997 m 306.516 337.997 l 305.766 337.247 l 305.766 337.247 l f 1.000 1.000 1.000 rg 1.000 1.000 1.000 RG 305.016 335.747 m 306.516 335.747 l 305.766 336.497 l 305.766 336.497 l f 306.516 337.997 m 306.516 335.747 l 305.766 336.497 l 305.766 337.247 l f 0.592 0.592 0.592 rg 0.592 0.592 0.592 RG 305.016 337.997 m 305.016 335.747 l 305.766 336.497 l 305.766 337.247 l f 0.153 0.153 0.153 rg BT 61.016 317.956 Td /F1 9.0 Tf [(By reporting it on the ICT Partner Portal.??)] TJ ET BT 61.016 297.967 Td /F4 9.0 Tf [(Go to https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115. )] TJ ET BT 61.016 277.978 Td /F4 9.0 Tf [(Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.??)] TJ ET BT 61.016 257.989 Td /F4 9.0 Tf [(If you have accidentally responded to the phisher and already provided them with your personal details, it is vitally )] TJ ET BT 61.016 247.000 Td /F4 9.0 Tf [(important that you immediately go to the USERADM page \(either http://www.sun.ac.za/password or )] TJ ET BT 61.016 236.011 Td /F4 9.0 Tf [(www.sun.ac.za/useradm and change your password immediately.\))] TJ ET BT 61.016 216.022 Td /F4 9.0 Tf [(Make sure the new password is completely different and is a strong password that will not be easily guessed, as well as )] TJ ET BT 61.016 205.033 Td /F4 9.0 Tf [(changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on )] TJ ET BT 61.016 194.044 Td /F4 9.0 Tf [(these accounts. Contact the IT HelpDesk if you are still unsure.)] TJ ET BT 432.949 174.055 Td /F4 9.0 Tf [([ARTICLE BY DAVID WILES])] TJ ET 0.400 0.400 0.400 rg BT 61.016 155.566 Td /F2 9.0 Tf [(Posted in:E-mail,News,Security | | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj xref 0 12 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000305 00000 n 0000000334 00000 n 0000000472 00000 n 0000000535 00000 n 0000007388 00000 n 0000007500 00000 n 0000007615 00000 n 0000007735 00000 n trailer << /Size 12 /Root 1 0 R /Info 5 0 R >> startxref 7843 %%EOF E-mail « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

E-mail

« Older Entries
Newer Entries »

Phishing scam about reaching your mailbox storage limit

Tuesday, March 6th, 2018

Monday started with a phishing scam threatening to close your mailbox, and Monday is ending with another attack, using a similar intimidation tactic about your mailbox size.

The grammar and spelling is very poor on this one so it should be rather easy to spot. However the use of University branding and “STELLENBOSCH HELP DESK” might fool some people.

The Subject will be “We apologies” (sic)

Dear User,

You have reached the storage limit for your mailbox. Please visit the following link to complete your e-mail access restore.

Follow this link to complete the process: Click Restore

STELLENBOSCH HELP DESK

If you do click on the link (which does not go to a university website) …this webpage will appear. 

 

 

Many thanks to all of you who reported this.

Remember these 5 guidelines:

  1. Information Technology will never request sensitive information such as passwords.
  2. Phishing e-mails often appear as an important notice or urgent matter such as threats that your mailbox is over quota.
  3. Use of aggressive or intimidating language such as ‘immediately’ and threats of consequences of not verifying your account.
  4. Misspelled words and poor grammar that take away from the professional context of the e-mail. (this one is quite obvious)
  5. Use of an impersonal greeting. (Dear User)

If you have received mail that looks like this please immediately report it to the Information Technology Security Team using the following method:

Send the spam/phishing mail to help@sun.ac.za  and sysadm@sun.ac.za

 Attach the phishing or suspicious mail on to the message if possible. There is a good tutorial on how to do this at the following link (Which is safe) : http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Spam%20sysadmin%20Eng.aspx

  1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
  2. Use the Title “SPAM” (without quotes) in the Subject.
  3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
  4. Send the mail.

IF YOU HAVE FALLEN FOR THE SCAM:

If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and password you should immediately go to http://www.sun.ac.za/useradm and change the passwords on ALL your university accounts (making sure the new password is completely different, and is a strong password that will not be easily guessed.) as well as changing the passwords on your social media and private e-mail accounts (especially if you use the same passwords on these accounts.)

IT have set up a website page with useful information on how to report and combat phishing and spam. The address is:https://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/

[Article by David Wiles]

 

Email

Tags: ,
Posted in E-mail, Security | Comments Off on Phishing scam about reaching your mailbox storage limit

New email banner implemented

Wednesday, February 28th, 2018

At the beginning of March Corporate Communications will be implementing a Be Water Smart banner (see example below).

This banner is an attempt to create awareness among students and staff regarding the ongoing water crisis in the Western Cape. It will automatically be inserted below your signature in all emails sent from @sun accounts and will click through to a web site with more information on the water crisis. 

In future the banner will also be used to create awareness of various issues affecting Stellenbosch University.

Please take note that if you make use of digital certification for your emails, the receiver of the emails will have to open the attachment sent with the email, to read the content.

Additionally it may happen that Outlook will not automatically display the banner due to security measures. If it does not display, right-click on the “broken” image and it will load.

Enquiries regarding the content and format of the banner can be sent to ecomms@sun.ac.za

Email

Posted in E-mail | Comments Off on New email banner implemented

Pensioners: Reactivation of electronic services

Tuesday, February 27th, 2018

All persons using the SU network have to reactivate for network usage (e-mail, internet, etc.) on an annual basis. Pensioners still using SU resources also have to complete this process to ensure they still have e-mail access.

Over the past few weeks users received an e-mail notice from helpinfo@sun.ac.za indicating that their username will expire. Generally three warnings are sent before the deadline on 1 April. Since some pensioners pay for access themselves and not a departmental cost centre, the payment method differs. Pensioners can pay for the reactivation of electronic access using one of the following methods: 

EFT
Payment of R345-00 via EFT. To do the EFT payment, Stellenbosch University must be added as a beneficiary on your online banking profile.
For SU banking details, please contact us.

Cashiers at Admin
Cashiers at Admin A on Stellenbosch campus or cashiers on Tygerberg campus.
Pensioners make a payment of R345-00 at the cashier with receipt type 1107 (network registration)
SU number will also be required.

If you have any questions, please contact the IT Service Desk at 021 808 4367 or help@sun.ac.za.

 
Email

Tags: ,
Posted in Connectivity, E-mail | Comments Off on Pensioners: Reactivation of electronic services

Phishing: PSG “Your profile details will expire”

Monday, January 22nd, 2018

There is currently a phishing email making the rounds claiming to be from PSG Wealth.

Be on the lookout for an email requesting you to update your personal information, as your PSG online “profile details will expire”. The link redirects users to a page that looks like the PSG securities trading website, but is a clever forgery.

PSG have assured us that they will never send you an email asking to provide sensitive information online. So it is important to check the validity of any such emails before you respond to requests like these.

Below is an example of one such mail:

There are 3 obvious signs that this mail is fraudulent:

  • The sender´s email address (`from´ address) is disguised to look like it comes from PSG Wealth. The message is actually sent from a different address that does not match our PSG email addresses (using an @psg.com.sa address instead of an @psg.co.za address).
  • The recipient is not specified.
  • The website link provided is not to a PSG domain address and the website is not indicated as being secure. (no little padlock icon or https: in the URL)

What should you do if you have already provided your details in responding to this phishing scam?

If you responded to such an email, login to your account by typing psg.co.za into your browser window and reset your password immediately.

Continue to monitor your account for any unauthorised transactions and alert PSG immediately if you note any suspicious transactions.

Avoid becoming a victim in future: (This applies to all phishing scams, not just this fraudulent scam)

  • Type in website addresses – do not follow links embedded in emails.
  • Do not reuse passwords, especially for financial sites. 
  • Do not click on attachments, unless you know who they are from and are expecting the document in question.
  • Never part with your login details.

If you are not sure that a request for information is legitimate, rather contact the company to verify its authenticity.

~~~

Report the spam/phishing mail to the following addresses:
help@sun.ac.za and sysadm@sun.ac.za. 

Attach the phishing or suspicious mail on to the message if possible. There is a good tutorial on how to do this at the following link (which is safe) : http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Spam%20sysadmin%20Eng.aspx
1. Start up a new mail addressed to sysadm@sun.ac.za  (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

[Article by David Wiles]

Email

Tags:
Posted in E-mail, phishing, Security | Comments Off on Phishing: PSG “Your profile details will expire”

Be cyberaware during the holiday period

Wednesday, December 20th, 2017

The time has come for everyone to take a well-deserved break and spend time with friends and family. From 22 December at 12:00 until 1 January Information Technology offices will be closed and no user support will be provided.

However, just because we’re on holiday it doesn’t mean fraudsters, opportunists and cybercriminals will also take a break. On the contrary, this is the ideal time for them to scam you out of your hard-earned money.

We’d like to remind you to be especially vigilant over the holiday season by following these guidelines when receiving emails or conducting online transactions:

  • We will never ask for your username and password. Don’t divulge your username and/or password if being asked via email. By doing this, you are giving someone access to all your confidential SU information, including salary details.
  • Do not click on any attachments, even if the address is a sun email address. If you are unsure, contact the person first to confirm.
  • Do not click on a website address given in an email. Rather go to your browser and type the correct address in the address bar.
  • Never conduct any transactions on a public, unprotected WiFi connection.
  • If you are unsure of the legitimacy of an email, contact the institution or person it was sent from directly by phone to confirm.

For further assistance email help@sun.ac.za or call our Service Desk at 808 4367. More information on cybersecurity can be found on our blog and Twitter account.

Email

Tags: ,
Posted in E-mail, phishing, Security | Comments Off on Be cyberaware during the holiday period

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.