• Recent Posts

  • Categories

  • Archives


Careful of Reply All

Tuesday, March 2nd, 2021

Last month some university staff’s mailboxes were flooded with an email advertising services in what we call an email storm. Apart from being disruptive, these emails weren’t harmful, but we would like to remind you of a five important things to keep in mind before you send email to large groups:

1. ALWAYS use the BCC field, NOT the CC field.
If you use the BCC field instead of the CC field the Reply All option is disabled. Therefore recipients won’t be able to Reply All and cause a flood of inconvenient emails.

2. DO NOT Reply All when you receive an email sent to multiple people.
If you receive an email that has been sent to a large number of people, please by default don’t Reply All. You will only be causing an unnecessary surge of emails and annoy your colleagues. If you need to comment only email the sender or the relevant people.

3. Advertising services or products on the SU network is not allowed.
No staff or student member is allowed to advertise any services on the SU network. This is stipulated in the Electronic Communications Policy which staff and students agree to when reactivating their network access every year.

4. If you need to send official mass communication, consult the Digital Communications Office.
The Digital Communications Office, a division of Corporate Communications, are responsible for campus-wide electronic communication. They use specific platforms to distribute information and will be able to advise you on the most efficient way of sending out your email.

5. Use SYMPA
If you regularly need to send out emails, you can use the SYMPA mailing solution. More information on SYMPA.


Change your password online

Thursday, February 25th, 2021

In the past, the IT Service Desk was your first stop when you forgot your password (we know, it happens to us too!) or had to change your password. Unfortunately, due to various security risks, as well as the very strict new data protection acts, the Service Desk is no longer allowed to change or reset your password for you. (You can read more about the university’s own Data Privacy Regulation here)

We would like to encourage staff and students to use the Password Selfhelp website in future. We realise that this might be inconvenient, but for your and our own protection, we will have to follow this procedure. 

 The Password Selfhelp website ( offers two options: 

  1. Change Password for users who know what their password is and want to change it. 
  2. Reset Password for users who forgot their password. 

To use the online Password Selfhelp, your cellphone number or an alternative email address has to be on the HR records, otherwise, you will not be able to change your password. You can update this information by logging onto SUN-e-HR though the staff portal, or contacting your department’s HR contact person. 

Select the My Profile link – Personal Information

Log on to SUN-e-HR.

Select Basic Details – Update, Other, Personal Email Address 


Select  Phone Numbers – Update

During the password change process a PIN code, consisting of 8 numbers, will be SMSed or emailed to the user (depending on which option he/she selected) Please use this PIN to change your password on the self help website. As soon as the password has been changed, the user will be notified by means of SMS or email.

If you have not requested a password change, please notify the IT Service Desk immediately at 808 4367.


If you are working from home you will also need to follow these instructions after you’ve changed your password to ensure that it sync properly across devices and accounts.

“PLEASE SUPPORT STIAS…” email causes a mail storm

Friday, February 19th, 2021

There is no reason to be worried or concerned about a mail that is being circulated with the subject line starting with “PLEASE SUPPORT STIAS…”

Although it is definitely spam (defined as unsolicited commercial e-mail) it does not appear have any dangerous content and was sent out by a university user to over 300 addresses one of which was the general IT Service Desk email address. Because it was sent to the address which automatically logs service requests the account automatically emailed all the recipients with “Cancellation” e-mails, who then replied, etc. This was no fault on the side of the IT Service desk as it is an automatic process of the Jira logging software that IT uses to track its calls.

This is known as a mail storm in IT jargon when somebody replies to a single e-mail sent to a mailing list and inadvertently replies with a personal message to the entire mailing list leading to a snowball effect or a mail storm. It is like a dog chasing its own tail!


If you want to take it further and set up a mail filter to delete all mails with that particular Subject, then you can do so. However do not blacklist the sender or report it to the address or it will just perpetuate the spam, and you could block legitimate e-mails from IT or the original sender.

Stay safe out there and thank you to everyone who flagged this email. It is encouraging when we have such observant and enthusiastic users.



Reactivate your username before 1 April

Monday, February 8th, 2021

Network access (usernames) for staff will expire at the end of March unless you reactivate your username.

We suggest that you reactivate yours as soon as possible to ensure uninterrupted access to IT services (internet, email, SUN-e-HR etc.). Keep in mind that the cost centre manager still has to approve your request before your username is reactivated; allow sufficient time for this to be done to avoid disruption of your service.

You will receive an email from indicating that your username (“engagement”) will expire soon. Three notifications will be sent before the end of March. Alternatively, you can go directly to the reactivation page.

Once logged into the reactivation page, you can select the services you want to reactivate.  You are encouraged to read the ECP (Electronic Communication Policy) before reactivating.

Choose the services (network / email usernames and internet usernames) you want to register for (see images below).


Reactivation of internet usernames is no longer necessary and can be ignored.

Make sure you select the correct cost points and if you’re unsure ask your cost centre manager. Click Accept and Reactivate.

 You will receive a notification stating that your request has been submitted, as well as a confirmation email. 

The webpage will indicate that it will be activated as soon as it has been approved by the cost centre manager. When the cost centre manager approves the reactivation request access will be extended to the end of March next year.

If you have completed these steps successfully and still receive emails from urging you to reactivate, please go back to the reactivation page and make sure the appropriate boxes are checked: Your Network / Email usernames Your Internet usernames

 If you are still not able to reactivate, please raise a request at

Warning: Sextortion scam

Monday, February 1st, 2021
There is a “sextortion” email making the rounds at the moment and with many personnel and students still working andstudying from home, many are concerned about the risks.
“The device has been successfully hacked” is a new ‘sextortion’ email scam for 2021. This email scam, like most sextortion scams, relies on “social engineering”, a process through which the scammers induce shame, panic or guilt. The scammers (the authors of the email) claim that they obtained material compromising the user (because of a computer hack, email account hack, router hack, etc) and threaten to publish it if the ransom is not paid. None these claims are true in any way; they are just deception.
The “The device has been successfully hacked” email message says that someone successfully hacked the recipient’s device and monitored it for a long time. The hacker claims that this was made possible by a virus installed on the device when the user visited the adult site. Using this virus, the hacker was able to record a video that compromises the user, and gained access to the user’s personal contacts, instant messengers, and social networks. If the recipient pays $1300 in Bitcoin, the hacker promises to delete all the data. Next, the scam email contains the bitcoin address to which the ransom should be transferred. This email is just a sextortion scam, and all the statements are fake. 
What to do when you receive the “The device has been successfully hacked” SCAM:

  • Do not panic.
  • Do not pay a ransom.
  • If there’s a link in the scam email, do not click it, otherwise you might unwittingly install malware or ransomware on your computer.
The mail will come from several e-mail addresses, which might very from user to user. Scammers use thousands of “throw-away” e-mail addresses to send out these scams.
If you do get such an e-mail use one of the two methods below to report it to IT Cyber Security as soon as possible. This way IT can filter and block the senders

By reporting it on the ICT Partner Portal.​​

Go to 

Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.​​

If you have accidentally responded to the phisher and already provided them with your personal details, it is vitally important that you immediately go to the USERADM page (either or and change your password immediately.)

Make sure the new password is completely different and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts. Contact the IT HelpDesk if you are still unsure.



© 2013-2021 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.