Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

E-mail

CBT Locker virus on campus

Wednesday, February 18th, 2015

A growing number of incidents of the CBT Locker virus, which has more than 50 variants, has been spotted on campus. This virus is also considered ransomware and infects your PC when you visit lesser known websites and particularly if you download games and movies.

The ransomware copies all the data on your harddrive, encrypts and deletes it and you’re left with gibberish. A ransom fee is demanded, but the odds that you’ll get your data back at all, are slim.

There is no way to recover data if your PC has been attacked by one of the the Locker viruses.

• DO NOT open .ZIP attachments unless specifically requested from the sender. View the email header or send a separate email to validate the sender before opening attachments.
• Regularly back up data to your network space or an external hard drive. Data residing on user devices will be permanently lost in the event of a ransomware
• DO NOT click embedded hyperlinks in email. Although the Crypto Locker ransomware threat is normally sent as an attached .ZIP file, ransomware has been downloaded from opening malicious websites.
• Stay away from unknown, suspicious websites offering game or movie downloads and torrents and DO NOT click on any pop-ups.
• Report suspect email to sysadm@sun.ac.za.

Outwit phishing attempts

Friday, February 13th, 2015

Over the past two weeks we’ve already recorded at least three incidents where phishing e-mails were sent to SU staff. Although we try to warn users against specific e-mails and block these e-mails on server level as soon as we’re aware of them, it’s almost impossible to protect e-mail users against each and every fraudulent e-mail.

The responsibility lies with the e-mail user in recognising the tell-tale signs and establishing whether it’s a phishing e-mail or not. Unfortunately 99% of the time it is and if you’re ever in doubt over clicking on a link, rather don’t. Go directly to the institution’s website and log in from there or contact the company or bank to confirm whether they sent it.

The latest example of such an e-mail is an e-mail which seems to be from Discovery and (of course) promises a reward. This is also a way to entice you into clicking on the links. Also look out for bad spelling, grammar and formatting. The links may look convincing, but when you move the mouse over them, are they really Discovery’s website links? By merely noticing this, you can immediately confirm that this is indeed an attempt at phishing. More hints on recognising fraudulent e-mails can be found here.

Immediately delete the e-mail and don’t click on the links or fill in any information. If you’ve supplied your info, immediately change your password and PIN and contact the institution to inform them of the breach. You can also send an e-mail to  sysadm@sun.ac.za with the subject SPAM and attach the suspect e-mail. IT system administrators will then be able to block the e-mail and protect other staff against it.

 

EXAMPLE OF “PHISHING” E-MAIL:

FROM: DiscoveryCard <discoverycards@discovery.co.za>
SUBJECT: DiscoveryCard: 09 Feb:- Last chance to redeem your 7000 Discovery miles Point

Attention Valued Customer,

Your Discovery Card was credited with 7000 Miles (R700) as a reward for been a loyal customer last  2 weeks today ( Final notice) , but you did not claim it, we are giving you another chance. Follow the instructions below:-

  1. Click this link http://www.discovery.co.za/portal/individual/login 
  2. Then enter your www.discovery.co.zaUsername and Password and click login
  3. Update your Discovery Credit Card  details and click update after you have completed it( Note:-Do not fail to enter the full details correctly, because the system will credit the R700 on the card details entered).

Regards,

Discovery Miles Team

 

 

Stuur ‘n e-pos aan sysadm@sun.ac.za met Subject: SPAM en heg dan die verdagte e-pos met Insert Item aan.

 

 

Whatsapp for you PC

Friday, February 13th, 2015

whatsappMany of us practically break out in hives if we’re outside the cellphone or WiFi reception range, while others are at their happiest in the middle of nowhere with no cellphone tower in sight. If you fall into the first category, you’re probably a devoted WhatsApp user.

The good news is that, from the end of January, WhatsApp will not only be limited to your phone, but also on your tablet or PC. Whatsapp Web gives users the convenience of sending and receiving messages via a website.

Your chats will be automatically synchronised between your phone and PC. The only limitation at this stage is Google Chrome as prerequisite. If you’d like to use WhatsApp on your PC, you’ll find detailed instruction on Cnet, as well as an instructional video.

Unfortunately with the convenience and accessibility of WhatsApp also comes risk. If you use WhatsApp on a regular basis, look out for the following scams.

A new Wangiri campaign, where users are encouraged to make expensive international calls, is doing the rounds.  Wangiri is a type of cellphone fraud where the perpetrator randomly calls cell numbers and puts down the phone after one ring. A missed call shows on the victim’s phone and he calls back since he believes the call was intended for him. In actual fact he’s calling a very expensive premium number.

In this instance WhatsApp users receive a message with a contact card attached and the message asks the cellphone owner call back. Read more on this scam here.

A second example is an SMS campaign which could cost WhatsApp users R210-00 a month. An SMS with the following wording is received:

“You have not updated to the latest WhatsApp add-ons. Click here now [URL]. (Free MSG) 31655 optout dial 0110621424”.

A link guides users to a screen with the message “Update your wall 4 WhatsApp”. Fine print below indicates that you’re actually subscribing to a social network called Buddiechat, which will cost you R7-00 per day.

WhatsApp users unknowingly click on the link because they believe it’s legitimate  WhatsApp communication or because they’re too preoccupied to read. Read the full article on mybroadband. 

 

Update: E-mail for pensioners

Thursday, February 5th, 2015

Recently we mentioned that the e-mail policy for pensioners would change from June 2015. As clearly noted from the comments, this decision unfortunately caused some dissatisfaction.

We would like to announce that, until further notice, the current status quo regarding e-mail for pensioners will be maintained. You can therefore continue with reregistration and the use of your @sun.ac.za e-mail service as before.

For any enquiries, please contact the IT Service Desk.

Phishing alert

Monday, February 2nd, 2015

Please take note that there’s a new phishing attack on sun e-mail addresses. We’ve blocked it on server level, so users should not receive the suspicious e-mail.

If you receive an email claiming to be from the IT department (see example below), do not open it or click on any of the links.

This is a phishing email attempting to acquire your passwords and other information. Immediately delete the email and do not reply to it.

IT e-mails will always be in the same format with IT’s name, correct contact details, the SU logo and and English and Afrikaans version. Please read our guidelines on how to distinguish between an offical e-mail and a phishing e-mail HERE.

 

 

From: Stellenbosch University [mailto:abiederm@kent.edu]
Sent: 31 January 2015 11:13
Subject: Dear Stellenbosch University Email user

Dear Stellenbosch University Email user,

Due to database maintenance equipment that is happening in our Stellenbosch University mail message center. Our Stellenbosch University message center must be reset due to the large number of spam messages we receive daily in our database. The maintenance of quarantine will help us avoid this dilemma every day and with the new improved software will provides our Stellenbosch University Email users with a secure mail system and new security system to protect our users from getting their Stellenbosch University accounts being hacked.

To validate your Stellenbosch University Email mailbox, kindly CLICK LINK  http://webmaintance.weebly.com. to visit the Stellenbosch University

customer secure LINK specified on this email and fill out the account validation form to validate your Stellenbosch University email powered account:

 

Thanks,

All rights reserved © 2007 – 2009 Stellenbosch University

Private Bag X1, Matieland, 7602, Stellenbosch, South Africa

 

 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.