Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

E-mail

Even e-mails can be hijacked

Friday, November 21st, 2014

1102037_mailOver the past few weeks we’ve recorded an unsettling increase in phishing incidents at IT. This isn’t a new occurrence. Earlier this year a similar incident occurred at Tygerberg campus.

However, the risk of phishing is increasing rapidly due to our increased usage of social media with sites such as Facebook, Twitter, Instagram, etc. These large websites are targeted as they provide an ample amount of user data to be harvested.

To access all these sites you also need a username and password and unfortunately most people have the tendency to consistently use the same password. By doing this, you make it easier for a cyber-criminal to, not only access your social networks, but other information as well. When you also use your sun e-mail address, you expose Stellenbosch University.

If a cyber-criminal gains access to your sun inbox, he not only has access to your own and SU information, but he can also send mass e-mails to anyone from your name. As a result SU e-mail servers are flooded by huge amounts of e-mails and this affects all users on campus negatively.

Secondly, it can also cause damage to your reputation since you’re the sender, even if you’re not responsible. Your address might even be blocked on our servers due to your unknowing behaviour.

In a recent incident IT only became aware of a staff member who fell victim to phishing after the office of the Deputy President, Cyril Ramaphosa, laid a complaint.

Never use your SU username or password to access any external website. Rather register your own, unique address at Google (www.gmail.com), Yahoo or any other free e-mail service. By doing this, you’ll ensure that your private and work information stays separate and the risk of exposing SU systems and sensitive information will be decreased.

Additional information regarding phishing can also be found on our wiki.

Phishing scam warning: Your Apple Profile Suspension

Monday, November 3rd, 2014

Scammers have trawled the university web pages and perhaps even obtained e-mail addresses via compromised computers within the university, and are using these stolen addresses to create a phishing scam that can be dangerous, if you respond, especially if you have an Apple device and use iCloud etc.

The Subject will be “Your Apple Profile Suspension” (Notice the use of capitals for each word, already a sign that something is not right…)

Below is an example of such a mail. Do not respond to this mail, click on any of the links and fill in any details, on any page you might be directed to. This is a scam and you should firstly add the sender to your Blacklist, blacklist the subject line and consign the mail to your junkmail folder.

Here is the mail with the dangerous stuff filtered out, just in case you like clicking on links!…

From: Apple Accounts [mailto:hackedaddress@sun.ac.za]
Sent: Friday, 31 October 2014 17:36
To: Stolen US Adress, AN <stolenaddress@sun.ac.za>
Subject: Your Apple Profile Suspension

Dear stolenaddress@sun.ac.za

This email is to to inform you we regret to announce you that your Apple Account (stolenaddress@sun.ac.za) has been temporarily locked until we can certify your Apple ID details on file. This security measure to safeguard your iCloud Account from unapproved usage. We apologise for any inconvenience.
How do I validate my Apple ID and unsuspended my Apple ID?
Just click the link below to verify ownership of your Apple ID. Log-in in using your iCloud Account and password, then read the instructions.>> Validate My Apple/iCloud Account

When using Apple devices and services, you’ll still sign in with your usual email account as your Apple login.

If you have questions or want support, visit the Apple ID Support site.

Kind Regards,
Apple Identity Verification

Resolution ID: #H8MND945-ID129

Apple Account | Support | Privacy Policy | Manage Subscriptions
Copyright © 2014 iTunes Sarl 88-27, Rue Sainte Zithe, L-410810 Luxembourg‎ All Rights Reserved.

[INFORMATION SUPPLIED BY DAVID WILES]

Public folders vs resource mailboxes

Friday, October 24th, 2014

If you have been using public folders up till now to organise meetings and events in your department, there may be an easier, more practical option available to you.

By sending an email to help@sun.ac.za you can request that the public folders you are using now be converted to resource mailboxes or to request the creation of new resource mailboxes.

But why should you use resource mailboxes instead of public folders?

  • If you send a meeting request to a resource mailbox, that resource mailbox will Accept or Decline the meeting request.
  • It happens automatically without any intervention of a human being
  • You do not have to worry about double bookings for the same date and time at the same venue.
  • You’re meeting request to a resource mailbox cannot be changed or deleted.
  • Only the owner of the resource mailbox can change  or delete meeting requests.

What are public folders?

A public folder is a feature of Microsoft Exchange Server that provides an effective way to collect, organize, and share information with others in an organization. Typically, public folders are used by project teams or user groups to share information on a common area of interest. When you are connected to your Exchange server, folders labelled “Public Folders” appear in the Microsoft Outlook Folder List in the Navigation Pane. You can manage these folders from Outlook. Public folders can contain any type of Outlook folder item such as messages, appointments, contacts, tasks, journal entries, notes, forms, files, and postings. You can also add a shortcut to any public folder to the Favorites folder under Public Folders. (http://office.microsoft.com)

Up till now this is what public folders in Outlook looked like:

1
2
What is a resource mailbox?

A resource mailbox is a mailbox that represents conference rooms and company equipment. Resource mailboxes can be included as resources in meeting requests, providing a simple and efficient way to manage the scheduling of resources for your organization.

Room mailboxes are assigned to a meeting location such as a conference room, auditorium, or training room. Equipment mailboxes are assigned to a resource that is not location specific, such as a portable computer projector, microphone, or company car. (http://blogs.technet.com)

This is what the new resource mailboxes look like: 

3
How do I add a resource mailbox in MS Outlook 2010?

Send an email to help@sun.ac.za and request that the public folders be converted to resource mailboxes. When you get confirmation that it has been done, follow the next steps:

Create a new meeting request

Select All Rooms in the Address Book

4
Scroll down to the Room you want to add as a resource mailbox
5
VERY IMPORTANT: Please Take note of the Alias (see the 7th step further down)
6
Click on File, Info, Account Settings
7
Select your email address and click on Change
8
Click on More Settings
9
Type the name of the resource mailbox that you want to add – remember that Alias of earlier – it is the name you have to type here
10
Click Apply, OK, Next Finish
11
Go back to the Home button and click on Folder List
12
The added Resource Mailbox will display
13
Click on Calendar to view the calendar of the resource mailbox.

Lose your cellphone, lose your info

Friday, October 24th, 2014

If you lost your cellphone today, what would a criminal have access to? Your smses? Your banking details? Your private documents saved in your e-mail? Or sensitive work documents even?

And yet, we carry this invaluable information with us every day. We absentmindedly wander around talking in public while we’re within reaching distance of any opportunistic criminal. But there are also other ways to access information on your phone by means of spyware and other suspicious software.

We use our cellphones more and more to organise and plan our lives and at the same time, make ourselves more vulnerable.

However, there are a few measures you can take to ensure you don’t become a victim.

1. PASSWORD OR PIN

This is your most important first line of defense. Without a PIN or password, anyone can get hold of your cellphone, access your e-mail, bank details, sms and personal information.

smartphone-icon-1340911-mAnd Microsoft’s head of online security agrees.”Using a PIN or unique password is the single most important thing to do as a user of a smartphone to protect the device, the data and your reputation.” According to Beauchere the data on your phone is also more recent than the data on your desktop or laptop. This increases the risk even more.

Last year Microsoft conducted a worldwide online survey regarding the usage of PINs. 10 000 desktop and mobile device users from 20 countries took part. Only 28% of these used a PIN on a device.

2.CELLPHONE APPS

Be very careful which apps you download and where you download them from. It’s great having an app to streamline your life or one to entertain you, but weigh the pros and cons against each other.

Even if an app looks nifty, rather download a similar one from renowned app shops like iTunes, Google Play and Amazon. So some research. Read other readers’ comments, how they rate the app and if they experienced any problems with it.

3. DUBIOUS LINKS

According to research people are 3 times more likely to click on a link on their phone than one on their PCs. The fact that the screen is smaller and dubious links not as easily recognised could be the reason. Be suspicious of request for personal information you receive via links in sms, e-mail or social networks. By clicking on them, you run the risk of identity theft.

4. UNPROTECTED WI-FI

When you use an open WI-FI network in coffee shops, malls and other public places you information isn’t securely sent through the air. Any other person can intercept it during transmission. If you have to do banking on your phone or work with sensitive information, rather wait till your at work or home and have access to a secure WI-FI network.

5. SPYWARE

Without a password cyber criminals can load spyware on your phone and track your sms records, e-mails, banking transactions and location. To prevent this from happening, activate a password or PIN on your phone or download an app from a reputable store to scan for and remove spyware and viruses.

If you’d like to read more on cellphone security, wikipedia has extensive information.

[SOURCES: www.rd.com, www.computerworld.com]

The cloud is coming

Friday, September 26th, 2014

Within the next few months Matie students will be able to send e-mail like never before.

If you’re a regular Twitter user or sometimes wander around in the Neelsie or Library, you’ve probably seen notices referring to the “cloud”. Don’t worry, we’re not talking about the unpredictable Cape weather. On the contrary, this cloud brings good news.

Student numbers have been increasing rapidly over the past few years and with it the need for more e-mail storage space. Up till now student mail has been hosted on the university’s mail servers, but we’re starting to run out of space.

Information Technology has been investigating all the possible solutions and came to the conclusion that Office 365 would be the best choice for student e-mail.

MS Office and Microsoft operating systems are already used in student computer user areas and would integrate seamlessly with this existing technology.

With the e-mail cloud project Stellenbosch University will be entering a new phase for e-mail and although staff e-mail will also eventually be migrated, the biggest need is currently moving student e-mails.

The target date for migration is October, but we will continuously keep students updated on developments through Twitter.

A website will be made available where students can do the migration themselves and start testing the cloud platform. Students can choose when they want to migrate. Those who haven’t migrated by December, will automatically be moved by IT to Office 365 before the end of the year.

But why struggle with limited space, when you can have a whole 50 GB space to your disposal. Office 365 also offers other advantages such as storage space on OneDrive and online access to Microsoft applications like Word, Excel, etc.

If you want to stay updated on the e-mail cloud project, follow us on Twitter at @ITStellenUni or #theitcloud.

 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.