Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

E-mail

Warning: Sextortion scam

Monday, February 1st, 2021
There is a “sextortion” email making the rounds at the moment and with many personnel and students still working andstudying from home, many are concerned about the risks.
 
“The device has been successfully hacked” is a new ‘sextortion’ email scam for 2021. This email scam, like most sextortion scams, relies on “social engineering”, a process through which the scammers induce shame, panic or guilt. The scammers (the authors of the email) claim that they obtained material compromising the user (because of a computer hack, email account hack, router hack, etc) and threaten to publish it if the ransom is not paid. None these claims are true in any way; they are just deception.
 
The “The device has been successfully hacked” email message says that someone successfully hacked the recipient’s device and monitored it for a long time. The hacker claims that this was made possible by a virus installed on the device when the user visited the adult site. Using this virus, the hacker was able to record a video that compromises the user, and gained access to the user’s personal contacts, instant messengers, and social networks. If the recipient pays $1300 in Bitcoin, the hacker promises to delete all the data. Next, the scam email contains the bitcoin address to which the ransom should be transferred. This email is just a sextortion scam, and all the statements are fake. 
 
What to do when you receive the “The device has been successfully hacked” SCAM:

  • Do not panic.
  • Do not pay a ransom.
  • If there’s a link in the scam email, do not click it, otherwise you might unwittingly install malware or ransomware on your computer.
The mail will come from several e-mail addresses, which might very from user to user. Scammers use thousands of “throw-away” e-mail addresses to send out these scams.
 
If you do get such an e-mail use one of the two methods below to report it to IT Cyber Security as soon as possible. This way IT can filter and block the senders

By reporting it on the ICT Partner Portal.​​

Go to https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115. 

Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.​​

If you have accidentally responded to the phisher and already provided them with your personal details, it is vitally important that you immediately go to the USERADM page (either http://www.sun.ac.za/password or www.sun.ac.za/useradm and change your password immediately.)

Make sure the new password is completely different and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts. Contact the IT HelpDesk if you are still unsure.

[ARTICLE BY DAVID WILES]

Phasing out of generic IT email addresses

Wednesday, October 7th, 2020

Until now we have used a selection of generic email addresses for enquiries from staff and students. In previous years these mailboxes were attended to manually, but in recent years, with the implementation of the ICT Partner Portal, they have been set up to automatically log a request.

For example, if you emailed quote@sun.ac.za to enquire about hardware components, your email would automatically log a request for information on your name on our platform. Likewise, if you emailed help@sun.ac.za to contact the IT Service Desk, it would log a request on your name. 

However, soon this will no longer be the case. These generic addresses will be phased out gradually and the only way of requesting a service or information will be to log a request on the ICT Partner Portal. (Also see our FAQs on logging a request)

Above mentioned applies to the following email addresses:

help@sun.ac.za
helpinfo@sun.ac.za
software@sun.ac.za
quote@sun.ac.za
student@sun.ac.za
telecom@sun.ac.za
students@sun.ac.za
itkursus@sun.ac.za
ittd@sun.ac.za
portalhelp@sun.ac.za
pbk@sun.ac.za
csirt@sun.ac.za
soc@sun.ac.za
ithub@sun.ac.za

If you have any enquiries please log a request on our ICT Partner Portal.

Unsubscribe from Cortana notifications

Wednesday, August 5th, 2020

Recently Microsoft activated an automatic status update which is sent to students and staff. According to the company new Microsoft 365 experiences, such as the Briefing email and Play My Emails, were enabled using Cortana enterprise services. These features are currently available for Stellenbosch University staff and students.

However, you can unsubscribe from these emails by clicking unsubscribe at the bottom of the email or unsubscribe at https://cortana.office.com/

Phishing scam from a forged email

Thursday, May 14th, 2020

We are almost all in lock down and less careful with cyber security. The scammers know this and are launching numerous attacks taking advantage of the “work-from-home” situation we find ourselves in. A number of personnel have reported getting e-mails from “Prof. Jimmy Volmink” asking for assistance and are not spotting the tell-tale signs of a phishing scam.

Here is the mail:

  1. Notice that although it looks like Prof Volmink sent it, the email address is not correct.
  2.  Secondly Prof Jimmy is a very approachable person, but he is always professional in his communication so he would never say “Are you free for now”. Nor would he say something like this: (if you did respond to his mail)
    “I am currently in a meeting and I don’t know when the meeting will round off. I would have called you but phone is not allowed. I will want you to handle something for me right away and I will be glad if you can do that for me as soon as possible”.

This is a spear-phishing attack where an institution is directly attacked by impersonating prominent or public figures within the university (like the Dean) to gain access to the university network. This is an especially effective means of attack with everybody at home in lock down, where our guard is down and we are more relaxed. There was a very similar attack in September 2019, using the same tactics.  

Prof Volmink’s account has not been compromised. Phishers are just trying to fool us into thinking that prominent members in our leadership are emailing us asking for assistance, but they are not. It is a scam.

Over the next few days be on the lookout for similar mails that look like they coming from other people within the university.

If you do get mail like this be sure to report it to IT ASAP so they can block the attack and help people who have become victims.

Please immediately report such phishing scams and spam by reporting it on the ICT Partner Portal.​​

Go to https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115.​​

Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.​​

If you have accidentally clicked on the link and already given any personal details to the phishers it is vitally important that you immediately go to the USERADM page (either http://www.sun.ac.za/password  or www.sun.ac.za/useradm ) and change your password immediately. Make sure the new password is completely different, and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts.

 

Phishing attack from compromised staff account with attached “Secure Message”

Wednesday, May 6th, 2020

With most students and personnel all working from home during the national lockdown, and with the reduced security (and watchfulness) of home computers and personnel/students in their home environment, and with many forced to use unfamiliar means of communication and collaboration like Teams, Zoom, Skype and Skype For Business, the environment is ripe for exploitation by phishers.

The following e-mail (with an infected attachment) is making its rounds at the moment from  a staff email.

If you get an email that look like the following do not open or respond to it. It is quite likely that the personnel doesn’t even know his account is compromised.

Please be careful when opening up attachments “sent” by colleagues especially if they are unannounced or the e-mail makes you feel a bit suspicious. Always trust your instincts.

 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.