Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

E-mail

“Sextortion” scams

Tuesday, April 28th, 2020

There has been a resurgence of “sextortion” phishing scams recently but with a slight twist.

“Extortion phishing” or “sextortion” is an aggressive form of a phishing attack that targets potential victims in an e-mail demanding bitcoin in exchange for a promise of non-disclosure of an alleged sexual offence.

The aim of these sextortion e-mails is clear – to force their intended victims to pay up for their silence, or the footage will be shared on social networks. Ultimately this is a typically insidious scam that could easily snare an unsuspecting user.

This variant however has an added twist, in that the phishing scammers are displaying a stolen password (from other websites) that their victims use, to grab their victim’s attention.

It is usually those other websites (e,g,. hotmail, Instagram, Paycity or Facebook) that hackers use to gain access to our data, so changing those passwords are very important.

As in the example below we received earlier this week:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Several students and personnel say that they have also received similar phishing e-mails, and that password that they had used were displayed in the subject line. They were all concerned that their network account was under attack.

If you receive such a mail, there is little danger to you UNLESS you

  1. respond to the sender
  2. still use that same password for other non-university accounts and use a variation of that password.

If it is an old password that they are displaying, then the danger to you is relatively small, but if you are still using it on a different website or application please change and update immediately.

[ARTICLE BY DAVID WILES]

Phishing emails, SMS and WhatApp messages offering payment relief during lock down

Wednesday, April 1st, 2020

A new potential threat has emerged as we enter the 2nd week of the national lock down and facing the beginning of the new month with bills  to be paid.

Phishers are already targeting the South African public with so-called COVID-19 phishing scams, attaching malware infected attachments and encouraging victims to click on a link to download “important information about the COVID-19 pandemic”.

However this week’s scam involves emails, SMS and WhatsApp messages being sent with information about “Payment Relief” from South African banks.

While it is true that most major South African banks are offering payment relief measures to their customers, phishing scammers have grasped this opportunity and adapted their tactics to send emails with content like the following:

“Dear Valued Customer,

“At ABSA Bank, we realise that this is a difficult time for our customers and businesses whose financial means are being negatively affected. After careful consideration and engagements with The Minister of Finance the, Hon. Tito Titus Mboweni, we are pleased to offer you, as a valued customer, a once-off access to a comprehensive relief programme. Please click on the following link to see if you qualify for payment relief.

VERIFY YOUR ACCOUNT

This is a once-off offer made to selected customers and will close at midnight on 2 April 2020.”

This is one such e-mail, but similar scams with forged identities from other South African banks, as well as Whatsapp and SMS messages will also surface. Note the specific deadline and the call to verify your account. Your bank won’t ever ask you to verify your account by email and certainly won’t give you a day to make such a decision. 

If you need to make use of a relief programme, rather contact your bank directly than reply to an online message. 

Here is a collection of the current verified details for payment relief from South Africa’s 4 major banks:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 [ARTICLE BY DAVID WILES]

Sending emails to large groups

Monday, March 2nd, 2020

Occasionally it is necessary to send emails to external students or other large groups of people who are not part of the sun domain. If you are currently using Outlook distribution lists we recommend that you switch to the much more user-friendly and functional Sympa mailing list management platform.

The reason for this is that Microsoft has started to limit the number of emails a sun email address can send to to 30 external email addresses per minute. Therefore, if you send to more recipients, Microsoft automatically blocks your account as their attempt to prevent spam. More detailed information on Microsoft’s policies regarding email limits, can be found on their website.

For many years the university has been using Sympa as mass mailing solution successfully. In fact, many of our staff and students use it to administer their lists. 

Sympa is a mailing list management (MLM) software and has its roots in the academic computing community in France. Its name, which is an acronym for Système de Multi-Postage Automatique (i.e. Automatic Mailing System), also means “nice” or “friendly” in French. We’re not sure exactly why the French decided to call their mailing list system “nice”, but we can confirm that it is “friendly” to use.

By using Sympa as a platform for your group emails, you will have better control over your emails and access to handy functions such as:

  • appoint one or several moderators;
  • manage subscriptions and unsubscriptions;
  • add a shared document web space at the subscribers’ disposal;
  • answer questions from subscribers and potential subscribers about the list
  • read the list archive;
  • search in the message archive;
  • review members of the list;

As you can see, Sympa offers much more functionality than your normal Outlook distribution list. Any staff member can use Sympa, simply go to https://sympa.sun.ac.za/sympa.
If you need any assistance in setting up your Sympa distribution list, please log a request for assistance on the ICT Partner Portal.

New warning banner for your email

Tuesday, February 4th, 2020

The nature of cyber-attacks is always evolving and Information Technology, with the help of staff and students, has to do everything within our power to try and prevent them.

In an attempt to tighten cyber security on campus, we will soon provide a new warning which can identify the origin of an email. By establishing the origin of email, it’s easier to protect against cyber security risks such as malware, spoofing and phishing. 

From now on, every time you receive email from outside campus a yellow banner will be displayed at the top of your email:

Click for a larger image

 

Click for a larger version

When staff or students receive a potentially dangerous email which seems to have been sent from a colleague with a sun.ac.za address, they will immediately be able to see that it is, in fact, not from their colleague, but from an address outside the university.

Just keep in mind that the banner does not indicate that the email is necessarily a security risk, but that the possibility exists and that you need to be extra careful when responding to it.

We will continuously assess the effectiveness of this decision and reconsider if necessary. For any additional enquiries, please send an email to help@sun.ac.za.

Phishing from staff email

Monday, October 14th, 2019

An email with the subject “Purchase Order 98474” has been sent from a sun email address to staff and students. The email ask you to click on a link to open your purchase order information (also see image below)

This is not a legitimate email, but a phishing attempt from a compromised university account.

By clicking on links and providing your information, you give criminals access to your personal information and your accounts. If you think your account or device has been compromised or you notice suspicious activity:

Immediately change your password on www.sun.ac.za/password.

Contact the IT Service Desk by logging a request or calling 808 4367. 

 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.