%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> /XObject << /I1 20 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250725062903+00'00') /ModDate (D:20250725062903+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R 16 0 R 18 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 4521 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 242.069 521.469 504.665 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 242.444 520.719 503.915 re S 0.773 0.773 0.773 rg 61.016 257.819 m 550.984 257.819 l 550.984 258.569 l 61.016 258.569 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(CAREFUL OF )] TJ ET BT 157.813 693.716 Td /F2 14.4 Tf [(REPLY ALL)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F3 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F2 9.0 Tf [(February 03,2021)] TJ ET BT 177.584 664.909 Td /F3 9.0 Tf [( by )] TJ ET BT 192.092 664.909 Td /F2 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(Last month some university staff's mailboxes were flooded with )] TJ ET 0.373 0.169 0.255 rg BT 61.016 626.431 Td /F4 9.0 Tf [(an email advertising services in what we call an email storm)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 61.016 625.280 m 299.084 625.280 l S 0.153 0.153 0.153 rg BT 299.084 626.431 Td /F4 9.0 Tf [(. )] TJ ET BT 61.016 615.442 Td /F4 9.0 Tf [(Apart from being disruptive, these emails weren't harmful, but we )] TJ ET BT 61.016 604.453 Td /F4 9.0 Tf [(would like to remind you of a five important things to keep in mind )] TJ ET BT 61.016 593.464 Td /F4 9.0 Tf [(before you send email to large groups:)] TJ ET BT 61.016 573.475 Td /F1 9.0 Tf [(1. ALWAYS use the BCC field, NOT the CC field.)] TJ ET BT 61.016 562.486 Td /F4 9.0 Tf [(If you use the BCC field instead of the CC field the )] TJ ET BT 264.119 562.486 Td /F3 9.0 Tf [(Reply All)] TJ ET BT 61.016 551.497 Td /F4 9.0 Tf [(option is disabled. Therefore recipients won't be able to )] TJ ET BT 283.343 551.497 Td /F3 9.0 Tf [(Reply All)] TJ ET BT 61.016 540.508 Td /F4 9.0 Tf [(and cause a flood of inconvenient emails.)] TJ ET BT 61.016 518.719 Td /F1 9.0 Tf [(2. DO NOT )] TJ ET BT 108.527 518.719 Td /F2 9.0 Tf [(Reply All)] TJ ET BT 147.038 518.719 Td /F1 9.0 Tf [( when you receive an email sent to )] TJ ET BT 61.016 507.730 Td /F1 9.0 Tf [(multiple people.)] TJ ET BT 61.016 496.741 Td /F4 9.0 Tf [(If you receive an email that has been sent to a large number of )] TJ ET BT 61.016 485.752 Td /F4 9.0 Tf [(people, please by default don't )] TJ ET BT 185.315 485.752 Td /F3 9.0 Tf [(Reply All)] TJ ET BT 220.820 485.752 Td /F4 9.0 Tf [(. You will only be causing )] TJ ET BT 61.016 474.763 Td /F4 9.0 Tf [(an unnecessary surge of emails and annoy your colleagues. If )] TJ ET BT 61.016 463.774 Td /F4 9.0 Tf [(you need to comment only email the sender or the relevant )] TJ ET BT 61.016 452.785 Td /F4 9.0 Tf [(people.)] TJ ET BT 61.016 430.996 Td /F1 9.0 Tf [(3. Advertising services or products on the SU network is not )] TJ ET BT 61.016 420.007 Td /F1 9.0 Tf [(allowed.)] TJ ET BT 61.016 409.018 Td /F4 9.0 Tf [(No staff or student member is allowed to advertise any services on the SU network. This is stipulated in the )] TJ ET 0.373 0.169 0.255 rg BT 61.016 398.029 Td /F4 9.0 Tf [(Electronic Communications Policy)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 396.878 m 196.547 396.878 l S 0.153 0.153 0.153 rg BT 196.547 398.029 Td /F4 9.0 Tf [( which staff and students agree to when reactivating their network access every year.)] TJ ET BT 61.016 376.240 Td /F1 9.0 Tf [(4. If you need to send official mass communication, consult the Digital Communications Office.)] TJ ET 0.373 0.169 0.255 rg BT 61.016 365.251 Td /F4 9.0 Tf [(The Digital Communications Office)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 364.100 m 199.553 364.100 l S 0.153 0.153 0.153 rg BT 199.553 365.251 Td /F4 9.0 Tf [(, a division of Corporate Communications, are responsible for campus-wide electronic )] TJ ET BT 61.016 354.262 Td /F4 9.0 Tf [(communication. They use specific platforms to distribute information and will be able to advise you on the most efficient )] TJ ET BT 61.016 343.273 Td /F4 9.0 Tf [(way of sending out your email.)] TJ ET BT 61.016 321.484 Td /F1 9.0 Tf [(5. Use SYMPA)] TJ ET BT 61.016 310.495 Td /F4 9.0 Tf [(If you regularly need to send out emails, you can use the SYMPA mailing solution. )] TJ ET 0.373 0.169 0.255 rg BT 390.173 310.495 Td /F4 9.0 Tf [(More information on SYMPA.)] TJ ET 0.18 w 0 J [ ] 0 d 390.173 309.344 m 506.714 309.344 l S 0.153 0.153 0.153 rg BT 61.016 290.506 Td /F4 9.0 Tf [()] TJ ET 0.400 0.400 0.400 rg BT 61.016 272.017 Td /F3 9.0 Tf [(Posted in:E-mail,Notices | | With 0 comments)] TJ ET q 225.000 0 0 225.000 325.984 421.211 cm /I1 Do Q endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 625.5982 299.0837 634.7557 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (https://blogs.sun.ac.za/it/en/2021/02/please-support-stias-email/) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 397.1962 196.5467 406.3537 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (https://sunrecords.sun.ac.za/controlled/C4 Policies and Regulations/C4_Electronic Comm_2003.pdf) >> endobj 16 0 obj << /Type /Annot /Subtype /Link /A 17 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 364.4182 199.5527 373.5757 ] >> endobj 17 0 obj << /Type /Action /S /URI /URI (http://www.sun.ac.za/english/corporate-communication/contact-us) >> endobj 18 0 obj << /Type /Annot /Subtype /Link /A 19 0 R /Border [0 0 0] /H /I /Rect [ 390.1727 309.6622 506.7137 318.8197 ] >> endobj 19 0 obj << /Type /Action /S /URI /URI (https://blogs.sun.ac.za/it/en/2020/03/sending-emails-to-large-groups/) >> endobj 20 0 obj << /Type /XObject /Subtype /Image /Width 300 /Height 300 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 18140>> stream JFIF``ExifMM*i2 &0000 t2012:02:10 11:04:062012:02:10 11:04:06 2012-02-10T11:04:062014-08-20T16:41:07 C   %# , #&')*)-0-(0%()(C   (((((((((((((((((((((((((((((((((((((((((((((((((((,," }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?(((((((((((((((((((((((((((RK]ҴGQURy[Jo*ҢK$. ;A Ԁ?Zùߡ"OԥeD"GO%4eVzOS0jW@e:?ռ}~13#㤱ho̊ٱK]g{@OhƦESCt:U{)J'ҶdmJSjEQEŠ((((((((((*p).PqQKqc,W ψ:nξa"lb> O!5k—O/1Yt_סzߋ4"-Q/mǓO^g ,(bb{L3I4Hŏj*c-!Q/:kǾ$ Nh?KN9?533f%I9&ΩIJSzMJ4mN*+Xu] ?AL7ccBB'yKޱia] >"Dŏ%h ^ ʍ;UHפN[#uYXeH#ڝIIhkR:%ݒxŧB+-{K~Ѥ^u}_fSE|oVBKK:[k$LT=ǵvR:OT|axj%/B|aᣲPXe?*ޠ1lq+آ%dpYNA*ucU^,,v]O׍>ю+C((((((()LU 1vM$U2} i9;-{VtHdpxW'j2mMq&5v#}}OPF;N۰/$,<9H,ߍV<-x %g8ǹלgTp+F1# hueWK_#ֽ RiWwÓ<dv~ic WK֡9`Eq_6y4SSaC N}eYP AKCd|#2b]oLauσq 6n<k Ƨ+Qgc093^H@=4WSlx1G"_co&?_\ emrVr t:f{J^XId=ME0_Mxʏ0z2 x h&~ 橅`si>WrPΒ8oCRUb9y`hԲׯBw "Vt/u'-IZAKQ 'Rt+ZgZ{Γ̻V密~9b3m}? }?gu76(xNC׵B3'Ug?2j(<`(((((bBp9*kljcBI'ZJ UQ۩>޾r{-= 36qLf)>ZOSPF4 yE؟wU (W{rPMx{v ?Z%R\eEg[* O5f;hbHB" P:*ZP9s[3yi>(Š((((+{|wҺ*|) Fp>אj|uɊq¾4``Tg;HOʟZƭ5u1KZf܏VF>W )$~7 VTj-bQEQQEQEQEPx- q@(ՒlW̟I&|91!?J*x '= {D2]@&**GdY{USkEH|~uPA$^;ww?SJ4 \_OG:akM{ >! 3ORkS%NjW`Kr{2kg Cv~]Yt㷛^^EWQEבPd(f5-v'yFK3y׈/aM {0lS N`'c %9?w=l7Tu-F׾%)?A_޵Y|u?rYسI5 $5-Ϧ-NԑDvmXoTOzƿ1wf"g#$隐W~3x^bP5u,mTTO/ɯM]Do+ba?,sƲC"Ir 5E^ҵ}GI/m0W?P:5q#p]6B^}FEr-QϫY2EC"O> ubgUU{fYN#-ti*xC`D_C^#+_z>iUkz:OXbiwئӢڢXdF~5%P {*yS+fz?1Zqnk7hI#b2k/ ˮxoNԗY~ GR>pJ!~o5 ( ( (p+-PCnOA_>Uי!cv'JO]N5/^ڞ#QMGm&Z&֥x2,$iS]4_W|SgbSH~0[5WxvQHnGgÁ.jMvB\{bW~gaEW~R(ɮ_#NHI8jz6hKȯxIpp~DA\wy\kHiqR%'ָq_v7,S#յ}GXc~z*(.Rrw% =,<:Q]<; _^_2e!Oֺo7r.ngbos[STZf;>`9]cK3Ώz/^/ȔgλcY~ }Cm3 zıUW—*_?Gu?#})w= 7B]y?آtK\> |[Ye@rߠ5 | O_~峷yifpq~|\i/5 sb8~!XlP9~RKl}+߈~Mxq]u#5?3Ƣm+z׬ZցBڼZf~T+R7>vYdMN̜,OF9K'{l}g?Q^8QEQEQE#)4[X珯֬"++~%jܛZsuy4ܷڹ2mj<]GRƞpȑ}I^40~1wB3 ~5x7yK'νl 9iw?:Wƪ+h/@cKY:V3'^y$Y?A7O\+_Cxṣ QEyǼ:f`S싓ʽ:w%HΆG;p~9W>i f2+$[f{3t5#ϙo#dsnzdtk]s樟xf"ؠ?뢕[e/WFG *.#o56 &}QEW~.QEQE^w>bA/c! GwJנ|O.6g /My{އzFQ^aQ; \^\I.}e56~ТIqf1~/Vʵ;z hX %b[@IG5赱sW?V[`xooS>HaƟcY/^YNdMh R,{p*xuev~a:$ߔO\]z'[;O٫ #{y05eKQEQ@Q@s~2ӟ]%r=}>!˾szx>[>9l=#kN/yѲ(>>vU8ؗlhRNvO}N\ry{_1k&W9mי)oWτI<\h)Tfmߚ@)7v~B+/iF𶗧[qc}_'f_xJa(.}^_GwjTWQEzGQ@ݾX OZĺpܪ>״x[ع'W_?:anm?_QR\lRգ3wȫk^匇WUg)I+g=?uMAEμ*K5˸>Qpq檼N'r鮲IEW~P#)#>d+ j:u ?qI^ԛQQ]OͼOз]|^gslZ?ȾP ğWW?et뇽y"x˦ɥGEQ@Q@q?,]q6-|k!\5}VXZ;سB(O̷F@ߘ-U/ ͳj?J$~Vq}){^1^AIMxq$}K)zȥ)W~·?;wtd_k-7ZFn?`},i$lV= zx~}ƔڭJ}kGQE`I+ĺYZX#ki )p}|Ϫ]7?9ƒ{W_+čxpFzAk]^~.Q;J[_IA>+?FTU_\|:!-:!kJWzL4*TE1LDRq|GQ e~~٣V_5uy]NS=:>XzUAծHE;̅EuQ^Jg.gsaEE%ku/4αN}i-ܶb=k>t(mRtͮ7G )G2_Fץh5T,_ë0+Т(([o]Mb7Oc|)+8_~+jDL9\6V9;ycV +nlQH9柣R|4̜omqw@ڼsqAմnU1?:R+˚Yy>;H/-x0pz4wHs%\a_ǯY⣢KU)JYqSu$z7&Ӱj х}Gjz5j6)et#t?k;쮢ḉ$O5t+:RFY I٭SRq^ ᯍv> {F>nB9\|eФbF#C?%{WŒ}~k_z&g 30 9f_}pH`j/7ZY~ָT9&Ve\-^LR]C%;'w0h+7G=6j׉klTחIog`1^?+YȭFH=mE]ӧ*Pg#W'漾h?X}vWͺG9{TkGfC}R uVt k˨mcigF՘QW#Xƞ!s"DØԏ}*4Yr3*yv֞wnz73k&֟eÏ?AWCE**ziש*waES2 ( ( :Ulr@;|FK˩׷^-_MGӎ _6Ɍ+?&*;HrZrG>qSU 1!CѺ}jy3Vgڄ_Uu? uir>yȜdW5-}Kģ~}`[ |Tޛ>Gp c"'E훌dy]Å\K%}BH5xiy:/^φVT )F*աipsֻ.C3 luם[Oi16b?yu5>*U~fBQޭ%M\n aGFV}-ѽr56:\luo5El-mZ\8\g]-Id՘wKYlJ=XqC&:;#-O1HK^L0dA~[ǺTvv&+xCˈP t#JJeGJ4ݟkƤ]Wݟ=EkBHՇzIݼ2 SWVn rxeY!vE9VS5n.P)ͱ)+Q1IȘyKf95Nrz6eO F' $$׼D֖fQ׺xᦓښ'~X V԰ө+2 &5>}??#WuF '٤/^EҥQcjZt^EVQEQEQEQExOVON+ψS 3*О5BXH+ {$e u3 +(&( wºE#Kgo ;}5r2Y薲YΔg׆icj6N(O򫖾%M?_x~kUthF?* =(q&4DYMAg~vW}HdZyqʃ?3B΋W5ܑWxzk.oyn{9^;?cQ9k9Y`JGVQÎ޵TGv9TJGtO^␉!O6a sd?7^+E*UeJ\:3 aKV^~G*2T;~_ek(q|>UnG/ |'Oz!Wm3LI.h2ܢ+(((()RQEQEQEQEQEQEQEQEQEG4K"akH*dC ')UhIGy=jJT{jFTO=oM z|@x g޽7C}L*u&1 GE|EtԆc8g|<~hjZ~eݽކ@5f'G:2[V.\ԑGEC`j\U_]s{|K{ j_(W}??UdTo2 +xpDq,V=_gz33R荩]wK7GǍ4M/"RFߐ_Vjm݉hgU[ Jn/_|S/^ Wpad{?=~k?> L\2ՇmR.o ]QA4W0EBR6_K ZNrw{P[8ъ/_.}EW~^QEQEQEQEQEQEQEQEQE#(#/AZPx28+do|<fg}G_WSObW"mYݐSII}z1L+Jя^'sƞߋxr?q8N>#Ew >{ @qKuGklj7Wb˟ִ Ÿ(|7gU8,Þum -.h>ִ$ǷsGm"tCU >oS-{DDXy5+V"O^gioenpEopāT} PQؼ~'.jr킊(9(((((((((((ѫuEW{8_ vU~:5'5jQ@ˤ/HS% [#X#^)@KEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQE endstream endobj xref 0 21 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000332 00000 n 0000000369 00000 n 0000000507 00000 n 0000000610 00000 n 0000005183 00000 n 0000005295 00000 n 0000005414 00000 n 0000005530 00000 n 0000005638 00000 n 0000005765 00000 n 0000005882 00000 n 0000006009 00000 n 0000006156 00000 n 0000006283 00000 n 0000006398 00000 n 0000006526 00000 n 0000006647 00000 n trailer << /Size 21 /Root 1 0 R /Info 5 0 R >> startxref 24956 %%EOF E-mail « Informasietegnologie
Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

E-mail

New variant of BIP Dharma ransomware found

Monday, June 11th, 2018

WHAT IS RANSOMWARE?

Ransomware, for example, CryptoLocker, WannaCry or BIP Dharma, is a type of malware that installs itself on a device, takes files on the device or network storage, encrypts them, and then extorts money from the user to unlock the files.  This type of programme can be installed by means of an e-mail attachment, an infected programme or unsafe website with malware installed on it. 

The software “kidnaps” your data by encrypting or limiting your access to it and then sending you a message demanding money to regain your access. The only way access is possible again is by acquiring an encryption key from the creator of the ransomware at a fee. However, paying this fee doesn’t guarantee that you will have access to your data again, so doing this is a huge risk.

According to Sophos security ransomware is one of the most widespread and damaging threats that internet users face today. 

HOW TO AVOID BECOMING A RANSOMWARE VICTIM 

You can practice the following security practices to avoid falling victim to ransomware.

1. Make backups

Ensure that you always have the latest backup of your work somewhere else, preferably off-site. If you do fall for a ransomware attack, you will still have your data. Having your data off-site also protects it from events such as a fire, flood or theft or damage to your device. Additionally, you can encrypt your device to ensure that if it ends up in the wrong hands, they won’t be able to access it. 

2. Do not open attachments

If you receive an attachment from someone you don’t know. And even if you do know the person, first confirm whether they did send it to you. Just because it’s from someone you know, it doesn’t mean it’s safe. Your colleague or friend’s account could have been hacked. 

3. Scan attachments

There are tools such as VirusTotal available for scanning attachments to ensure that they are safe to open. VirusTotal is an online scanning tool and can be found at https://www.virustotal.com/#/home/upload.

4. Keep Windows updated

Make sure all Windows updates are installed as soon as they come out. Also make sure you update all programmes, especially Java, Flash, and Adobe Reader. Older programs contain security vulnerabilities that are commonly exploited by malware distributors. Therefore it is important to keep them updated.

5. Security software

Make sure you have some sort of security software installed. If you are unsure whether you have adequate protection on your device, contact us to assess your security.

6. Difficult password

Use hard passwords and never reuse the same password at multiple sites.

 

[SOURCE: www.sophos.com]

 

Tripadvisor phishing scam

Monday, June 4th, 2018

It seems that there are a number of you who make some use of TripAdvisor.com for planning your overseas trips. TripAdvisor is travel and restaurant website that provides hotel and restaurant reviews, accommodation bookings etc. but the phishing scammers are currently targeting South African and Australian users with a phishing scam to try to get access to their TripAdvisor account.

Be on the lookout for a phishing scam that *might* target university personnel and student accounts over the next few days:

Hi <your name>,

Want to keep your username?
Since you haven’t been on TripAdvisor in a while, your username <your TripAdvisor username> will expire in two weeks. Want to keep it? Simply click on the button below:

Keep my username

While this might not seem to be much of an issue for some people, the real danger is that, in many cases, university personnel and students – some making use of TripAdvisor,  use the same password for all their Internet accounts. According to a recent Ofcom report, over 55% of Internet users older than 16 used the same password for most – if not all! – the websites they tended to use.

If you do use the same password for lots of sites, and one of those sites are hacked, (like Tripadvisor) and hackers could start using your “leaked password” on multiple sites, they could gain access to more areas of your life such as your email, banking, social media and other accounts.

A very useful site to check if any of your online account have been hacked is https://haveibeenpwned.com/ This site helps you to check if you have an account that has been compromised in a data breach. 

I concede that remembering passwords can be a real challenge, especially if you have a lot of online accounts. I recommend using password management software – also sometimes known as a password vault – like 1Password, KeePass and Lastpass.

Password management software can remember all your hard-to-crack passwords for you (they can even generate them to make sure they’re super complex), and store them securely behind one master password.

Please be very careful out there. Don’t become a statistic or a victim of identity theft!

[Article by David Wiles]

Phishing mail using intimidation and threats

Friday, June 1st, 2018

There is no need to panic or be in anyway concerned for your personal safety about the latest batch of “phishing” emails that are going out with “death threats” or extortion regarding your “alleged” online activity around pornography sites etc.

A simple Google search using the following term “I Was Paid To Kill You scam” gave me 43 million results, all of the first 100 or so pages reporting this mail as a scam. A further search, narrowing the results down to only South Africa and only from last week, resulted in a little over 100 000 results, all of which were reporting as a hoax.

A similar scam first surfaced in the USA in 2006. An email from a would-be assassin was sent to a number of users from a Russian e-mail address. The “assassin” apparently appointed by a close acquaintance of his target, offers the victim the opportunity to buy him or herself a new lease on life by paying between $50,000 and $150,000.

If you receive mail like this, you should never panic. If you look at the extortion mail there are clues that reveal that the mail is a hoax:

  1. The subject line: “I Was Paid To Kill You”, “YOU SHOULD BE ASHAMED OF YOURSELF”, “YOUR PRIVACY HAS BEEN COMPROMISED”
    These are designed to cause anxiety, stress and panic.
  2. Time limits: “You have 48 Hours to pay…”
    How can the scammer know that you have received the mail and when you have read the mail and keep track of time to see if “48-hours” has passed?
  3. Engagement: “Contact me back via e-mail…”
    Never make contact with the scammers. This immediately alerts them that a “real person” read their mail and they will be able to concentrate their nefarious efforts on you.

If you ever receive emails like these, please report is to the Information Technology Cybersecurity Team using the following method:

Send the spam/phishing mail to help@sun.ac.za and sysadm@sun.ac.za.

Attach the phishing or suspicious mail on to the message if possible.
1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

[Article by David Wiles]

Phishing scam disguised as the university’s single-sign on page

Wednesday, May 16th, 2018

Due to the vigilance of an observant personnel member from the US Business School, we have encountered a dangerous phishing scam being sent from a compromised UNISA account.

The Subject is “Dear SUN E-mail User © Copyright 2018 Stellenbosch University” which should immediately raise eyebrows. The phishing email “warns” you about the pending expiration of your e-mail account and prompts you to click on a link to reactivate it.

See below what the mail looks like:

The danger is that the phishing scammers have perfectly forged the university’s SINGLE SIGN-ON page, that is used by students an personnel to access the portal pages, the my.sun.ac.za page, SUNLearn etc., as you can see below. Not many people will notice that the address is not a university address, neither is it secure.

It is imperative that you do not click on the link in the mail, and do not provide the scammers with your username and password as they might be able to access the university’s systems that are accessible through the Single Sign-On page.

Last year scammers were able to forge the e-HR login page through a phishing scam and several staff members had their bank accounts details and other personal details exposed to the scammers.  In the light of the issues that Tygerberg staff have been having with general network access earlier this month, and this week’s issue with e-mail, the arrival of this sort of mail at this time can fool some people into thinking that it is legitimate and lead to compromised network and e-mail accounts.

Here’s how to report any phishing or spam mail:

Send the spam/phishing mail to help@sun.ac.za and sysadm@sun.ac.za.

Attach the phishing or suspicious mail on to the message if possible.
1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

[Information supplied by David Wiles]

Clear the clutter

Thursday, April 26th, 2018

In June 2016 we were introduced to Office365, but do we really know how all the functions of this online mail service work?

One such a function is the “Clutter Folder”. 

We have had many students (and some staff) who have reported that “email was missing” or that they were not receiving mail sent to them by mailing lists. While we initially thought that this was caused by users deleting mail or a problem with the email servers, an investigation revealed that in many cases the Clutter folder was the culprit. 

As it was originally designed, the Clutter folder was supposed to help users filter low-priority email, saving time for more important messages. Supposedly, the email server would keep track of the email users read and the ones they didn’t and put them into the Clutter folder. For all new students, as well as staff, the mailbox feature “Clutter” is turned on. Once it is turned on, Clutter is automatic.

Because mail is left unread for a couple of days, Outlook 2016 starts sending a lot of mail to the Clutter Folder, leaving students to complain that mail is not being delivered and “important mail is missing”. All the “missing” mail is still there. It is just in the Clutter Folder.

The best solution is to disable the Clutter folder entirely, so unread mail is not sent there. Here is how to do it:

  1. Sign in to Outlook Web Access (http://www.sun.ac.za/webmail)
  2. In the top right-hand corner, click the small cog icon. A sidebar will appear.
  3. Near the bottom of the sidebar is a heading saying My App Settings.
  4. Click Mail underneath this and you will be taken to the Mail Options page.
  5. On the left menu, underneath the Automatic Processing menu item, click Clutter.
  6. Uncheck the box that says Separate items identified as clutter
  7. Click the Save button at the top of the page.

Once the Clutter filter has been disabled, you can then move all your “missing” mail in the Clutter Folder to your Inbox. 

 

[Information supplied by David Wiles]

 

 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.