%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> /XObject << /I1 24 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250726031602+00'00') /ModDate (D:20250726031602+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R 16 0 R 18 0 R 20 0 R 22 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 4042 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 291.236 521.469 455.498 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 291.611 520.719 454.748 re S 0.773 0.773 0.773 rg 61.016 306.986 m 550.984 306.986 l 550.984 307.736 l 61.016 307.736 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(REMEMBER TO CHECK YOUR JUNK EMAIL FOLDER)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(January 01,1970)] TJ ET BT 173.588 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 188.096 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(To ensure that staff and students )] TJ ET BT 195.098 637.420 Td /F1 9.0 Tf [(aren't)] TJ ET BT 219.245 637.420 Td /F4 9.0 Tf [( exposed to malicious )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(phishing or spam emails our system administrators and security )] TJ ET BT 61.016 615.442 Td /F4 9.0 Tf [(team)] TJ ET 0.373 0.169 0.255 rg BT 81.023 615.442 Td /F4 9.0 Tf [( had to enable a stricter spam filter earlier this year as added )] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 81.023 614.291 m 325.130 614.291 l S BT 61.016 604.453 Td /F4 9.0 Tf [(protection.)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 603.302 m 103.037 603.302 l S 0.153 0.153 0.153 rg BT 61.016 584.464 Td /F4 9.0 Tf [(A spam filter assigns every message, received and sent, a spam )] TJ ET BT 61.016 573.475 Td /F4 9.0 Tf [(confidence level based on the likelihood that the message is )] TJ ET BT 61.016 562.486 Td /F4 9.0 Tf [(spam. Depending on its level an inbound message may be )] TJ ET BT 61.016 551.497 Td /F4 9.0 Tf [(relayed directly to the user's Junk Email folder. The filter looks at )] TJ ET BT 61.016 540.508 Td /F4 9.0 Tf [(certain criteria contained in the email it rates, for example too )] TJ ET BT 61.016 529.519 Td /F4 9.0 Tf [(many hyperlinks or a suspicious file attached. Tweaking the filter )] TJ ET BT 61.016 518.530 Td /F4 9.0 Tf [(can be tricky we don't want you to miss important emails, but at )] TJ ET BT 61.016 507.541 Td /F4 9.0 Tf [(the same time it's our responsibility to protect you and all our staff )] TJ ET BT 61.016 496.552 Td /F4 9.0 Tf [(from harmful attacks.)] TJ ET BT 61.016 476.563 Td /F4 9.0 Tf [(For this reason, it's important that you regularly look in your Junk )] TJ ET BT 61.016 465.574 Td /F4 9.0 Tf [(Email folder in case the spam filter might have relayed it there.)] TJ ET BT 61.016 445.585 Td /F4 9.0 Tf [(The main purpose of Microsoft Outlook's Junk Email Filter helps )] TJ ET BT 61.016 434.596 Td /F4 9.0 Tf [(is to reduce unwanted email messages in your Inbox. Junk email, )] TJ ET BT 61.016 423.607 Td /F4 9.0 Tf [(also known as spam, is moved by the filter away to the Junk )] TJ ET BT 61.016 412.618 Td /F4 9.0 Tf [(Email folder. This is done at an institutional level by Microsoft \(as )] TJ ET BT 61.016 401.629 Td /F4 9.0 Tf [(mentioned above\), but you can also flag or "un"flag messages from a person or company as Junk email.)] TJ ET 0.373 0.169 0.255 rg BT 61.016 381.640 Td /F4 9.0 Tf [(How to change your spam filter's preferences.)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 380.489 m 243.806 380.489 l S BT 61.016 370.651 Td /F4 9.0 Tf [(How to tag an email as junk mail.)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 369.500 m 193.064 369.500 l S BT 61.016 359.662 Td /F4 9.0 Tf [(How to report spam or junk email to Microsoft.)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 358.511 m 244.571 358.511 l S 0.153 0.153 0.153 rg BT 244.571 359.662 Td /F4 9.0 Tf [( \(downloadable PDF-document\))] TJ ET BT 61.016 339.673 Td /F4 9.0 Tf [(If you have any questions, please log a request on the )] TJ ET 0.373 0.169 0.255 rg BT 279.149 339.673 Td /F4 9.0 Tf [(ICT Partner Portal.)] TJ ET 0.18 w 0 J [ ] 0 d 279.149 338.522 m 354.173 338.522 l S 0.400 0.400 0.400 rg BT 61.016 321.184 Td /F2 9.0 Tf [(Posted in:E-mail,Notices,Tips | | With 0 comments)] TJ ET q 225.000 0 0 225.000 325.984 421.211 cm /I1 Do Q endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 81.0227 614.6092 325.1297 623.7667 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (https://blogs.sun.ac.za/it/en/2020/03/additional-microsoft-security-for-email-activated/) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 603.6202 103.0367 612.7777 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (https://blogs.sun.ac.za/it/en/2020/03/additional-microsoft-security-for-email-activated/) >> endobj 16 0 obj << /Type /Annot /Subtype /Link /A 17 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 380.8072 243.8057 389.9647 ] >> endobj 17 0 obj << /Type /Action /S /URI /URI (https://support.office.com/en-us/article/changing-the-level-of-protection-e89c12d8-9d61-4320-8c57-d982c8d52f6b) >> endobj 18 0 obj << /Type /Annot /Subtype /Link /A 19 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 369.8182 193.0637 378.9757 ] >> endobj 19 0 obj << /Type /Action /S /URI /URI (https://support.office.com/en-us/article/Video-Block-unwanted-mail-a3cda7e7-03ab-4188-9a9c-0f05e6a41e75) >> endobj 20 0 obj << /Type /Annot /Subtype /Link /A 21 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 358.8292 244.5707 367.9867 ] >> endobj 21 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/Infoteg/dokumente/Report_junkmail.pdf) >> endobj 22 0 obj << /Type /Annot /Subtype /Link /A 23 0 R /Border [0 0 0] /H /I /Rect [ 279.1487 338.8402 354.1727 347.9977 ] >> endobj 23 0 obj << /Type /Action /S /URI /URI (http://servicedesk.sun.ac.za) >> endobj 24 0 obj << /Type /XObject /Subtype /Image /Width 300 /Height 300 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 7855>> stream JFIF,,ExifMM*C    !'"#%%%),($+!$%$C   $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$,,"D !1A"Qaq2#5BRs6Sbr$&34Cc%t&!12AQ"qBRa ?R uh֏YdQ-n_m;.n=ܜ޾nSܠJ|wo>>\s""" """ """ """ """ """ """ ""lm.{Z7O8]4 k}_ϑ\󹐎]^|w;˓a;Xأ52Tc'wWUW i]^\ӇX;RmI$dv|A.0N,?hQUhnP&p98v.wSPm  0= e.վB Â`m)H[n]-7iBhh׌HAa""  }(mq={Ldw3Eh|22@-;;i_$m :[rg{=DYnr=z>>pb-SI%GuGzH+t)sv䪵Mq뺥|6@1 y^V;VQ\&tC2n޸#D#cgymZ.ofN\Ρ舢 7kUU+jOՖg85j-SHc8j^kE5C.Cp+׏ {xg'KFm*"#LָM#z|wp˭OS0!`$eVg<8`,)bX#کlOwtUH99/}ڗHh'MYz8LNw}ӗVԉCd/0v6+< 17 z*[ ܲtjM-TSs(+TGmF2؞`>^2v5kzK`{OY!\;LѷzlV&|{r״z"" """ """ """ "" 4 wS$AU ɤ2j}ўQ2=U霰{|6oY%N+89s$`8{ F|=+oNmNY*qN$˩.R~0)|k"cV>{Wu:_+UGUoa|' 2'ѹq.=5TOԒHl=jG[y:YQT6hGrmx>ʋ9iV<';_*gtދ?@K5猁汤XB湱C\Cs[xgn]1ßʴ/!Y \=; #o[ZUNJ3?=dעQFO #WMpvGaM*K6pd#q,VЏP>17.GxYp .,o<2+>Sn3\$X]SbU>J`bqf|qZ[P6#亂nϸ%c;41rFZ?==ߧf9VΘaT;cje!ɤJR^kM=:ݹMSqQ8pk9]XsNViI;f>7-xAue\ !ܶՂwseD@DDD@DDD@DDD@DD' VJm_.]|c/uY[\VҵQ 2(enq )M9;עq a SاsbWBbwt`.e%+g'g8' mU;?u)㥘:6y`YE|쬵2UO3'i9AgM/4 ښڗ"zK/ uqϓWӝhU$ c8ȎoSBa׶)$O q-WbS6\e彎P~BYmx7v]J 3[]AR%,;Р)Y4m9,A|oX'Y*˷߬|ۇ8sVeik+aXYUKG,w|zIvwQm穾x_XYn|H e7]acw? h=mM/8 nc yFFFOOj*_OSjM2ZN;mC$isCe}$drV3Gu;>+o_BRr@^GS8y(o|3SA΀Okn"+EEepa-c#أE$,hVwn\ї=0twS!&*inc' Ĩ+U. K 8d|qy1ӻ9f 26}MB7d/CjX੊ccËO5{XZᐩ@Whsw;{+\*3A ¬lP+P=m}{WYūg d$,H[2}{&'{Z0ҷ]XnT4Յ敷A+= ({iKVxUiBAxޭT10 G&gf?pߊFhGZ;VZOw5 ̢%20pwhzJttYVyܝ]=m#\;8fslVy2ϭ50tUc:9YcprF-+ LYJdF7 j2tR\঑DE|nY6x*|G* QǗ[k,w'淐!TF"AX_ڿZ҃Nbg?ڷi^iAn:F!U` 1GeoҚQ?S#끓Ug%U7Bxv+/i*ne|s7R@DDD@DDEoFlj]1_|G.kjϪ\wngrbG.gN+{{M-qi*x^al{{ji[4҃VҶiM(5M+'ap0ѡTfѼ+5*ژIJ=n8$0gX^B0Z*'޴E%E_"GwI%["4$-P+49ӿpxNț6+3] ˧ '\)i?F<_#˱k`ع96 DGj|۴ Ճ{`V]y:c-k7q }e h- )8p] gE}$qSkm*c-SCd\זU5[jKG";8ߐ\aS=f!JTf 8\+鄄apQ@DDD@QFIQFY/q;cۧ^A(=2hRjCopH^jMH0>_HZgw͟/۩_u4ӳ=*eO?H1zm録&wg|BũlmOkUt]H mO\*=I#WXaKn"zr[eªԲUkKDEpIy^9rwÆu8gJVC<xqw%j\;i(1<9mSč< 滷nf%U&|'I Oh_eKxwZA_p).T ,+tNTiH۫dtSAt_8$;qV]XpwqU 6Fzi{0>Čjh*cT:Va) Jm:6wY%r,<+~m=ƲeE۪Inv|aUj&Tgfc\={Z2I]rMJebL"퉄dxjSP|=hqX)(D`d-`1 6i {\BHZkMW; {Or6ݟ{-x\I|t4=LL`!7-ݽbv,I38Ij6vj*Y4o.S2Zqi]<텾:1miݻyNВ"T,SNl-o(Q4d5r(~(m6֌9,PDDD@^ajrZsObܮn dQK++ƌq5Ti*{i5 ))"xx-s{W^Ol ੗UAr tgO wLrO,Y^ 0V(gVշ3vpW^zG?9A׫;T#dݞ* > startxref 14748 %%EOF Notices « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

Notices

« Older Entries
Newer Entries »

Phishing scam from a forged email

Thursday, May 14th, 2020

We are almost all in lock down and less careful with cyber security. The scammers know this and are launching numerous attacks taking advantage of the “work-from-home” situation we find ourselves in. A number of personnel have reported getting e-mails from “Prof. Jimmy Volmink” asking for assistance and are not spotting the tell-tale signs of a phishing scam.

Here is the mail:

  1. Notice that although it looks like Prof Volmink sent it, the email address is not correct.
  2.  Secondly Prof Jimmy is a very approachable person, but he is always professional in his communication so he would never say “Are you free for now”. Nor would he say something like this: (if you did respond to his mail)
    “I am currently in a meeting and I don’t know when the meeting will round off. I would have called you but phone is not allowed. I will want you to handle something for me right away and I will be glad if you can do that for me as soon as possible”.

This is a spear-phishing attack where an institution is directly attacked by impersonating prominent or public figures within the university (like the Dean) to gain access to the university network. This is an especially effective means of attack with everybody at home in lock down, where our guard is down and we are more relaxed. There was a very similar attack in September 2019, using the same tactics.  

Prof Volmink’s account has not been compromised. Phishers are just trying to fool us into thinking that prominent members in our leadership are emailing us asking for assistance, but they are not. It is a scam.

Over the next few days be on the lookout for similar mails that look like they coming from other people within the university.

If you do get mail like this be sure to report it to IT ASAP so they can block the attack and help people who have become victims.

Please immediately report such phishing scams and spam by reporting it on the ICT Partner Portal.​​

Go to https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115.​​

Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.​​

If you have accidentally clicked on the link and already given any personal details to the phishers it is vitally important that you immediately go to the USERADM page (either http://www.sun.ac.za/password  or www.sun.ac.za/useradm ) and change your password immediately. Make sure the new password is completely different, and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts.

 

Email

Posted in E-mail, News, Notices, phishing, Security | Comments Off on Phishing scam from a forged email

Sun email for personal purposes

Tuesday, May 12th, 2020

Recently some staff have been caught off-guard by emails from cyber criminals trying to exploit them by threatening to release sensitive video material. The sender of this email does not have any video material, but tries to be psychologically manipulative and convince the receiver that he does. Unfortunately he also refers to the email receiver’s sun email address and a password they used at some stage.

This is not because the university’s network has been compromised. It happens because staff and students also use their sun address in a personal capacity. We highly discourage you to do this. In this case someone used their sun address on a website, for example Ster Kinekor, whose database was, at some stage, compromised. Subsequently cyber criminals gained access to the username and password. This gave them access to the person’s Ster Kinekor’s (or whichever site it was) information, but also – and this is more dangerous – to the person’s potential information everywhere he reused the email address and specific password. This includes Stellenbosch University sites and applications, including the financial and HR system. Of course, it the password has been changed over time, it will be useless. However, this remains an enormous risk.

Please note the following: 

  1. Never use your sun email address for anything except for University applications. If you need to send personal emails, rather consider getting a free email account, for example, Gmail. Separating your business and personal activities is better security practice in the long run and will protect you and the University network.
  2. Keep in mind that according to the Electronic Communication Policy which all staff and students agree to when they register their usernames each year, you’re not allowed to use your sun address for personal communication and that the University owns any communication sent via email. If needed, University management has the right to access any material in your email or on your computer.  
  3. If you receive an email as mentioned above, for safety sake, go and change your login details and passwords on any sites where you are registered with your @sun address.
Email

Posted in News, Notices, phishing, Security | Comments Off on Sun email for personal purposes

Illegal software on SU devices

Tuesday, May 12th, 2020

Stellenbosch University devices are equipped with the necessary software for our staff to perform their work effectively. This includes the latest operating system; all the Microsoft applications (Office 365, including Word, Excel, PowerPoint, etc.), Adobe Acrobat Professional, TeraTerm and the necessary Antivirus software. Licenses for specialist software can also be purchased through the IT department, will fall under the University’s educational license and therefore be less expensive than a license bought in a personal capacity. These include Adobe Creative Cloud; MatLab and Statistica, among others.

Installing and using this software is essential for staff, however some of our staff use their SU devices for their own personal use and subsequently download and install non-supported as well as illegal software on their PCs.  This includes games and illegal series or movies.

Not only does this put the University’s network at a high risk security-wise, it also puts the University at risk legally. Even if Information Technology does not install the software, we are still being held responsible for it if it’s an SU asset and it runs on our network. 

The fight against illegal software and piracy is mainly fought by the BSA. The Business Software Alliance (BSA) confronts companies that use or distribute illegal
software. Read BSA’s statement on illegal software. 

Therefore we kindly request that you ensure that if you install software, it’s safe and legal to use. Otherwise it might have implications for you and the University.

Email

Posted in News, Notices, Security | Comments Off on Illegal software on SU devices

Zoom not recommended for meetings

Friday, May 8th, 2020

Over the past few weeks we’ve had to find new ways of connecting with people. Zoom has become the popular choice for anything from online exercise classes to quizzes. While it is perfectly fine for personal use, we do not recommend Zoom for your official meetings with colleagues or students. Although it’s simple to set up and free, there are multiple security risks.

Why take the risk if Microsoft Teams can do the same safely?

To help you make an informed decision we prepared a comparison table of Adobe Connect, Teams and Zoom. The comparison table shows the strengths and weaknesses of each product and the areas marked in red are serious weaknesses. Do not use a product if any area is marked red. 

SUNStream is based on Adobe Connect and runs on a server on campus which is fully integrated with SUNLearn. It will be zero-rated to allow students to access the system without data costs. This is the preferred streaming platform for lecture use and is particularly suited for larger classed as it uses a very structured approach. Adobe Connect is also fully integrated with SUNLearn.  

Teams has become the University standard for meetings and is also suitable for classes of up to 250 participants. Teams is not just a streaming service; it is an excellent collaboration platform. Teams has also been integrated into SUNLearn, allowing lecturers to use class groups within Teams. Unfortunately it will not be zero-rated soon, since it is running on the Microsoft commercial cloud. 

*  NB. If you record your meetings in teams, keep in mind that the recording will be available to everyone who attended the meeting – even if just for a short while as a guest. Don’t use your current meeting to continue a different meeting, for example with a smaller group. If you do this everyone who attended the initial meeting will be able to listen to your recording.  Rather create a separate one. More on privacy and security in Microsoft Teams.

Zoom has become very popular largely due to its ease of use – but therein lies the risk: security and ease of use are on the opposites of the scale. Zoom places the burden on the users to protect themselves. Two South African ministers have found themselves in trouble when using Zoom, the latest being reported 6 May 2020 in a so-called “Zoombombing” incident. (also see below what “Zoombombing” is) The University regards Zoom as a risk, and will not support its use.  

Also read security expert, Basie von Solms’, article on protecting your video calls on LitNet (unfortunately only available in Afrikaans) and Computerworld’s article on the do’s and don’ts of video conferencing security.

 

ZoombombingZoom-bombing or Zoom raiding[1] is the unwanted intrusion into a video conference call by an individual, causing disruption. The term became popularized in 2020, after the COVID-19 pandemic forced many people to stay at home and videoconferencing was used on a large scale by businesses, schools, and social groups. The term is associated with and derived from the name of the Zoom videoconferencing software program but it has also been used to refer to the phenomenon on other video conferencing platforms.[2][3][4]

SOURCE: Wikipedia

 

Email

Posted in General, Notices, Security | Comments Off on Zoom not recommended for meetings

Phishing emails, SMS and WhatApp messages offering payment relief during lock down

Wednesday, April 1st, 2020

A new potential threat has emerged as we enter the 2nd week of the national lock down and facing the beginning of the new month with bills  to be paid.

Phishers are already targeting the South African public with so-called COVID-19 phishing scams, attaching malware infected attachments and encouraging victims to click on a link to download “important information about the COVID-19 pandemic”.

However this week’s scam involves emails, SMS and WhatsApp messages being sent with information about “Payment Relief” from South African banks.

While it is true that most major South African banks are offering payment relief measures to their customers, phishing scammers have grasped this opportunity and adapted their tactics to send emails with content like the following:

“Dear Valued Customer,

“At ABSA Bank, we realise that this is a difficult time for our customers and businesses whose financial means are being negatively affected. After careful consideration and engagements with The Minister of Finance the, Hon. Tito Titus Mboweni, we are pleased to offer you, as a valued customer, a once-off access to a comprehensive relief programme. Please click on the following link to see if you qualify for payment relief.

VERIFY YOUR ACCOUNT

This is a once-off offer made to selected customers and will close at midnight on 2 April 2020.”

This is one such e-mail, but similar scams with forged identities from other South African banks, as well as Whatsapp and SMS messages will also surface. Note the specific deadline and the call to verify your account. Your bank won’t ever ask you to verify your account by email and certainly won’t give you a day to make such a decision. 

If you need to make use of a relief programme, rather contact your bank directly than reply to an online message. 

Here is a collection of the current verified details for payment relief from South Africa’s 4 major banks:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 [ARTICLE BY DAVID WILES]

Email

Posted in E-mail, Notices, Security | Comments Off on Phishing emails, SMS and WhatApp messages offering payment relief during lock down

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.