• Recent Posts

  • Categories

  • Archives


Types of phishing attacks you need to know to stay safe

Friday, November 3rd, 2023

Phishing has evolved from a single technique into many highly specialised tactics, each adapted to specific types of targets and technologies. First described in 1987, phishing is now carried out via text, phone, advertising, and—of course—email.

Boiled down, all these tactics exist for the same purpose—to swipe confidential information from an unsuspecting target in order to
extract something of value. But knowing about the hugely diverse set of today’s phishing tactics can help ordinary people, home and
business internet users alike, to be more prepared for the inevitable instance when they become the target.

In this PDF we share 11 common phishing tactics you should know…

Types of phishing attacks

Avoid phishing with these simple tips

Tuesday, October 31st, 2023
Phishing occurs when criminals try to get us to open harmful links, emails or attachments that could request our personal information or infect our devices. Phishing messages or “bait” usually come in the form of an email, text, direct message on social media or phone call. These messages are often designed to look like they come from a trusted person or organisation, to get us to respond.
The good news is we can avoid the phish hook!

Check out these tips to keep your account secure. 

Security awareness and training will become part of a continuous effort, but your vigilance remains our best protection. Be vigilant to safeguard yourself, our colleagues and our university against phishing attacks.

Cybersecurity is everyone’s responsibility. Towards a more secure SU!

Email security

Friday, March 31st, 2023

Phishing and Report Message

View a PDF here: Phishing and Report Message Infographic

Something’s Phishy…

Monday, October 24th, 2022


Phishing scam from compromised university account

Tuesday, November 23rd, 2021

Please keep an eye out for an e-mail from a sun email address with the subject line of FYI_Order/Approval. 

It is a phishing scam with a link to a website that is designed to compromise security and steal details such as banking details, login names and passwords. 

The owner of the affected account has already put an Out-of-office notification on her account telling people to ignore the mail sent from her account, but the account is probably still compromised and under the control of the scammers.

Once in the university domain the scammers will continue to attack the university network to steal more information or to obtain bank account details, etc.

Here is an example of one of the mails:


Please report this phishing mail if you receive it from the above mentioned address or any other sun address. Here is how you report it:


Go to​​

Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.​​ Please add the suspicious email as an attachment to the request.


If you have accidentally clicked on the link and already given any personal details to the phishers it is vitally important that you immediately go to the USERADM page (either or and change your password immediately.) Make sure the new password is completely different and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts. Contact the IT Service Desk if you are still unsure. 



© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.