%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20240517053029+00'00') /ModDate (D:20240517053029+00'00') /Title (IT-artikels) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 11 0 R 13 0 R 15 0 R 17 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 4570 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 268.327 521.469 478.407 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 268.702 520.719 477.657 re S 0.773 0.773 0.773 rg 61.016 617.359 m 550.984 617.359 l 550.984 618.109 l 61.016 618.109 l f 1.000 1.000 1.000 rg BT 278.868 698.693 Td /F1 10.5 Tf [(POST LIST)] TJ ET 0.200 0.200 0.200 rg BT 212.789 670.111 Td /F1 14.4 Tf [(INFORMASIETEGNOLOGIE)] TJ ET BT 221.824 643.466 Td /F1 11.7 Tf [(INFORMATION TECHNOLOGY)] TJ ET BT 61.016 583.841 Td /F1 14.4 Tf [(SUN EMAIL FOR PERSONAL PURPOSES)] TJ ET 0.373 0.169 0.255 rg BT 61.016 564.033 Td /F3 9.0 Tf [(Recently some staff have been caught off-guard by emails from cyber criminals trying to exploit them by threatening to )] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 61.016 562.882 m 533.714 562.882 l S BT 61.016 553.044 Td /F3 9.0 Tf [(release sensitive video material.)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 551.893 m 189.059 551.893 l S 0.400 0.400 0.400 rg BT 189.059 553.044 Td /F3 9.0 Tf [( The sender of this email does not have any video material, but tries to be psychologically )] TJ ET BT 61.016 542.055 Td /F3 9.0 Tf [(manipulative and convince the receiver that he does. Unfortunately he also refers to the email receiver's sun email )] TJ ET BT 61.016 531.066 Td /F3 9.0 Tf [(address and a password they used at some stage.)] TJ ET BT 61.016 511.077 Td /F3 9.0 Tf [(This is not because the university's network has been compromised. It happens because staff and students also use their )] TJ ET BT 61.016 500.088 Td /F3 9.0 Tf [(sun address in a personal capacity. We highly discourage you to do this. In this case someone used their sun address on )] TJ ET BT 61.016 489.099 Td /F3 9.0 Tf [(a website, for example Ster Kinekor, whose database was, at some stage, compromised. Subsequently cyber criminals )] TJ ET BT 61.016 478.110 Td /F3 9.0 Tf [(gained access to the username and password. This gave them access to the person's Ster Kinekor's \(or whichever site it )] TJ ET BT 61.016 467.121 Td /F3 9.0 Tf [(was\) information, but also - and this is more dangerous - to the person's potential information everywhere he reused the )] TJ ET BT 61.016 456.132 Td /F3 9.0 Tf [(email address and specific password. This includes Stellenbosch University sites and applications, including the financial )] TJ ET BT 61.016 445.143 Td /F3 9.0 Tf [(and HR system. Of course, it the password has been changed over time, it will be useless. However, this remains an )] TJ ET BT 61.016 434.154 Td /F3 9.0 Tf [(enormous risk.)] TJ ET BT 61.016 414.165 Td /F3 9.0 Tf [(Please note the following:)] TJ ET BT 78.360 394.192 Td /F3 9.0 Tf [(1.)] TJ ET BT 91.016 394.176 Td /F3 9.0 Tf [(Never use your sun email address for anything except for University applications. If you need to send personal )] TJ ET BT 91.016 383.187 Td /F3 9.0 Tf [(emails, rather consider getting a free email account, for example, )] TJ ET 0.373 0.169 0.255 rg BT 352.124 383.187 Td /F3 9.0 Tf [(Gmail)] TJ ET 0.18 w 0 J [ ] 0 d 352.124 382.036 m 375.623 382.036 l S 0.400 0.400 0.400 rg BT 375.623 383.187 Td /F3 9.0 Tf [(. Separating your business and personal )] TJ ET BT 91.016 372.198 Td /F3 9.0 Tf [(activities is better security practice in the long run and will protect you and the University network.)] TJ ET BT 78.360 361.225 Td /F3 9.0 Tf [(2.)] TJ ET BT 91.016 361.209 Td /F3 9.0 Tf [(Keep in mind that according to the )] TJ ET 0.373 0.169 0.255 rg BT 230.093 361.209 Td /F3 9.0 Tf [(Electronic Communication Policy)] TJ ET 0.18 w 0 J [ ] 0 d 230.093 360.058 m 361.124 360.058 l S 0.400 0.400 0.400 rg BT 361.124 361.209 Td /F3 9.0 Tf [( which all staff and students agree to when )] TJ ET BT 91.016 350.220 Td /F3 9.0 Tf [(they register their usernames each year, you're not allowed to use your sun address for personal communication )] TJ ET BT 91.016 339.231 Td /F3 9.0 Tf [(and that the University owns any communication sent via email. If needed, University management has the right to )] TJ ET BT 91.016 328.242 Td /F3 9.0 Tf [(access any material in your email or on your computer.)] TJ ET BT 78.360 317.269 Td /F3 9.0 Tf [(3.)] TJ ET BT 91.016 317.253 Td /F3 9.0 Tf [(If you receive an email as mentioned above, for safety sake, go and change your login details and passwords on )] TJ ET BT 91.016 306.264 Td /F3 9.0 Tf [(any sites where you are registered with your @sun address.)] TJ ET BT 61.016 286.275 Td /F3 9.0 Tf [(Posted in:News,Notices,Phishing,Security | | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Annot /Subtype /Link /A 12 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 563.2006 533.7137 572.3581 ] >> endobj 12 0 obj << /Type /Action /S /URI /URI (https://blogs.sun.ac.za/it/en/2020/04/sextortion-phishing-scams/) >> endobj 13 0 obj << /Type /Annot /Subtype /Link /A 14 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 552.2116 189.0587 561.3691 ] >> endobj 14 0 obj << /Type /Action /S /URI /URI (https://blogs.sun.ac.za/it/en/2020/04/sextortion-phishing-scams/) >> endobj 15 0 obj << /Type /Annot /Subtype /Link /A 16 0 R /Border [0 0 0] /H /I /Rect [ 352.1237 382.3546 375.6227 391.5121 ] >> endobj 16 0 obj << /Type /Action /S /URI /URI (http://www.gmail.com/) >> endobj 17 0 obj << /Type /Annot /Subtype /Link /A 18 0 R /Border [0 0 0] /H /I /Rect [ 230.0927 360.3766 361.1237 369.5341 ] >> endobj 18 0 obj << /Type /Action /S /URI /URI (http://stbweb01.stb.sun.ac.za/university/Policies/ecp/ecp_december_eng.pdf) >> endobj xref 0 19 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000294 00000 n 0000000323 00000 n 0000000458 00000 n 0000000561 00000 n 0000005183 00000 n 0000005295 00000 n 0000005402 00000 n 0000005518 00000 n 0000005645 00000 n 0000005761 00000 n 0000005888 00000 n 0000006004 00000 n 0000006132 00000 n 0000006205 00000 n 0000006333 00000 n trailer << /Size 19 /Root 1 0 R /Info 5 0 R >> startxref 6459 %%EOF phishing « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

phishing

« Older Entries
Newer Entries »

Extra layer of security added to campus computers

Monday, August 2nd, 2021

Cyber crime is a constantly evolving field. Even though the majority of viruses were created as pranks, it’s essential to stay informed of the various risks that exist on the internet if you want to stay safe online. Here’s a breakdown of the basics: 

Malware, or malicious software, is a catch-all term for any type of malicious computer program. Malware is the most common type of online threat.

Ransomware is an emerging form of malware that locks the user out of their files or their device, then demands an anonymous online payment to restore access.

Adware is a form of malware that hides on your device and serves you advertisements. Some adware also monitors your behaviour online so it can target you with specific ads.

Spyware is a form of malware that hides on your device, monitors your activity, and steals sensitive information like bank details and passwords.

The world of cyber crime is very similar to that of technology. Every year, new trends, breakthroughs, and tools emerge.

You’ve probably noticed a Malwarebytes Threat Scan icon on your desktop or laptop (Figure 1). Don’t worry, this isn’t a brand-new type of malware. Stellenbosch University’s IT department has added an extra layer of security to campus computers.

Figure 1

Malwarebytes Incident Response is the trusted standard in automated endpoint remediation. Unfortunately, with the current environment, some malware will return after removal and Malwarebytes will prompt you to initiate a restart (Figure 2).

Figure 2

This is because the malware will sync to your browsers profile and will be synced back to your device after it has been removed.  If you are experiencing such daily prompts for restarts by Malwarebytes, we suggest that you log a request on the ICT Partner Portal for a technician to assist with further remediation.

[ARTICLE BY BRADLEY VAN DER VENTER]

Email

Posted in News, Notices, phishing, Security, Tips, Training | Comments Off on Extra layer of security added to campus computers

Phishing alert: Zoom invite

Thursday, November 5th, 2020

Please be on the lookout for a new tactic that phishing scammers are employing to get your personal details, passwords and to gain access to your university account.

These scammers are using “Zoom” video conference invitations to fool their intended victims and steal passwords and other personal details.

 

Above is one such example. Take note of the highlighted the warning signs that reveal the scam. This particular scam is “custom” programmed for specific university e-mail addresses and might target your address, as the e-mail addresses are embedded into the phishing web page and the e-mail itself.

If you do get such an e-mail please report it to IT Cyber Security as soon as possible on the ICT Partner Portal.

If you have accidentally responded to the phisher and already provided them with your personal details, it is vitally important that you immediately change your password. Make sure the new password is completely different, and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts.

After changing your password, also log a request on the ICT Partner Portal in order for your devices to be checked for malicious software. 

[ARTICLE BY DAVID WILES]

Email

Tags:
Posted in News, phishing, Security | Comments Off on Phishing alert: Zoom invite

Phishing scam from a forged email

Thursday, May 14th, 2020

We are almost all in lock down and less careful with cyber security. The scammers know this and are launching numerous attacks taking advantage of the “work-from-home” situation we find ourselves in. A number of personnel have reported getting e-mails from “Prof. Jimmy Volmink” asking for assistance and are not spotting the tell-tale signs of a phishing scam.

Here is the mail:

  1. Notice that although it looks like Prof Volmink sent it, the email address is not correct.
  2.  Secondly Prof Jimmy is a very approachable person, but he is always professional in his communication so he would never say “Are you free for now”. Nor would he say something like this: (if you did respond to his mail)
    “I am currently in a meeting and I don’t know when the meeting will round off. I would have called you but phone is not allowed. I will want you to handle something for me right away and I will be glad if you can do that for me as soon as possible”.

This is a spear-phishing attack where an institution is directly attacked by impersonating prominent or public figures within the university (like the Dean) to gain access to the university network. This is an especially effective means of attack with everybody at home in lock down, where our guard is down and we are more relaxed. There was a very similar attack in September 2019, using the same tactics.  

Prof Volmink’s account has not been compromised. Phishers are just trying to fool us into thinking that prominent members in our leadership are emailing us asking for assistance, but they are not. It is a scam.

Over the next few days be on the lookout for similar mails that look like they coming from other people within the university.

If you do get mail like this be sure to report it to IT ASAP so they can block the attack and help people who have become victims.

Please immediately report such phishing scams and spam by reporting it on the ICT Partner Portal.​​

Go to https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115.​​

Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.​​

If you have accidentally clicked on the link and already given any personal details to the phishers it is vitally important that you immediately go to the USERADM page (either http://www.sun.ac.za/password  or www.sun.ac.za/useradm ) and change your password immediately. Make sure the new password is completely different, and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts.

 

Email

Posted in E-mail, News, Notices, phishing, Security | Comments Off on Phishing scam from a forged email

Sun email for personal purposes

Tuesday, May 12th, 2020

Recently some staff have been caught off-guard by emails from cyber criminals trying to exploit them by threatening to release sensitive video material. The sender of this email does not have any video material, but tries to be psychologically manipulative and convince the receiver that he does. Unfortunately he also refers to the email receiver’s sun email address and a password they used at some stage.

This is not because the university’s network has been compromised. It happens because staff and students also use their sun address in a personal capacity. We highly discourage you to do this. In this case someone used their sun address on a website, for example Ster Kinekor, whose database was, at some stage, compromised. Subsequently cyber criminals gained access to the username and password. This gave them access to the person’s Ster Kinekor’s (or whichever site it was) information, but also – and this is more dangerous – to the person’s potential information everywhere he reused the email address and specific password. This includes Stellenbosch University sites and applications, including the financial and HR system. Of course, it the password has been changed over time, it will be useless. However, this remains an enormous risk.

Please note the following: 

  1. Never use your sun email address for anything except for University applications. If you need to send personal emails, rather consider getting a free email account, for example, Gmail. Separating your business and personal activities is better security practice in the long run and will protect you and the University network.
  2. Keep in mind that according to the Electronic Communication Policy which all staff and students agree to when they register their usernames each year, you’re not allowed to use your sun address for personal communication and that the University owns any communication sent via email. If needed, University management has the right to access any material in your email or on your computer.  
  3. If you receive an email as mentioned above, for safety sake, go and change your login details and passwords on any sites where you are registered with your @sun address.
Email

Posted in News, Notices, phishing, Security | Comments Off on Sun email for personal purposes

Phishing attack from compromised staff account with attached “Secure Message”

Wednesday, May 6th, 2020

With most students and personnel all working from home during the national lockdown, and with the reduced security (and watchfulness) of home computers and personnel/students in their home environment, and with many forced to use unfamiliar means of communication and collaboration like Teams, Zoom, Skype and Skype For Business, the environment is ripe for exploitation by phishers.

The following e-mail (with an infected attachment) is making its rounds at the moment from  a staff email.

If you get an email that look like the following do not open or respond to it. It is quite likely that the personnel doesn’t even know his account is compromised.

Please be careful when opening up attachments “sent” by colleagues especially if they are unannounced or the e-mail makes you feel a bit suspicious. Always trust your instincts.

Email

Posted in E-mail, News, phishing, Security | Comments Off on Phishing attack from compromised staff account with attached “Secure Message”

« Older Entries
Newer Entries »
 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.