%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> /XObject << /I1 16 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20240817025901+00'00') /ModDate (D:20240817025901+00'00') /Title (Report 08-2024) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 1982 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 467.249 521.469 279.485 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 467.624 520.719 278.735 re S 0.773 0.773 0.773 rg 61.016 482.999 m 550.984 482.999 l 550.984 483.749 l 61.016 483.749 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(PHISHING FROM STAFF EMAIL)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(January 01,1970)] TJ ET BT 173.588 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 188.096 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(An email with the subject "Purchase Order 98474" has been sent from a sun email address to staff and students. The )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(email ask you to click on a link to open your purchase order information \(also see image below\))] TJ ET BT 61.016 606.442 Td /F4 9.0 Tf [(This is not a legitimate email, but a phishing attempt from a compromised university account.)] TJ ET BT 61.016 586.453 Td /F4 9.0 Tf [(By clicking on links and providing your information, you give criminals access to your personal information and your )] TJ ET BT 61.016 575.464 Td /F4 9.0 Tf [(accounts. If you think your account or device has been compromised or you notice suspicious activity:)] TJ ET BT 61.016 555.475 Td /F4 9.0 Tf [(Immediately change your password on www.sun.ac.za/password.)] TJ ET BT 61.016 535.486 Td /F4 9.0 Tf [(Contact the IT Service Desk by )] TJ ET 0.373 0.169 0.255 rg BT 187.565 535.486 Td /F4 9.0 Tf [(logging a request)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 187.565 534.335 m 256.604 534.335 l S 0.153 0.153 0.153 rg BT 256.604 535.486 Td /F4 9.0 Tf [( or calling 808 4367.)] TJ ET 0.400 0.400 0.400 rg BT 61.016 497.197 Td /F2 9.0 Tf [(Posted in:E-mail,Phishing,Security | | With 0 comments)] TJ ET q 370.500 0 0 239.250 61.016 274.238 cm /I1 Do Q endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 187.5647 534.6532 256.6037 543.8107 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/user/login) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 274.2379 431.5157 513.4879 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/files/2019/10/schon.jpg) >> endobj 16 0 obj << /Type /XObject /Subtype /Image /Width 494 /Height 319 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 40544>> stream ExifMM*bj(1"r2i ' 'Adobe Photoshop CC 2019 (Windows)2019:10:14 09:58:23?"*(2 HH Adobe_CMAdobed            g" ?   3!1AQa"q2B#$Rb34rC%Scs5&DTdE£t6UeuF'Vfv7GWgw5!1AQaq"2B#R3$brCScs4%&5DTdEU6teuFVfv'7GWgw ?Q1+ţ'!YeA>F_OY7)ͪ˝M{Kʖfek󅴀,湮{+{];XEE_fK8/jlamLXk*]L7?Na:Uu:5k n-4n'̆=lVNO'eW:5)ά={,^K ?:UeY}:zLHXcF.OUO=1Ƴ$28p-mVsv}?;=؈:sZ/k_[w_3# nmWCe{˽*}L _NE~?H31l,7tѾي׶ѹz9B3t[_?Zk; [NF[6VY#fϠw'zk+=ʬΥc;S=+?GuЫô5, 1i} Sg^޷S:.--9 Z4c==Gέʬ㶠\wu(c ,%c;eM{7 Ufں?c}D6I o.w T-U$YG{ْ66z,6(7t簼d`$7!ߟ[)u7ZMʪn#heA[z[ϱm3U-,ghADCe19ۈ o7'hc}MnK'O7q#'=Ē.;SFj5YgWlw՟OL5[Z%ۈi5]]p[!;5=Cӆc^@lN>_ѫ| N7Y]Mk.s;lksk8ג> l$=UkEbfs׈ƐSggmCxGisEѿhl}!_׮cCp{Oi$#K/}P1/3w=ͨxIX$״7We-ɯ%ka$I%)$IJI$RI$I%)$IO_٘YɯymM9͑ t?ckgALo|/?ֳ-ߤWXb7 s9XFPcZRw[ipHn fuoD|6Iwhd NkqN΅l{v~Isۿu@gQZpmSn#}O> RW`Is{^ò1wкv}XA.NՇK5ς$Z~Tm9x%s+GOS~F;?uSu&C]68Y],J]Hws*X_{I-O 7l%3{6YX>-W_iY}@R1ϥkͻ}6c[om$A$IJI$RI$I%)$IJI$SW5@&D #gJ`mƧӱ48E?gV~ Wloͷ#x\~G;4 ʻps-b$}nGoVs[2[KYc6A.Ku̳^!պ OݷoTۜfs1ŭ} so ϲĔꤨ3E5T:\ g6vƆ< kmmk}lX?O3/֜ߑ > Ec3bŌD#jV{7I% TI$$I)I$J'VYojM6wcT^%w _}jimmpBɩkǽֹI/s\ٻo"w>h%auvݩ3tDZnU[l̗H:D|6M}_EzGF~.S@/֋}8v#$I)I$JRI$I$$I)I$JRI$I$m9a}ߵ G;mQ#ZEk7~v~/D|6O8c "b?Eg~UIU$UI%?U$UI%?U$UI%?U$UI%?U$UI%?U$UI%?U$UI%?U$UI%?Photoshop 3.08BIM%8BIM: printOutputPstSboolInteenumInteClrmprintSixteenBitbool printerNameTEXTprintProofSetupObjc Proof Setup proofSetupBltnenum builtinProof proofCMYK8BIM;-printOutputOptionsCptnboolClbrboolRgsMboolCrnCboolCntCboolLblsboolNgtvboolEmlDboolIntrboolBckgObjcRGBCRd doub@oGrn doub@oBl doub@oBrdTUntF#RltBld UntF#RltRsltUntF#Pxl@R vectorDataboolPgPsenumPgPsPgPCLeftUntF#RltTop UntF#RltScl UntF#Prc@YcropWhenPrintingboolcropRectBottomlong cropRectLeftlong cropRectRightlong cropRectToplong8BIMHH8BIM&?8BIM Z8BIM8BIM 8BIM' 8BIMH/fflff/ff2Z5-8BIMp8BIM8BIM8BIM08BIM-8BIM@@8BIM8BIMI? Untitled-1?nullboundsObjcRct1Top longLeftlongBtomlong?RghtlongslicesVlLsObjcslicesliceIDlonggroupIDlongoriginenum ESliceOrigin autoGeneratedTypeenum ESliceTypeImg boundsObjcRct1Top longLeftlongBtomlong?RghtlongurlTEXTnullTEXTMsgeTEXTaltTagTEXTcellTextIsHTMLboolcellTextTEXT horzAlignenumESliceHorzAligndefault vertAlignenumESliceVertAligndefault bgColorTypeenumESliceBGColorTypeNone topOutsetlong leftOutsetlong bottomOutsetlong rightOutsetlong8BIM( ?8BIM8BIM8BIM g  Adobe_CMAdobed            g" ?   3!1AQa"q2B#$Rb34rC%Scs5&DTdE£t6UeuF'Vfv7GWgw5!1AQaq"2B#R3$brCScs4%&5DTdEU6teuFVfv'7GWgw ?Q1+ţ'!YeA>F_OY7)ͪ˝M{Kʖfek󅴀,湮{+{];XEE_fK8/jlamLXk*]L7?Na:Uu:5k n-4n'̆=lVNO'eW:5)ά={,^K ?:UeY}:zLHXcF.OUO=1Ƴ$28p-mVsv}?;=؈:sZ/k_[w_3# nmWCe{˽*}L _NE~?H31l,7tѾي׶ѹz9B3t[_?Zk; [NF[6VY#fϠw'zk+=ʬΥc;S=+?GuЫô5, 1i} Sg^޷S:.--9 Z4c==Gέʬ㶠\wu(c ,%c;eM{7 Ufں?c}D6I o.w T-U$YG{ْ66z,6(7t簼d`$7!ߟ[)u7ZMʪn#heA[z[ϱm3U-,ghADCe19ۈ o7'hc}MnK'O7q#'=Ē.;SFj5YgWlw՟OL5[Z%ۈi5]]p[!;5=Cӆc^@lN>_ѫ| N7Y]Mk.s;lksk8ג> l$=UkEbfs׈ƐSggmCxGisEѿhl}!_׮cCp{Oi$#K/}P1/3w=ͨxIX$״7We-ɯ%ka$I%)$IJI$RI$I%)$IO_٘YɯymM9͑ t?ckgALo|/?ֳ-ߤWXb7 s9XFPcZRw[ipHn fuoD|6Iwhd NkqN΅l{v~Isۿu@gQZpmSn#}O> RW`Is{^ò1wкv}XA.NՇK5ς$Z~Tm9x%s+GOS~F;?uSu&C]68Y],J]Hws*X_{I-O 7l%3{6YX>-W_iY}@R1ϥkͻ}6c[om$A$IJI$RI$I%)$IJI$SW5@&D #gJ`mƧӱ48E?gV~ Wloͷ#x\~G;4 ʻps-b$}nGoVs[2[KYc6A.Ku̳^!պ OݷoTۜfs1ŭ} so ϲĔꤨ3E5T:\ g6vƆ< kmmk}lX?O3/֜ߑ > Ec3bŌD#jV{7I% TI$$I)I$J'VYojM6wcT^%w _}jimmpBɩkǽֹI/s\ٻo"w>h%auvݩ3tDZnU[l̗H:D|6M}_EzGF~.S@/֋}8v#$I)I$JRI$I$$I)I$JRI$I$m9a}ߵ G;mQ#ZEk7~v~/D|6O8c "b?Eg~UIU$UI%?U$UI%?U$UI%?U$UI%?U$UI%?U$UI%?U$UI%?U$UI%?8BIM!]Adobe PhotoshopAdobe Photoshop CC 20198BIM http://ns.adobe.com/xap/1.0/ &Adobed@       ? P25 @0!1A"$%!1"A3Qa2#tPqBR$6 @brC40S%d5E P!q1AQa@"23B0R#c brC!1AQPaq@ p0 զmLԀZS3f+Mh<̯%DdXM=q#$1jƤDݧ_ym۳2ކA{&;bwď#2Q5>&(Z3nJ/x^D>2Gy8՟&H-LڙeNxd`H;oJ)ԞD(F-ɊКZ 3|MM!5|K2I/Siσ-Lڙ 3jf2y50U0-Li͟/J#=ejjϰyǑ^MzS6j@-Lڙ 3yLcl2&F*3leI@B&0/K`ZS4E!uF9vjNZO6ea~svC@ 3Js̀M% >%@}g >S6j@-Lڙ 3C9O4igM)g  s= zI ])j]jfS8慡FubeqtƠ&L;yWvƦ gog2yqe=+oS6j@!x Z϶-Z3RjfHedْ+ 0S6 jy= ҎS5Ra FmLԀZ3Rjf"I@2͋9!t\eS5 mLԀZ3RjfF|<2 3VNp" ZtZ3RjfH]voWU*q \B!WU*q \B!WU*q \B!WU*q \B!WU*q \B!WU*q \B!WU*q \B!WU*A/ilJ-wH2W QIa8G;~IM/3P=39uoVaUK5hٖsJVd$qԷkg8gK{6xXݝAe")EfPfBJbyB *t񝈼vUs*V0=¬e3'a QiflLJVg3eF E13۰ ;RZXIG^n4JP~}s` E}fR^&­=psY\z:)f)tQ*OseWy ,|I]% 1+AR9H!3Ys)+蚻M["d QRI!R|GEf,Zn/ <,aVy<#2yآQ83 wo))ūuG/f{Q$= tdRz/qxZ'#/o΃^+ѝI8X"bgya:B)L):d x0IG$IH"h|PDb1fKC c/&0qkuOY*d1òFy_;0m"CALX sV:Ȧ'/qVf{@B^m/23Ʊy{r`(}Ĥxes(icGL2r9z˒I-+%;SlHck㎡𬬳Z"%5Ԋ@IEE/NTR=I,/-*0 ]]v_>=0N |2xEP"`1{8 19RRi*s^I[8989¶YDDsލc(S1avM Rc?,-0$8I){:P?gv4p\lșZ%. 3@L+AT$,\--Y*CXIOg)$ILle<{UÒ 1WB7ύy|o>7ύ:KT<߈`pxSf/ 7]'$ǂގZAJu0J%C}oXe7"qa%M4.9j!nyiXHTi>zIU*q#F)6InCF;~8$Fo 7S{]Gz<7ޏ)yMwokS{]Gz7ύy|o>7Ͽ? OZ|-> OiZ|-> OiZ|-2QiZ|-> OiZ|-> Oi??oYJ?s /ޘǻcxcݏ {v<1dž=ǻcxcݏ {v<1dž=ǻcxcݏ {v<1dž=ǻcxcݏ {v<1dž=ǻcxcݏ {v<1dž=ǻcxcݏ {v<1dž=ǻcxcݏ {v<1dž=ǻcxc݋?Gc.[ڗW+6NCSV REj\1l!9_}Z SҫxlxD|7;SB17"+.=hESڦ^Q,rDs]{${Ǵ2 ʜj[5r4`:lAtlj -r(>\(&Zaj6].4 td_uv.73uz"{M!#QIgN 8NCrp I]C5t1rRDێ@P禴>էbs1R߽%[BA(m8JKK1VWrm>۪[54W" 7 KZWЕ\DTN)rm-  {O]1nH6lvpQpNqt+ߋ}3L.rVQ6G 77rBb5¦\"{YR+%(p=Hi:>TELj\/?V ֻ/8tفmr>m̰ȆyN*}Km;Ez;Ȉn4J%I8baėjlc=12D]b>A#jEb% eD@%|hٚ.iڙ$Oeю^tM-,󯲊(E.\iy!F8p}X؉UDX92c423$"\TN8)B~\vIaYMu^'1+F'DhKE$$ON:{SE@Eqݒ2q+8W6M#~֤ӦmmUUK^1i.X21ܫ 7 ^_!^yEϩoJf:w}Ox ^![YNcIe"PUㄺ7i 쬆]lUH*J*KEڹz\ +ejJJNԪGF&m [- Xm=[UڌLStms! L%@[MZ'-ˊqwD. S*.~Mrun[ң uE̓ :yҹ9ˑxϠVT8QOf-lNLcH8䚲MHx:5}OڮS N+trWek_ՈDs$$v5\`?͜qiQYm> 﫧Sn)0_`TJziT'dgݗl3VgMbbqpwzz)lՠhLRH)z;;r[ ˊ#&iM5EE/蛘ڵ'LuHTopJzsb7ӯ Ń?r6EM">8eg9N4s frh06nٚ3:ٛiӫ^>Vk K̖dǐfϱ38^vcK2<ۄeu]?ĚΊqIhӢĜ#ۄ#* Fޯ8꣉x%R[ 0l"j](}UN2lte=EޥUQKZU)r{NJI|d髯㜼ixalcPij.S%*؞;ykEs[F6QУB*iJڸR@\0AmZ#ȇGTw<$` ="E@IWMk9<2o]NdUUNKk:0"Вmhxbuٝ5c$}u Ihe0C8*ҳ8M̹H[{Y$yLHȄZ~& /-BkJ=EDӿ/z&dmWUpU*KOBF-om). eͧH *[oG7Ƶ\ 1eڐmRz1丅uVSі^F]g]]k,5dZIQu]zz&i-zwݒRJ<"uWB|kq'irf!r0seV)&+rDJZfVD)n%4m ut㈷8ƅ|M&Q鐚in>^ʝkJb#[,g,n7/skUP4Wxaqؗdod@iJWu!dCOgx.\ƣى"ċ%註+U)n-v$yI۳Eu:DݽlM!*,>oRXj2G]'M3i\'uLBdYQN@-@`(L_pyhm\BXlmq)Uqs(#uSM%5l**<*F9ʐ Q S*&Ieԭk",& $Nc.GQwJiLМq֔BWBu嚠s̎p'IHg/Nmgyx Cv7UZ'U\u?)ŷd~N9hia !ru5-8d *&Ypdc_ 8Pڌt%]JD\.KMzy : xrpQg( ~޳8rLۍH)%0NۧǸ4܌(\h <rڢ :ּ2֟'mIRDږU7E *ʹkcp?0\m&5r\yl%_&bȐ(ɲ!tv/2Kû4{@MY3W.iOS:n&joQ1`eDuQ{)Rig4ɶ6.0ot.9௿XS&S 0;- ѳ8r4ʎNxPsĉl,1d*]B)Eǃn fXdʜ(a[ba4OЉ\"Ăoۦe݂}Xm_6)[t*W##qZ:!MYaِ"~dԺQUj!ltHclv!kEJ{Y~/,)%UDJ"2c?+bܺ=\ܩL1p|p0zQGGkZ iDME=?hJ?%KW_텨ϽRDV$㈏4N% _UӶMHT˷#Kim]?`U[D"fҴ4jEҋa^c.=wqqtuH=ZauqkO;Re#NvQrB *ƥn*1!JH&A4lPOJUi l6wOĨ n`6,Y =mV^UJf:>OwUMT'DҸ[Wԍ]FQD=^> #ƭxRؽmI(UVuNk<59BzʉJ4Ē։G/Zb<y\3acJ?yIbkmj/q$TgK2SmMxQTrL։3&#W"*#'nPQr'ۮe -XTP0X6;KQ1%u p-$`M]*&\%̖$<[47OtqE1).EkyL*r@ 9G:vln3ܚFuQԜ֙g "S5[E? \`@?Y,UҔҚi\N 2fcwHBh$#.)2ΈnbWyhtj)vvv4Ĉ"%E)1)uy:UZHUoM\_OT(R=l~x V<J88ODdE_P flȣBₔʸDeD\&>*21 3QE2#cU=lW' dQJ}yEE֍5 EE!t݊7DF\FC1k._lMdKXbp ӆ#;lxX&AA (vqyQ+Vb :^$x x@ۚ :+0&&cIQN-7M2 xyH˪u{ZWQg( ~޳8 mȔ#8ΝhJ+.B2ۥ60Ck`*)/v]qx$'ր](z3\Yٔ\7iV5Z=}_E[lqAjh/s*KZ W$&tPuAxtZ5fI ER$S*&yɆ-UmCSSb%0fcBB E_0F}:T6O_H6cXE,*znI=1ٓ(YxHhi\Yv⩚/M2dܭj_l%<nڥ$ZaCҤ9*'˷Y.\V]erѹ\2xsr KKi,@Eyw۪Zbmډ'!K.ސ$u"*eDe;d[`Z>]T*=qöߜc_ԛR_Ur1MU4T\Yڙ)y.: F<*K^LFer9wX t*!*権K]|{uRE΄*/+\LO6"Dun-OjF*j˚qǔg%)șh[h](E{+P;9Yr k+HGmP Uxr\œtt!;q͆3` ך㹒Mc,xO4Mlpj!ڋsΞLD$uQ[j:e+Q2mP!t"Q*ָ:!H;[6椦i}IK!ǖKbZ,ndHqE^nK;uMj^4NΑq7Zjk^=l Wṟ*kSB=$WKLQrOa~y7uq y6TV3ǜd5&S =pxHR*:yEI=,ɇ78U =HV4,-f:`qQ8d0gcXmp-:. <[rXߨid+*ڍIe9NWƸ7ԹѹR@k%FSQZ 9 =MܺZsUQQ(#[L-Q|TĈ5{<8/j.XɺH~W3F kNH9 }xkz.2ȹ&[yM+Zn%ʕ Le72l$uӕ8ҽ_%}8NJzti%4hh^?/S/S/S/S/S/S/S/S/S/S/S/S o^%F́^ֿ?Gc1zQpoVA%OFL7"; O6HBB2_9.[QڦUVUxSX,3"FZ}d< ŷWZ[CRWiSf0FFi%J֩UD)lrY>Ck1ʜi\lը!U* *\fLyv j-QUm%Ԡng[lu*%N4N bb%t3ۍRnnu'? rB"Sp'IٳRCG*&Y.}g( p )^ʦ$G~%)h]s.sEJ*k,@b4q-֬ Ӱھ|H6d.Ftdb+ll!-(#hjTpszcF>5J-["pvGjh^Qg( ~޳8927;t}@*Eo+yQtt6 C*TBz2Zg( qepQ [ HU%8-Hp`gyV@54SGtYzz*2qO,INPMUJ*j-sڧ~ܜ%H jǞ: / m֣HSn>ک5^}+z1qq2VǸs6B뢄HDس?oYJ?%lX?..=K3J6sp falylCޛHB ^ZajWeBcKN.ˆ*5i @JẬ6ӈ:5b,$,747SIZt@ɺpI)V|"<< < m:-;mBqlЮ]*fɗ0[H GFO({}x"=Ǩ哂tQWrmn5o\j^ H't> @~mژ{hAZ+ RuV˃ۃ!(<}a2]f2lK1Vвw6ZBwc+K'/>_kJ?%?!ZA|?|?|?|?|?|?|?|?|?|?|?|?|?|?|?5twwF:P'd=89#I ٭}a#\kX9JX1š V‘5 Hu2nc#MHIIFiÐ쳣r4 " A*̎7Fx> "@$\u3(Q;JZPzLޜyV^V1V3R9.xQ= F qFG"-Dƴ- 5z(.jPTh2Q* :f@z"@7xe3vCP%>QX#@%GT.T6(6vJ\;G ,Sp|G8#5 $]!t;)-LPPAǬkj 8C-ѭCw5s%6S\wJƁ*UH2gGhӫ sjd6i+'q ڱh jaD(oȣe$M'|x(h2!kZaď d =!XbpSFM)]>N2n|aW#}+bCڸE²4@p䛄gI.fPt xLQPE= b{yʑhMq~v']jIt3Zi"wIX.]HF+Evn5釫M4[Yh]}OJWevhO|Ata p nRچvHQ&@eM*}p8,@ST4 k[)2`0(=zP0ƏP8|]3 GQZ795&@Vlt$fexNpՌ`, z\M]T-LN$Ɋ)& E"̀4Pդ 9+%+*0C5ʗD`RhwPuOoGS 4ʻe/H0nXC{]E nĮW GtO9 aXJ":uNɽHaFN,J2bF%"9e VdS&1k@S.#boV0F& 5Y𝊽|]\?"[u'~5'WQc8"4esfGX h0- 69 JHc ,6BaYb' Uܚ8 [Fp<_ 1+g@S@4zxTQCo/ %jDǹiu M]UPhkeQ  .?QJy6)0UVi@\2Np$ 1zS8$uxмkq,>1ްێqr\9ɗdMS]JNz8V44ҼtB3&q& M * Upцlq*GODUGG jc9<U ]gTˆ*efKqmUd/lY*lSbD8v/T Բ:::[} db&My5 E/`'1Tr5<ĺahkfnP 8 0 jnpA[кmagKoP$vDvugS+țz12!@mPQI6Ll.CuRUV+{F@;իWE >j.H#?]:t[(+RU]ͺ}@ٻk$K%‰R?QZ?fk=^k,<G324]ђcE%Q:A!<۩K'&Ԃh$C2jؐ}-B[< f5kN5̕io24)L龪/$,4Q諐#ZZ^0Hyy&&KDZijS6s Az'6H:MC)Bi%]W]V.UT-S$.?ı#WNhIJ$]1=TejkW: Gd?#y1.R ZL{I <~  T-LH0PDG<̴o+G٦j M6 uNmNSBd get8ix|r?UJ+,c05suvlOk.8Ɠ `(;IIǜB<1ԋpa.0 li\_N"|-I{Ҕi"bv- gDN#T(wO9Uƣi֦KM$LvB. ҖrɴA)˚mE*}B 니 u9$ū$Gk\8WZ,(w+y>HP7ZALLPzǹU)s;Eֱzu؂` sc[]."S9=2=6~iz°HLEq|=_{YΌwDFB N]-*QG)R/Ck%mkaKg3IV񺂚h]1MjzVZ-M|zuES+tjRṋ E3~ZŇSpuĄ&_V];Fd` SoG A~g2z:3;X" wX ΙJ~RӠqF+;L,|UE)9+C9JB, %jv#f TGhP6CHS Ym<6\Uh˄1]3]U#uV(3롤o-%I@Ml(`p' TU^OwuE\ fY`2AST;.z fĈKS!UǁB 5 Y0À!$ՄؓHvtr&FWvƧi2ȹrǠP\㝡RIu7OpYIp 'J{ID'68@oE (PB )MY?j] hAfB Ghvn@W%i噧;yӮyΠSVP=_Jt)NVT5.l\hQ[6gã׿L9=j膗v]:sp]}"MSd}xui+C:0L`0th߾|{߾|{߾|{߾|{߾|{߾|{߾|{߾|{߾|{߾|{߾|{߾|{߾|{߾|{߾|{߾|{߾|{߾n|K_J.6s-}{?G{]Kn#& FiP h+$aӓGA:+\\Kڰ;r᧫: N v@Z1@[@蓞b-LF S\ânn1E5\Hf@U5yuβ~\+sW?\+s=Mok~~~~~~~~~~~~~~~~?!oooNw;ayw;~r-^L7ǂyj5Ϗ:prvzgs8#/:zz8BsGWÆq_?7Ǐ{7Ǐ{7Ǐ{7Ǐ{7Ǐ{7Ǐ{7Ǐ{7Ǐ{7Ǐ{7Ǐ{7Ǐ{7Ǐ{7Ǐ{7Ǐ{7Ǐ{7Ǐ{7Ǐ{7/~پ?nht]LS}>\^p=Wlw̮̮̮̮̮ ~ @I$I$I$I$I$I$I$E $@ A  G+\(KR $A$A$I$I A$@H$@@A I @P @ A @$@@ @@$@ ?סx@I RA$@RI? 9yag~yag~yag~yag~yag~yag~yag~yag~yag~yag~yag~yag~yag~yag~yag~ߢB,wIIYk} Aк]},H8\99TuO:Va ж[C"| A`]X {ꫂ;m\"3g[`@(SRײ ʼnx4׏h  &a INWpk)^6DyV<4NlyeMnmBKSfe${eQS\Cߡ7ӵoi-ǎmȫ瑖(k_, 3 '%[44=G0EΘ Yn$=ڕbN"3 [E|1ݤtY^,`]KJ߃"ⱡy*'#ee?n\Ô¹ǐz\`,\'C82&|tF+͒<?-MȀ3ݎ N^[m͆ƮaGTÇsÍ^%.z%t0o`1!9n9ff2H<4T?:Ł5 Cfm)ٕc(.zi"MD@2Bł/"o_JC(ܱ# Q!;pely"%6ε# <<|!)NiI@ptdĐ҉Aʖgr>{0N޼ ҿؓ* 8Y.ދ:Z 0AY-SAf^uA@JEw E@8uG L ^sC yԎ ˲һPۑF+ qوEu2h6VXGʦJTUa=GZ,)`+ rħ_ӥ!ǡ"hk;ؘ*i.8(\46uA-NQ@ I((mqIU`m}{?]kҎa6.r e _ DDfuΒs#P8/ F͜.HK]BP˞<@4X엤xpF CꇀeK)r:OQR/9%D.=lt0*㴘meNz{drBxEL> 3HLը>+BW 9xLP6?mɡPq4_8'#7 ޙ-Ak1i Jf5 buB>frZF?&ݙiBC|n#3?(H-:/(Hax>yħ́X$/}F4hXpAf0xp^pdcU3Pg_)$bE@*+HCY*N؁JF%xDžJLpǩ$D s2 p @݀Y >0T7+ZVG?WeT=Ԃa A`T@:T qcl$`O1 8^$4&ȃms]YS7N0LzR%!m BZԲq6’Fq&!0* YL%x02bXkZ@ GNv5(>B(P5"$ /KAIK-bA @IAx=PN1y߮&֢jgL+lvòEcs>` /Ă@FF%BͩQzizI6>[^VM~!h"ŧI-w`LlJFx:ut,5ha|n8 *~")^20ã8[mZpC^d(2R5XQ5YH]";3Xm|30gUi8: ,Eh `GBWmP,aAhM:ݚ-}J@GUD$RU8Fl ypyaP9׍DR9ZyOFP 8؅t1w74P/hhI6RUG,tI چ,Qt@pLJ[QJ2jf7E!!gՐ&ѽ^!T b-V 1ŝUn\1Y +zJ*1H81iF0M(l?Ԋ(>0a T2YA*#Ȅ!&q6Q`hNh+" pX] ('E@rH U &cdP7bQq ́/_ -iZu~RH$جdDM"g%B+ c$`B>CL&w1:XGsd 87;qJq7ۡE;ã p]%Kl$AO8FRX`:a>JV\j #8N)ۦWEn |:D` Ld 0<9U#'liBX9Aq0:@qnQS@O'KpưW!221X _uiLeC3\ -T6y@!I=MʧIrrq}GckkfD[|31<(e*z1XBM^zׯ^U?  D 5Jl0`"'@+2JZTV]MQl_ > 9g;( =?~Cܘ\ TRY`Z~np4 }()M~8Pp* y !D#,lhB!0M@m0@RY.\GƔP321s98CX%&X%΋ Prho+SùL1j(PLLp0۲a hԎbF^4 (b+!<5 xJCJu<$1CldVtS \֔nr@<5 (?+XoH^kJWP:!I(RX6yC&57^J 9ЃR:I9f jls@ 4rmZH@\XG3JIFDE{Oyow… (PB #h[({{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{{?^^^0jYqu= ŗF4%3Sտ V]9h\zrt{s [|i/ nO̅qW6OILC5g-NkqZaw~g K o^l4x#sRpj 4_\av^vbSֽ?N޸dmktoN=|׳Ǽ׳Ǽ׳Ǽ׳Ǽ׳Ǽ׳Ǽ׳Ǽ׳Ǽ׳Ǽ׳Ǽ׳Ǽ׳Ǽ׳Ǽ׳Ǽ׳Ǽ׳Ǽ׳Ǽ׳1xg Y?RE)-x}^=B՟^ۻ:߶X95CNp\:cK M}1Tۚ3 n=D"b]ޣõ?oӭȈW<}zqh9qY©*ׯ׳袊((m?Ygygygygygygygygygygygygygygygyg endstream endobj xref 0 17 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000332 00000 n 0000000369 00000 n 0000000507 00000 n 0000000596 00000 n 0000002630 00000 n 0000002742 00000 n 0000002857 00000 n 0000002977 00000 n 0000003085 00000 n 0000003213 00000 n 0000003340 00000 n 0000003467 00000 n 0000003568 00000 n trailer << /Size 17 /Root 1 0 R /Info 5 0 R >> startxref 44281 %%EOF phishing « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

phishing

« Older Entries
Newer Entries »

Cybersecurity Awareness Month: Where do scammers get your information?

Friday, October 12th, 2018

In the last article, we provided you with a few tips on how to create strong passwords in order to make the hacker’s job harder at accessing your personal data. Using weak passwords is one way hackers and scammers get your information?”.

But where do scammers get your information?

The graphic below depicts the world where most of us find ourselves, and where scammers might obtain important snippets of our personal data that, in many cases, is there for the taking:

This is your world

Your personal information is in places beyond your control.

The cell phone has become an indispensable communications tool in the 21st century. According to the Pew Research Centre, South Africa is placed 24th on the world list with a smartphone usage of 37% of the total population. However, according to a recent global survey by McAfee and One Poll, 36% of those smartphone users have no form or password, pin or fingerprint protection on their devices. This means that if their phone falls into the wrong hands, they risk opening up all sorts of personal information such as bank details and online logins to whoever finds or steals the smartphone.

How much of your personal information have you placed out there on the internet?

  • Over 30% of South African Internet users share at least 3 pieces of personal information posted on their social media profiles that can make stealing their identity easy.
  • 60% of South African Internet users have revealed they had no idea what their privacy settings are and who could see their personal information on those sites.

Old-style junk mail, invoices, receipts and ordinary letters can still provide scammers with a wealth of information. Dumpster-diving can reveal documents with your ID Number, old bank statements with your account details, old credit cards, unwanted junk e-mail, payslips and tax forms. Even old prescriptions & medical aid claims can provide scammer with a wealth of information from your personal information.

The modern equivalent of a filing cabinet, a flash disk poses a huge risk to the security of your personal data. Flash disks are small and cheap and can often be forgotten plugged into computers, fall out of pockets and be stolen, providing scammers with all the data stored on that device.

Your bank, your employers and SARS all store and work with your personal information. You have placed a tremendous amount of trust in these organizations to keep your personal data safe. How many people at your bank, for instance, have access to your personal data, who can they potentially give that data to?

Your driver’s license has a lot of information on it, including fingerprints, date of birth and ID number. The new style “smart” licenses will hold even more information, and if the license gets into the wrong hands it can be used for identity theft. For instance, in order to open up a cell phone contract, you would need an ID document or driver’s license, bank account details and proof of address, almost all of which can be obtained by dumpster-diving or someone rifling through your paperwork.

Finally, your computer (at work or at home) or your laptop holds a huge amount of your personal information. If stolen, the hard-drives can easily be trawled for personal information. If there is no password or a weak password on the laptop it makes stealing this information much easier.

This is your world:

  • Since 2007, more money has been made from trafficking financial data acquired by identity theft, than money made from drug trafficking.
  • 8.8 million South Africans were victims of identity theft in 2015.
  • 1 in 3 South Africans do not have a password on their cellphones or computer.
  • 70% of South Africans change their passwords after being compromised. (So 30% of South Africans don’t do anything even after they have been compromised)
  • 1 in 3 South Africans admits sharing passwords with other people.

There are 4 areas where we all neglect the security of our personal information:

  1. IndifferenceLack of Feeling
  2. IgnoranceLack of Knowledge
  3. InabilityLack of Training or Education
  4. InactionLack of Respect

What can you do to improve your personal data security and to prevent identity theft?

When someone comes and knocks on your front door, do you just open the door and let them in? No, you check who it is and then you decide if you want to open your door to them or not. The power of access is in your hands because you control the door.

The same principle applies to your personal data. Be careful and vigilant and be the gatekeeper of your personal data! Control what data is given out and who receives it. You have the control!

Next time we will look at the modus operandi of identity thieves. 

 

Email

Tags: ,
Posted in phishing, Security, Tips | Comments Off on Cybersecurity Awareness Month: Where do scammers get your information?

Cybersecurity Awareness Month: Common passwords

Wednesday, October 3rd, 2018

The past two years have been particularly devastating for data security worldwide, with a number of well-publicised hacks, data breaches and extortion attempts.

Annually SplashData publishes a list of the most common passwords. The list is created using data from more than five million passwords that were leaked by hackers in 2018 and with a quick glance at the list, one thing is clear – we do not learn from our mistakes.

People continue to use easy-to-guess passwords to protect their information. For example, “123456” and “password” retain their top two spots on the list—for the fifth consecutive year and variations of these two “worst passwords” make up six of the remaining passwords on the list.

SplashData estimates almost 10% of people have used at least one of the 25 worst passwords on this year’s list, and nearly 3% of people have used the worst password – 123456.

Here is the list of the top 10 passwords of 2018:

  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. 12345
  6. 123456789
  7. letmein
  8. 1234567
  9. football
  10. iloveyou

Another typical example is 1q2w3e4r5t.  Although it seems very cryptic, one look at a computer keyboard and it’s easy to guess.

Not so clever passsword

It is a sobering fact that most people still underestimate the importance of having a secure password, and still make mistake to use simple words or numbers as a password.

“Passwords are the only control you have to secure your data with most systems these days. If your password is easily guessed by someone, then the person essentially becomes you. Use the same password across services and devices, and they can take over your digital identity.” Shaun Murphy, CEO of SNDR.

In the next post of our Cyber Aware Month series, we look at how to create a strong password you can remember.

 

Email

Tags: , ,
Posted in phishing, Security, Tips | Comments Off on Cybersecurity Awareness Month: Common passwords

Warning: Phishing scams with fake invoices

Monday, October 1st, 2018

The nature of the university as an academic institution means that goods like books and academic journals are purchased by staff.

Phishing scammers will often exploit these purchases by either spoofing the e-mail addresses of well-known publishers or sending “invoices” that are infected with malware to fool people into divulging personal details like passwords and bank account details, or more seriously, infecting their victim’s computers with ransomware which encrypts the contents of the hard drive and demands a ransom to unlock access to the encrypted files.

Last week several colleagues reported that they were getting invoices from a journal publisher for books they allegedly purchased. An invoice for books purchased is usually attached.

Here is an example of the phishing scam:

Please keep an eye open for this threat over the next few days. We have been reading reports of a drastic increase in the incidents of ransomware infections targeting large institutions like universities. Keep on your toes, these criminals will never stop trying, because they catch their victims from the university so easily. Don’t become a victim. Fight them by reporting these scams to the IT CyberSecurity Team, and by spreading the news to your colleagues and classmates.

 If you have received mail that looks like this please immediately report it to the Information Technology Security Team using the following method: (especially if it comes from a university address) Once you have reported it, delete it or put it in your Junk Mail folder.

  1. Start up a new mail addressed to csirt@sun.ac.za, cc sysadm@sun.ac.za.
  2. Use the Title “SPAM” (without quotes) in the Subject.
  3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
  4. Send the mail.

[ARTICLE BY DAVID WILES]

 

Email

Tags:
Posted in E-mail, phishing, Security | Comments Off on Warning: Phishing scams with fake invoices

“Office 365 verification” phishing scam from compromised student account

Monday, September 3rd, 2018

Please be on the lookout for the following phishing scam coming this morning from a compromised student account:

The subject will be “Office365 E-mail Verification” (or a variation) and says that “you recently made a request to terminate your Office365 mail” and to click on a link to cancel this termination.

The mail should be immediately suspicious to most people with common sense and awareness of phishing scams, but here are a few signs:

  1. Why is a student account sending you mail about your “termination” of an Office365 account?
  2. Why are they threatening you to verify or lose your account?
  3. Why does the link point to a site that is not in the university network and is in Brazil of all places?
  4. Why is something as “important” as this being sent in a non-secure email? 

Here is an example of one of these phishing emails that several observant students and colleague have sent me this morning already!

If you have accidentally clicked on the link and given your login details to the phishers it is vitally important that you immediately go to the USERADM page (either http://www.sun.ac.za/password or www.sun.ac.za/useradm and change your password immediately. (Make sure the new password is completely different and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts.)

If you have received mail that looks like the one above, please immediately report it to the Information Technology Security Team using the following method: (especially if it looks like it comes from a university address) Once you have reported it, delete it immediately.

  1. Start up a new mail addressed to csirt@sun.ac.za (CC: sysadm@sun.ac.za)
  2. Use the Title “SPAM” (without quotes) in the Subject.
  3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
  4. Send the mail.

[ARTICLE BY DAVID WILES]

 

Email

Tags: ,
Posted in phishing, Students | Comments Off on “Office 365 verification” phishing scam from compromised student account

SARS phishing scam from sun email

Monday, August 13th, 2018

If you receive an email with the subject “SARS eFilings” from any university email account, do not respond or click on the link. This is not a legitimate email from SARS.

The suspicious email is being sent from compromised staff email accounts informing users that “An EMP Statement of Account for the tax payer listed below has been issued by SARS” and you “need to log into the google doc with your correct details to view the document”. (as shown in example below):

It is important that you help us by spreading the word, informing us about suspicious mails and letting your colleagues and friends know about the scams. You are our eyes and ears, and your input, information and questions are extremely valuable.

When you click on links and provide your information on phishing emails, criminals will be able to gain access to your personal information. If you clicked on the link of this phishing email, immediately go to the www.sun.ac.za/useradm website and change the passwords on all your university accounts.

Remember that once the phishers lose control of one compromised account they might simply move over to another account and they might also close the website they were using once it is blocked by us and would use another one that looks and acts in the same way. Currently, the phishers are servers in Europe to launch their attacks. This is a common tactic with a spear-phishing attack such as this. 

To help us, please:

  • continue to watch out for mail like or similar to this and do NOT respond to it, click on links or provide your email address username or password
  • report the new phishing mail to the correct e-mail addresses of Information Technology Cyber Security using the method added to the bottom of this post
  • remember, just because a mail comes from a “student” or a “personnel” e-mail address and has university branding does not mean in any way that it is legitimate

If you have received mail that looks like this please immediately report it to the Information Technology Security Team using the following method: (especially if it comes from a university address)

  1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
  2. Use the Title “SPAM” (without quotes) in the Subject.
  3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
  4. Send the mail.

IF YOU HAVE FALLEN FOR THE SCAM:

If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and password you should immediately go to http://www.sun.ac.za/useradm and change the passwords on ALL your university accounts (making sure the new password is completely different, and is a strong password that will not be easily guessed.) as well as changing the passwords on your social media and private e-mail accounts (especially if you use the same passwords on these accounts.)

For more information on reporting and combating phishing and spam: https://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/

[Information supplied by David Wiles]

 

Email

Posted in E-mail, phishing, Security | Comments Off on SARS phishing scam from sun email

« Older Entries
Newer Entries »
 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.