Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

phishing

« Older Entries
Newer Entries »

Warning: Phishing scam exploiting ABSA new logo

Tuesday, July 17th, 2018

Many of you use ABSA as your bank of choice, as well as making use of ABSA Bank’s Internet Banking facilities, so this warning might be of particular significance.

Earlier this month ABSA announced a new logo – part of its rebranding campaign – and almost immediately phishing scammers exploited this opportunity to continue their nefarious campaign of identity theft through phishing email attacks.

Several users have reported getting the following email – allegedly from ABSA – taking advantage of the new logo to target the bank’s customers in a phishing email scam by attempting to trick users to click on a link to take them to a fake website.

The scam email states that it comes from Absa CEO Maria Ramos, but it’s actually from an outside source and informs victims that “today marks a very significant day in the Absa journey”. The email uses Absa’s slogan, saying “We are also launching a new, fresh and vibrant Absa logo and identity that reflects our commitment to you, our customers”. Potential victims are then encouraged to click on their “New Absa eStatements” in PDF format. This is not a statement, but an HTML file which takes users to a phishing website.

Here is one example of the phishing e-mail which has already appeared in several University email accounts, as well as personal home email accounts:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

As always, you should never respond to a suspicious looking email or message or click on a link in any suspicious looking email. Rather delete the email. No South African bank will ever contact customers and request sensitive information (card PIN, card CVV or online banking password) via email, telephone or SMS.

If you have received a phishing email, immediately report it to the Information Technology CyberSecurity Team using the following method:
 
1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

IF YOU HAVE FALLEN FOR THE SCAM:
If you did click on the link of a phishing spam and unwittingly gave the scammers your username, email address and password  immediately go to http://www.sun.ac.za/useradm and change the passwords on ALL your university accounts (making sure the new password is completely different and is a strong password that will not be easily guessed.), as well as changing the passwords on your social media and private email accounts (especially if you use the same passwords on these accounts.)
 
Useful information on how to report and combat phishing and spam can also be found on our blog

[ARTICLE BY DAVID WILES]

Email

Tags: , , ,
Posted in E-mail, phishing, Security | Comments Off on Warning: Phishing scam exploiting ABSA new logo

Phishing attempt from SUN email address

Monday, June 25th, 2018

If you receive an email with the subject “Mailbox” or “Urgent Alert !!” from a university account, do not respond to it or click on the link. This is not a legitimate email from Information Technology.

We have received reports that a suspicious email is being sent out from a university account informing users that their email has exceeded its storage limit and they have to click on a link to “avoid blockage or deactivation”(As shown in example)

If you follow the link and give your information, it will be used by phishing criminals to gain access to your personal information, including your bank details. If you did click on the link of this phishing email, immediately go to the www.sun.ac.za/useradm website and change the passwords on all your university accounts.

If you have any inquiries, please let us know by logging a request or calling our Service Desk at 808 4367. 

Email

Tags:
Posted in E-mail, phishing, Security | Comments Off on Phishing attempt from SUN email address

Phishing Scam about “Unexpected Mail Shutdown

Wednesday, June 6th, 2018

There is currently a bombardment of phishing emails arriving in university accounts about an “Unexpected Mail Shutdown”. The mail used alarmist threats about pending shutdowns and has all the signs of a phishing scam, including a website that is not on the university network.

This is a typical phishing scam and although it is being sent to university addresses, you should not react, respond or click on any links, as the phishers insert your email address in the link field and thus can identify your account as functional.

Below is the mail arriving in many university accounts:

 

If you have received this mail like this, please report is to the Information Technology Cybersecurity Team using the following method:

Send the spam/phishing mail to help@sun.ac.za and sysadm@sun.ac.za

Attach the phishing or suspicious mail on to the message if possible.
1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

[Information supplied by David Wiles]

Email

Tags: ,
Posted in phishing, Security | Comments Off on Phishing Scam about “Unexpected Mail Shutdown

Phishing e-mail with deceptive subject “IT ADMIN”

Tuesday, April 10th, 2018

Several observant colleagues and some students have reported a number of phishing emails being sent (usually in pairs) from a university account in the United Kingdom. The subject is “IT ADMIN” with no salutation or any other information other than “You have a pending message click here to read”.

With some students still on their autumn break and many colleagues only returning this week from the short school holiday, mailboxes have filled up full, voicemails and Skype 4 Business voice messages might have been left and some might be fooled into thinking that a message from “IT ADMIN” *might* be important.

This is a common tactic used by phishing scammers to attempt to con their victims into giving their usernames and passwords.

Many phishing emails use short and cryptic messages to instil a sense of urgency to scare users into doing the attackers’ bidding. In this case, a short mail about a mysterious “pending message” requires the victims to click on a link in order to retrieve the message. In actuality, the link leads to a fake login page designed to collect the user’s login credentials and deliver them to the attackers.

You should always inspect all URLs carefully to see if they redirect to an unknown website – this scam links to weebly.com. Also look out for generic salutations, grammar mistakes, and spelling errors scattered throughout the email. There are several in this mail.

It is no coincidence that a compromised UK university email address has been used. Large institutions like universities, with large numbers of students and personnel, are always a challenge to protect and are choice targets for phishing attacks.

In the same way, some Stellenbosch University students and personnel are fooled by the scam and give the scammers their passwords and login details by filling them in on the fake login page. The original email account is discarded by the scammers and compromised Stellenbosch University accounts might be used. This has happened several times before.

So, do not be surprised if later this week there is a fresh breakout of these “pending message” mails from “IT ADMIN” but this time coming from Stellenbosch University student or personnel accounts. It is very important to report this to the IT Cyber Security team.

If you have received mail that looks like this, please immediately report it by sending the spam/phishing mail to help@sun.ac.za
and sysadm@sun.ac.za. 

Attach the phishing or suspicious mail on to the message if possible.
1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

[Article by David Wiles]

Email

Tags:
Posted in E-mail, phishing | Comments Off on Phishing e-mail with deceptive subject “IT ADMIN”

Phishing email with subject: “ DO NOT IGNORE THE WARNING”

Thursday, March 15th, 2018

Several staff are receiving a “threatening” e-mail with the subject “<your email address> DO NOT IGNORE THE WARNING”

Your e-mail address will be inserted at the begining of the message, and then proceeds to inform you about your account being used for “spam activities” and that it will be blacklisted and permanently suspended.

Here is an example of the mail (with all the dangerous stuff removed)

If you are fooled into clicking on the link, you will be taken to a website (based in Zimbabwe) and your e-mail address will be automatically inserted in the field, and you will be asked to type in your password, and then the scammers will have gained access to your network account!

This is a typical tactic employed by phishers targeting university e-mail accounts. They use your contact details and intimidating language to cause you to panic and “click on the link they provide.

When spotting phishing scams remember:

  1. Don’t trust the display name.
  2. Look but don’t click.
  3. Check for spelling mistakes.
  4. Analyse the salutation.
  5. Don’t give up personal information – ever.
  6. Beware of urgent or threatening language in the subject line.
  7. Review the signature (remember the university’s own centennial celebration and “water-wise” branding is being used in *some* external phishing attacks)
  8. Don’t click on attachments.
  9. Don’t trust the header from an email address.
  10. Don’t believe everything you see.

Phishers are extremely good at what they do. Just because an email has convincing brand logos, language, and a seemingly valid email address, does not mean that it’s legitimate. Be sceptical when it comes to your email messages—if it looks even remotely suspicious, don’t open it.

If you have received mail that looks like this, please immediately report it to the Information Technology Security Team using the following method:

Send the spam/phishing mail to the following addresses: help@sun.ac.za and sysadm@sun.ac.za

Attach the phishing or suspicious mail on to the message if possible.  

  1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
  2. Use the Title “SPAM” (without quotes) in the Subject.
  3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
  4. Send the mail.

[Article by David Wiles]

Email

Posted in E-mail, phishing, Security | Comments Off on Phishing email with subject: “ DO NOT IGNORE THE WARNING”

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.