Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

Security

Eduroam Visitor Access (eVA)

Wednesday, November 6th, 2019

eVA (eduroam Visitor Access) is a new service which enables higher education and research institute visitors to access the secure and trusted eduroam Wi-Fi network. As additional identity management tool, eVA is a platform where visitors who only need temporary internet access can be registered in a simple and secure manner. 

What is it? 

eVA provides a mechanism that allows authorised staff at eduroam participating institutions to sponsor a visitor and issue temporary credentials to that person for a defined period. Designated eVA admin can determine who is eligible to sponsor visitors, and how long those visitors may gain access.

How does it work?

If you are interested in using eVA to register your department’s visitors, please log a request on the ICT Partner Portal. To simplify matters, this could typically be the same contact person as for SUNid and only one person per department or division.

Note that your line manager has to approve your request before we can assign you rights. Approval can also be done on the ITC Partner Portal.

What are the benefits?

  •  No other, additional registration, for example SUNid, is necessary to use this service.
  • Ease of use. Manuals and instructions are available online.
  • Visitor rights can be managed and limited.
  • Access expires automatically after the selected set date.
  • Records can be tracked and audited.

More information on eVA.

How do I report phishing?

Thursday, October 17th, 2019

You’ve received a suspicious email, what should you do with it? Firstly, don’t click on any links. But just as important, send it to us so we can prevent more staff and students falling prey to the scam. We encourage our customers to submit potential phishing examples for review. Using these submissions, the Cyber Security Incident Response Team (CSIRT) can learn from the analysis of these messages. This collectively helps to improve the level of virus and spam detection.

What is phishing?

Phishing attacks are designed to steal a person’s login and password details so that the cyber criminal can assume control of the victim’s social network, email, and online bank accounts. Seventy percent of internet users choose the same password for almost every web service they use. This is why phishing is so effective, as the criminal, by using the same login details, can access multiple private accounts and manipulate them for their own good. 

More on how to recognise a phishing email. 

Report phishing

  1. On the ICT Partner Portal:
  1. By sending an email:​​
  • Start up a new mail addressed to csirt@sun.ac.za.​​
  • Use the Title “SPAM” (without quotes) in the Subject.​​
  • With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure* and a small icon with a light yellow envelope will appear in the attachments section of the – New Mail.​​
  • Send the mail.​​

*Spam or phishing examples must be sent in either.EML or .MSG format as an attachment and must not be forwarded. This ensures the original email can be analysed with its full Internet message headers intact. Alternatively, use the mail application to save the email (usually located under File | Save As) as an .EML or .MSG format to a folder location, and attach the saved file to a new email.

Phishing from staff email

Monday, October 14th, 2019

An email with the subject “Purchase Order 98474” has been sent from a sun email address to staff and students. The email ask you to click on a link to open your purchase order information (also see image below)

This is not a legitimate email, but a phishing attempt from a compromised university account.

By clicking on links and providing your information, you give criminals access to your personal information and your accounts. If you think your account or device has been compromised or you notice suspicious activity:

Immediately change your password on www.sun.ac.za/password.

Contact the IT Service Desk by logging a request or calling 808 4367. 

Phishing from staff email

Monday, August 26th, 2019

Three separate emails with the subjects “Information Service”, “Online course” and “IT communication” from a compromised staff email address were sent to staff and students recently. The emails ask you to click on a link which will open an incident logged on the “Self Service Portal”, click on a link to complete a survey or activate two-factor authentication. One of these used Information Technology’s own branding to try and phish our staff and students.(also see images below)

None of these are legitimate emails, but phishing attempts from a compromised university account.

By clicking on links and providing your information, you give criminals access to your personal information and your accounts.

    • Immediately change your password on www.sun.ac.za/password.
    • Contact the IT Service Desk by logging a request or calling 808 4367.
    • More information is available on our blog and Twitter.

 

Phishing scam sent from compromised GOV.ZA account

Wednesday, July 17th, 2019

Please be aware of the following phishing e-mail which is now starting to be sent to university accounts and might be thought to be legitimate especially if the department has dealings with the Gauteng Government.

The Subject of the mail is “Payment Notification” and asks its victims to click on a link to “VIEW PROOF OF PAYMENT”.

Firstly the link is not a gov.za website and government departments do not usually send out  e-mails asking you to click on unverified links.

 

The suspicious mail takes you to a site that asks you to download a file. This file has a encoded script (malware) that looks like an ordinary web page that asks you to enter your username,password and your cell number to “confirm” your details and “allow” you to view the encrypted PDF file. Of course this malware, now sitting on your PC sends your login details and password to another server overseas controlled by the scammers, which they will
then use to break into your account at the university in order to do all sorts of nasty things.

So please be very careful, especially in the light of the compromised university accounts that were used earlier this week to launch a phishing attack from within the university.

The university is now a very popular target for phishers because they can easily gain access to personnel and student accounts as the users are not often aware of the dangers of phishing and are not informed about how to spot them.

 

 You can report phishing scams and spam in two ways:​

 

1. By reporting it on the ICT Partner Portal.​​

2. By sending an email.​​

  • Start up a new mail addressed to csirt@sun.ac.za.​​
  • Use the Title “SPAM” (without quotes) in the Subject.​​
  • With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the – New Mail.​​
  • Send the mail.​​ ​​

If you have accidentally clicked on the link and already given any personal details to the phishers it is vitally important that you immediately go to the USERADM page (either
http://www.sun.ac.za/password or www.sun.ac.za/useradm and change your password immediately.) Make sure the new password is completely different, and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts. Contact the IT Service Desk if you are still unsure.

 

 

© 2013-2019 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.