%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R 32 0 R ] /Count 2 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250722115026+00'00') /ModDate (D:20250722115026+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R 16 0 R 18 0 R 20 0 R 22 0 R 24 0 R 26 0 R 28 0 R 30 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 6707 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 69.563 521.469 677.171 re f 0.773 0.773 0.773 rg 0.773 0.773 0.773 RG 45.266 746.734 m 566.734 746.734 l 565.984 745.984 l 46.016 745.984 l f 566.734 746.734 m 566.734 69.563 l 565.984 69.563 l 565.984 745.984 l f 45.266 746.734 m 45.266 69.563 l 46.016 69.563 l 46.016 745.984 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(MULTI-FACTOR AUTHENTICATION \(MFA\) FAQS)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(June 08,2020)] TJ ET BT 160.079 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 174.587 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(Information Technology recently)] TJ ET BT 189.068 637.420 Td /F4 9.0 Tf [( enabled MFA for our staff and students. Soon?all staff and students?will be required to )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(use multi factor authentication to secure their information and the university)] TJ ET BT 360.149 626.431 Td /F4 9.0 Tf [(’s)] TJ ET BT 366.647 626.431 Td /F4 9.0 Tf [( network.)] TJ ET BT 403.160 626.431 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 606.442 Td /F1 9.0 Tf [(FREQUENTLY ASKED QUESTIONS)] TJ ET BT 211.532 606.442 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 586.453 Td /F1 9.0 Tf [(What is MFA?? )] TJ ET BT 61.016 566.464 Td /F4 9.0 Tf [(Multi-Factor Authentication adds a second layer of security to your account to ensure that your account stays safe, even if )] TJ ET BT 61.016 555.475 Td /F4 9.0 Tf [(someone else knows your password. This will mean that, for certain services, including Microsoft Outlook, Teams, etc. you )] TJ ET BT 61.016 544.486 Td /F4 9.0 Tf [(will be prompted to provide more information in order to authenticate your identity as a Stellenbosch University student or )] TJ ET BT 61.016 533.497 Td /F4 9.0 Tf [(staff member. )] TJ ET 0.373 0.169 0.255 rg BT 118.535 533.497 Td /F4 9.0 Tf [(More about MFA here.)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 118.535 532.346 m 208.571 532.346 l S 0.153 0.153 0.153 rg BT 208.571 533.497 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 513.508 Td /F1 9.0 Tf [(Why is it so important that I enrol for MFA?  )] TJ ET BT 61.016 493.519 Td /F4 9.0 Tf [(By enrolling for MFA)] TJ ET BT 142.538 493.519 Td /F4 9.0 Tf [(,)] TJ ET BT 145.040 493.519 Td /F4 9.0 Tf [( you ensure that your account is )] TJ ET BT 275.108 493.519 Td /F4 9.0 Tf [(more )] TJ ET BT 298.112 493.519 Td /F4 9.0 Tf [(secure.)] TJ ET BT 327.623 493.519 Td /F4 9.0 Tf [(  You are protecting your own data \(including your HR, )] TJ ET BT 61.016 482.530 Td /F4 9.0 Tf [(payment details, etc.\), your colleagues and the university.)] TJ ET BT 61.016 462.541 Td /F1 9.0 Tf [(How do I enrol for MFA?)] TJ ET BT 165.020 462.541 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 442.552 Td /F4 9.0 Tf [(By following the steps set out in the )] TJ ET 0.373 0.169 0.255 rg BT 204.593 442.552 Td /F4 9.0 Tf [(.pdf document.)] TJ ET 0.18 w 0 J [ ] 0 d 204.593 441.401 m 264.128 441.401 l S 0.153 0.153 0.153 rg BT 264.128 442.552 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 422.563 Td /F1 9.0 Tf [(What must I do if the document does not open? )] TJ ET BT 61.016 402.574 Td /F4 9.0 Tf [(If the document does not open, it could be due to a slow internet connection or you do not have a PDF reader \(e.g. Adobe )] TJ ET BT 61.016 391.585 Td /F4 9.0 Tf [(Acrobat\) installed. Please also clear your browser history or try to open the link in a different browser.?)] TJ ET BT 468.176 391.585 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 371.596 Td /F1 9.0 Tf [(How can a PDF reader be installed? )] TJ ET BT 61.016 351.607 Td /F4 9.0 Tf [(Please raise a request on the ICT Partner Portal that is available at)] TJ ET BT 327.641 351.607 Td /F4 9.0 Tf [( )] TJ ET 0.373 0.169 0.255 rg BT 330.143 351.607 Td /F4 9.0 Tf [(https://servicedesk.sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 330.143 350.456 m 445.694 350.456 l S 0.153 0.153 0.153 rg BT 445.694 351.607 Td /F4 9.0 Tf [( )] TJ ET BT 448.196 351.607 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 331.618 Td /F1 9.0 Tf [(What can I do if I have problems to enrol for MFA? )] TJ ET BT 61.016 311.629 Td /F4 9.0 Tf [(If you are struggling to )] TJ ET BT 152.564 311.629 Td /F4 9.0 Tf [(enrol)] TJ ET BT 172.571 311.629 Td /F4 9.0 Tf [( for)] TJ ET BT 185.576 311.629 Td /F4 9.0 Tf [( MFA, please )] TJ ET BT 241.097 311.629 Td /F4 9.0 Tf [(log a)] TJ ET BT 260.609 311.629 Td /F4 9.0 Tf [( request on )] TJ ET BT 308.138 311.629 Td /F4 9.0 Tf [(the)] TJ ET BT 320.648 311.629 Td /F4 9.0 Tf [( )] TJ ET 0.373 0.169 0.255 rg BT 323.150 311.629 Td /F4 9.0 Tf [(ICT Partner Portal)] TJ ET 0.18 w 0 J [ ] 0 d 323.150 310.478 m 395.672 310.478 l S 0.153 0.153 0.153 rg BT 395.672 311.629 Td /F4 9.0 Tf [( and a technician will contact you.?)] TJ ET BT 534.740 311.629 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 291.640 Td /F1 9.0 Tf [(When do I have to enrol for MFA? )] TJ ET BT 61.016 271.651 Td /F4 9.0 Tf [(Please )] TJ ET BT 91.031 271.651 Td /F4 9.0 Tf [(enrol)] TJ ET BT 111.038 271.651 Td /F4 9.0 Tf [( for MFA as soon as possible. It is critical that all our staff and students use two-factor authentication. )] TJ ET BT 61.016 251.662 Td /F1 9.0 Tf [(How will I know that I have successfully enrolled for MFA? )] TJ ET BT 61.016 231.673 Td /F4 9.0 Tf [(A confirmation message will be displayed on the last screen of the )] TJ ET BT 326.633 231.673 Td /F4 9.0 Tf [(enrolment)] TJ ET BT 366.647 231.673 Td /F4 9.0 Tf [( process.)] TJ ET BT 403.160 231.673 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 220.684 Td /F4 9.0 Tf [(You are now enrolled for Multi Factor Authentication.)] TJ ET BT 61.016 200.695 Td /F1 9.0 Tf [(What must I do if I don't see the  screens as indicated on the enrolment document? )] TJ ET BT 61.016 180.706 Td /F4 9.0 Tf [(Raise a request on the ICT Partner Portal at)] TJ ET BT 236.597 180.706 Td /F4 9.0 Tf [( )] TJ ET 0.373 0.169 0.255 rg BT 239.099 180.706 Td /F4 9.0 Tf [(https://servicedesk.sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 239.099 179.555 m 354.650 179.555 l S 0.153 0.153 0.153 rg BT 354.650 180.706 Td /F4 9.0 Tf [( )] TJ ET BT 357.152 180.706 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 160.717 Td /F1 9.0 Tf [(Will I be charged for the MFA authentication SMS's? )] TJ ET BT 61.016 140.728 Td /F4 9.0 Tf [(No, the SMS's are at the cost of the University.)] TJ ET BT 247.316 140.728 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 120.739 Td /F1 9.0 Tf [(Can I enrol for MFA if I stay in an area without cell phone signal? )] TJ ET BT 61.016 100.750 Td /F4 9.0 Tf [(No, you need a cellphone with reception to enrol for MFA.)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 118.5347 542.2879 118.5347 542.2879 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/en/2020/05/what-is-mfa/) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 118.5347 532.6642 208.5707 541.8217 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/en/2020/05/what-is-mfa/) >> endobj 16 0 obj << /Type /Annot /Subtype /Link /A 17 0 R /Border [0 0 0] /H /I /Rect [ 204.5927 451.3429 204.5927 451.3429 ] >> endobj 17 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/infoteg/dokumente/MFA_guide.pdf) >> endobj 18 0 obj << /Type /Annot /Subtype /Link /A 19 0 R /Border [0 0 0] /H /I /Rect [ 204.5927 441.7192 264.1277 450.8767 ] >> endobj 19 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/infoteg/dokumente/MFA_guide.pdf) >> endobj 20 0 obj << /Type /Annot /Subtype /Link /A 21 0 R /Border [0 0 0] /H /I /Rect [ 330.1427 360.3979 330.1427 360.3979 ] >> endobj 21 0 obj << /Type /Action /S /URI /URI (https://servicedesk.sun.ac.za/) >> endobj 22 0 obj << /Type /Annot /Subtype /Link /A 23 0 R /Border [0 0 0] /H /I /Rect [ 330.1427 350.7742 445.6937 359.9317 ] >> endobj 23 0 obj << /Type /Action /S /URI /URI (https://servicedesk.sun.ac.za/) >> endobj 24 0 obj << /Type /Annot /Subtype /Link /A 25 0 R /Border [0 0 0] /H /I /Rect [ 323.1497 320.4199 323.1497 320.4199 ] >> endobj 25 0 obj << /Type /Action /S /URI /URI (https://servicedesk.sun.ac.za/) >> endobj 26 0 obj << /Type /Annot /Subtype /Link /A 27 0 R /Border [0 0 0] /H /I /Rect [ 323.1497 310.7962 395.6717 319.9537 ] >> endobj 27 0 obj << /Type /Action /S /URI /URI (https://servicedesk.sun.ac.za/) >> endobj 28 0 obj << /Type /Annot /Subtype /Link /A 29 0 R /Border [0 0 0] /H /I /Rect [ 239.0987 189.4969 239.0987 189.4969 ] >> endobj 29 0 obj << /Type /Action /S /URI /URI (https://servicedesk.sun.ac.za/) >> endobj 30 0 obj << /Type /Annot /Subtype /Link /A 31 0 R /Border [0 0 0] /H /I /Rect [ 239.0987 179.8732 354.6497 189.0307 ] >> endobj 31 0 obj << /Type /Action /S /URI /URI (https://servicedesk.sun.ac.za/) >> endobj 32 0 obj << /Type /Page /Parent 3 0 R /Contents 33 0 R >> endobj 33 0 obj << /Length 1873 >> stream 0.153 0.153 0.153 rg 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 587.833 521.469 170.151 re f 0.773 0.773 0.773 rg 0.773 0.773 0.773 RG 45.266 587.833 m 566.734 587.833 l 565.984 588.583 l 46.016 588.583 l f 566.734 757.984 m 566.734 587.833 l 565.984 588.583 l 565.984 757.984 l f 45.266 757.984 m 45.266 587.833 l 46.016 588.583 l 46.016 757.984 l f 61.016 603.583 m 550.984 603.583 l 550.984 604.333 l 61.016 604.333 l f 0.153 0.153 0.153 rg BT 61.016 740.193 Td /F1 9.0 Tf [(Which IT services will be activated for MFA? )] TJ ET BT 61.016 720.204 Td /F4 9.0 Tf [(For the first phase all Microsoft365 \(Outlook, Sharepoint Online, OneDrive for Business, etc.\) applications will require MFA )] TJ ET BT 61.016 709.215 Td /F4 9.0 Tf [(authentication. )] TJ ET BT 61.016 689.226 Td /F1 9.0 Tf [(What will happen if a service is activated for MFA?)] TJ ET BT 277.079 689.226 Td /F4 9.0 Tf [( )] TJ ET BT 61.016 669.237 Td /F4 9.0 Tf [(Before you can access the )] TJ ET BT 169.574 669.237 Td /F4 9.0 Tf [(service)] TJ ET BT 198.077 669.237 Td /F4 9.0 Tf [( y)] TJ ET BT 205.079 669.237 Td /F4 9.0 Tf [(ou will be requested to enter the one-time pin number)] TJ ET BT 418.181 669.237 Td /F4 9.0 Tf [( that will be sent to the cell )] TJ ET BT 61.016 658.248 Td /F4 9.0 Tf [(phone number that you have indicated during the enrolment process.)] TJ ET BT 335.660 658.248 Td /F4 9.0 Tf [( Or if you chose to use the Authenticator App a )] TJ ET BT 61.016 647.259 Td /F4 9.0 Tf [(message will be sent to your phone via the app which request that you approve and in some cases it might also ask for a )] TJ ET BT 61.016 636.270 Td /F4 9.0 Tf [(scan of your thumbprint. )] TJ ET 0.400 0.400 0.400 rg BT 61.016 617.781 Td /F2 9.0 Tf [(Posted in:Security | | With 0 comments)] TJ ET endstream endobj xref 0 34 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000312 00000 n 0000000341 00000 n 0000000479 00000 n 0000000624 00000 n 0000007383 00000 n 0000007495 00000 n 0000007610 00000 n 0000007730 00000 n 0000007838 00000 n 0000007966 00000 n 0000008067 00000 n 0000008195 00000 n 0000008296 00000 n 0000008424 00000 n 0000008530 00000 n 0000008658 00000 n 0000008764 00000 n 0000008892 00000 n 0000008974 00000 n 0000009102 00000 n 0000009184 00000 n 0000009312 00000 n 0000009394 00000 n 0000009522 00000 n 0000009604 00000 n 0000009732 00000 n 0000009814 00000 n 0000009942 00000 n 0000010024 00000 n 0000010089 00000 n trailer << /Size 34 /Root 1 0 R /Info 5 0 R >> startxref 12015 %%EOF Security « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

Security

« Older Entries
Newer Entries »

Phishing with subject “Email Expired”

Thursday, February 1st, 2018

Several students and personnel have informed us of a “new” mail making its rounds on our campuses.

The sender is “Postmaster” with the subject of “Email Expired”. This phishing scam tells you that your e-mail account will shortly expire and uses scare tactics to convince you to “click” on a link to activate your email.

Information Technology will never send you this type of email, ask you to click on a link or provide your username or password. Do not respond to these emails or click on links.

If you have received mail that looks like this please immediately report it to the Information Technology Security Team using the following method:

Send the spam/phishing mail to the following addresses

help@sun.ac.za and sysadm@sun.ac.za.

Attach the phishing or suspicious mail on to the message if possible. There is a good tutorial on how to do this at the following link (Which is safe) : http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Spam%20sysadmin%20Eng.aspx

  1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
  2. Use the Title “SPAM” (without quotes) in the Subject.
  3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
  4. Send the mail.

IF YOU HAVE FALLEN FOR THE SCAM:

If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and password you should immediately go to http://www.sun.ac.za/useradm and change the passwords on ALL your university accounts (making sure the new password is completely different, and is a strong password that will not be easily guessed.) as well as changing the passwords on your social media and private e-mail accounts (especially if you use the same passwords on these accounts.)

IT has set up a website page with useful information on how to report and combat phishing and spam. The address is: https://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/

 

[Article by David Wiles]

 

Email

Tags: ,
Posted in Security | Comments Off on Phishing with subject “Email Expired”

PHISHING: “Your Email Account Has Been Compromise”

Monday, January 29th, 2018

Please be aware that there are e-mails being sent from an outside e-mail address (@lasell.edu) with the subject  “Your Email Account Has Been Compromise” (including capitalisation of every word and a spelling mistake at the end)

The mail contains only the following:

Verify HERE

This is a phishing scam. Information Technology will never send an email like this, ask you to provide your username or password or require you to click on a link in an e-mail.

Here is an example of the phishing mail:


Many people, including students and staff can be easily fooled and manipulated by the social engineering tricks of the phishing scammers.

Once they fall victim to this phishing scam and the scammers have control of an university account, they will stop using the outside e-mail address.

Don’t become one of these victims. If you receive and e-mail with the subject “Your Email Account Has Been Compromise” and it seems that comes from a university account (like a student number, or even a known university colleague), do not respond to it, forward it or click on the link.

Report it to Information Technology’s Cyber-Security Team (details below) and then delete or move it in your Junk E-mail folder. You can use the Rules function in Outlook and Office365 Mail to delete all mail with those subject lines or senders.

Here are the instructions again:

If you have received mail that looks like this please immediately report it to Information Technology using the following method:

Send the spam/phishing mail to help@sun.ac.za and sysadm@sun.ac.za.

Attach the phishing or suspicious mail on to the message if possible. There is a good tutorial on how to do this at the following link (Which is safe): http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Spam%20sysadmin%20Eng.aspx

1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)

2. Use the Title “SPAM” (without quotes) in the Subject.

3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.

4. Send the mail.

IF YOU HAVE FALLEN FOR THE SCAM:

If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and password you should immediately go to http://www.sun.ac.za/useradm and change the passwords on ALL your university accounts (making sure the new password is completely different, and is a strong password that will not be easily guessed.) as well as changing the passwords on your social media and private e-mail accounts (especially if you use the same passwords on these accounts.)

IT have set up a website page with useful information on how to report and combat phishing and spam. The address is: https://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/

 

[ARTICLE by David Wiles]

Email

Tags:
Posted in phishing, Security | Comments Off on PHISHING: “Your Email Account Has Been Compromise”

Protect your personal information

Monday, January 29th, 2018

Data Privacy Day, occurring every year on 28 January, is an international effort to empower individuals and business to respect privacy, safeguard data and enable trust. 

Over the past year the world saw many extensive data breaches across the world. This has accentuated the necessity for creating a greater awareness of protecting information. 

But why should we care about our information?

We are entering the next generation of technological advancement like the Internet of Things, which will connect devices in our schools, home and workplaces. This provides many opportunities, but consumers will have to learn to protect and secure their information. Your devices make it easy to connect to the world around you, but they can also track a lot of information about you and your family. 

How much information do you share online daily? We spend most of our day on the internet where all our actions are tracked and collected by the devices we use. This data is stored indefinitely and can be used at any time. 

The National Cyber Security Alliance in the United States have the following tips:

  1. Personal info is like money: value it, protect it. 
    Be thoughtful about who gets your information and how it’s collected through apps and websites. Delete unused apps, update others and review your app permissions.
  2. Share with care.
    Think before posting about yourself and others online. Review your social network friends and contact lists regularly.
  3. Own your online presence.
    Set the privacy and security settings on websites and apps. You can share information with only friends and family.
  4. Lock down your login.
    Make sure your accounts are secure. Don’t use a password only for bank accounts, email and social media. Use two-step authentication, bio-metrics or security keys.
  5. Keep a clean machine.
    Keep your software, operating systems (mobile and PC), anti-virus and apps updated to prevent data loss, infections and malware.
  6. Apply the golden rule. 
    Post only about others as you would have them post about you.
  7. Secure your devices.
    Every device should be secured with a password or strong authentication – finger swipe, facial recognition, etc. Imagine what someone could do with the information on your device if it got lost?
  8. Think before you app.
    Information about you, such as the games you like to play, your contact lists, where you shop and your location has tremendous value. Apps collect this information. A recent example is activity-tracking app, Strava’s privacy issue. 

FACT AND STATISTICS

  • 41% of Americans have been personally subjected to harassing behaviour online and one in five (18%) has been subjected to particularly severe forms of harassment online. 
  • 82% of cyber-stalkers use social media to find out where their potential victims live, where they go to school, etc.
  • Four in five US physicians have had cyber-attacks in their practices. Keep in mind that medical and health information is among the most sensitive and personal information about people. 

 

[SOURCE: https://staysafeonline.org and www.wikipedia.org]

Email

Tags:
Posted in Security, Tips | Comments Off on Protect your personal information

OneDrive for Business: Anonymous file sharing

Monday, January 22nd, 2018

Information Technology recently assessed our OneDrive for Business platform to ensure that no security risks exist for our users and network. During this assessment we identified a number of users who are currently using the anonymous sharing function (“Anyone with the link can view and edit”) on OneDrive.

With anonymous file sharing there is no control or record of who has access to the shared files. Anybody who has the link can access and/or edit the files. This poses a security risk for the University and our users. For this reason we are compelled to switch off anonymous usage.

From Thursday, 1 February 2018 you will no longer be able to share files anonymously on OneDrive. Sharing will still be possible with internal and external users, but at a higher security level.

Guides on best practices for sharing files on OneDrive is available www.sun.ac.za/itselfhelp under the Office365 section or directly on this page. If you are have any enquiries, please contact the IT Service Desk by emailing help@sun.ac.za or calling our Service Desk at 808 4367.

Email

Tags:
Posted in Connectivity, General, Internet, Security | Comments Off on OneDrive for Business: Anonymous file sharing

Phishing: PSG “Your profile details will expire”

Monday, January 22nd, 2018

There is currently a phishing email making the rounds claiming to be from PSG Wealth.

Be on the lookout for an email requesting you to update your personal information, as your PSG online “profile details will expire”. The link redirects users to a page that looks like the PSG securities trading website, but is a clever forgery.

PSG have assured us that they will never send you an email asking to provide sensitive information online. So it is important to check the validity of any such emails before you respond to requests like these.

Below is an example of one such mail:

There are 3 obvious signs that this mail is fraudulent:

  • The sender´s email address (`from´ address) is disguised to look like it comes from PSG Wealth. The message is actually sent from a different address that does not match our PSG email addresses (using an @psg.com.sa address instead of an @psg.co.za address).
  • The recipient is not specified.
  • The website link provided is not to a PSG domain address and the website is not indicated as being secure. (no little padlock icon or https: in the URL)

What should you do if you have already provided your details in responding to this phishing scam?

If you responded to such an email, login to your account by typing psg.co.za into your browser window and reset your password immediately.

Continue to monitor your account for any unauthorised transactions and alert PSG immediately if you note any suspicious transactions.

Avoid becoming a victim in future: (This applies to all phishing scams, not just this fraudulent scam)

  • Type in website addresses – do not follow links embedded in emails.
  • Do not reuse passwords, especially for financial sites. 
  • Do not click on attachments, unless you know who they are from and are expecting the document in question.
  • Never part with your login details.

If you are not sure that a request for information is legitimate, rather contact the company to verify its authenticity.

~~~

Report the spam/phishing mail to the following addresses:
help@sun.ac.za and sysadm@sun.ac.za. 

Attach the phishing or suspicious mail on to the message if possible. There is a good tutorial on how to do this at the following link (which is safe) : http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Spam%20sysadmin%20Eng.aspx
1. Start up a new mail addressed to sysadm@sun.ac.za  (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

[Article by David Wiles]

Email

Tags:
Posted in E-mail, phishing, Security | Comments Off on Phishing: PSG “Your profile details will expire”

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.