Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

Security

« Older Entries
Newer Entries »

Phishing scam disguised as a “server warning”

Friday, March 10th, 2017

There are reports that some students and personnel have already received this mail in their mailboxes. It is a typical phishing scam but uses a different tactic to trick the recipient into divulging personal details like passwords and should not be responded to in any way. That mail was sent by a “throwaway” outlook.com mail account. It started making its appearance in June last year in Yahoo!Mail accounts.

According to this e-mail, which claims to be a “Server Message”, telling the potential victim that they recently initiated an action to shut down their e-mail account. The e-mail advises that, if they did not initiate the supposed shut down action, they should click a ‘Cancel De-activation’ link to restore your account to its normal settings.

However, the e-mail is not from the university, and no account shut down action has been initiated. The e-mail is just a crude phishing scam designed to steal your university account login details. The scammers hope that at least a few recipients will click the cancel link in the mistaken belief that they must do so to save their account.

If you do click the link, you will be taken to a fraudulent web page that has been built to emulate a genuine login screen. A form on the page asks you to enter your e-mail address and account password and click a button labelled ‘Sign in to Cancel De-activation”.  After signing in on the fake page, you will be automatically redirected to the university webmail website.

Meanwhile, the scammers can collect the login details you entered and use them to hijack your university e-mail account. Once they have gained access to your account, they can use it to send out spam and scam e-mails in your name. (as has been happening in recent weeks)

E-mail phishing scams like this one are very common. Be very wary of any e-mail that claims that you must click a link or open an attached file to rectify a supposed account problem. It is always safer to log into all of your online accounts by entering the address into your browser’s address bar or via an official app.

Here is an example of the mail that is in circulation with the dangerous parts removed. 

 

[ARTICLE BY DAVID WILES]

Email

Tags:
Posted in E-mail, Security | Comments Off on Phishing scam disguised as a “server warning”

Office365 phishing e-mail

Friday, March 3rd, 2017

Please take note of a phishing e-mail circulating on campus which looks like an Office365 e-mail notification. Unfortunately, a few students have been caught out by this trap. 

We will not send you an e-mail resembling the one below. If in doubt, rather contact us to confirm whether it’s a legitimate request.

 

From: SU Student <phishingvictim@sun.ac.za>
   Sent: 03 March 2017 12:07 PM
   Subject: Missing Mails

   You have two(2) unread messages but cannot because your mailbox has
   exceeds its quota/limit.
   Click here to use the message retriever page and enter login again to
   access missing message.

   Secretary

   Office 365

   System Administrator

Email

Tags: ,
Posted in E-mail, Security, Students | Comments Off on Office365 phishing e-mail

Security tips for travelling at home and abroad

Wednesday, March 1st, 2017

Travelling without your electronic devices is highly unlikely — whether it’s to the coffee shop around the corner or overseas. These devices make it easy for us to stay connected while on the go, but they can also store a lot of information — including contacts, photos, videos, location, and other personal and financial data — about ourselves and our friends and family. Following are some ways to protect yourself and others.

Before you go:

  • If possible, do not take your work or personal devices with you on international trips. If you do, remove or encrypt any confidential data.
  • For international travel, consider using temporary devices, such as an inexpensive laptop and a prepaid cell phone purchased specifically for travel. (For business travel, your employer may have specific policies about device use and travelling abroad.)
  • Install a device finder or manager on your mobile device in case it is lost or stolen. Make sure it has remote wipe capabilities and that you know how to do a remote wipe.
  • Ensure that any device with an operating system and software is fully patched and up-to-date with security software.
  • Makes copies of your travel documents and any credit cards you’re taking with you. Leave the copies with a trusted friend, in case the items are lost or stolen.
  • Keep prying eyes out! Use strong passwords, passcodes, or smart-phone touch ID to lock and protect your devices.
  • Avoid posting social media announcements about your travel plans; such announcements make you an easy target for thieves. Wait until you’re home to post your photos or share details about your trip.

While you’re there:

  • Physically protect yourself, your devices, and any identification documents (especially your passport).
  • Don’t use an ATM unless you have no other option; instead, work with a teller inside the bank. If you must use an ATM, only do so during daylight hours and ask a friend to watch your back. Also, check the ATM for any skimming devices, and use your hand to cover the number pad as you enter your PIN.
  • It’s hard to resist sharing photos or telling friends and family about your adventures, but it’s best to wait to post about your trip on social media until you return home.
  • Never use the computers available in public areas, hotel business centres, or cyber cafés since they may be loaded with keyloggers and malware. If you use a device belonging to other travellers, colleagues, or friends, do not log in to e-mail or any sensitive accounts.
  • Be careful when using public wireless networks or Wi-Fi hotspots; they’re not secure, so anyone could potentially see what you’re doing on your computer or mobile device while you’re connected.
  • Disable Wi-Fi and Bluetooth when not in use. Some stores and other locations search for devices with Wi-Fi or Bluetooth enabled to track your movements when you’re within range.
  • Keep your devices with you at all times during your travels. Do not assume they will be safe in your hotel room or in a hotel safe.

When you return:

  • Change any and all passwords you may have used abroad.
  • Run full antivirus scans on your devices.
  • If you used a credit card while travelling, check your monthly statements for any discrepancies for at least one year after you return.
  • If you downloaded any apps specifically for your trip and no longer need them, be sure to delete those apps and the associated data.
  • Post all of your photos on social media and enjoy reliving the experience!

Also read the New York Times article, “Traveling Light in a Time of Digital Thievery”. Looking for hotel safety tips? Watch this four-minute Travel Channel video, which explains how to avoid thefts, Wi-Fi hackers, and fire-hazard hotels.

 

[SOURCE: www.educause.edu]

Email

Tags:
Posted in Security, Tips | Comments Off on Security tips for travelling at home and abroad

What is the junk e-mail folder?

Tuesday, February 28th, 2017

Just before the weekend, we became aware of a particularly intrusive and persistent phishing attack. An e-mail, seemingly from Standard Bank, was distributed from a staff member’s e-mail account after being hacked.

In order to prevent the attack from causing more damage to other e-mail users, stricter spam filter measures had to be implemented over the weekend. After this time period, the filter was reset to its default.

These measures caused some e-mails that weren’t spam, to divert to Outlook’s Junk Mail folder. They were not deleted, but they weren’t visible in inboxes.

Even though it is advisable that you occasionally check your Junk mail folder, it seems some staff aren’t familiar with the folder or it’s function.

The Microsoft Outlook Junk E-mail Filter helps reduce unwanted email messages in your Inbox. Junk e-mail, also known as spam, is moved by the filter away to the Junk E-mail folder.

How the Junk E-mail filter works

The Junk E-mail Filter evaluates each incoming message to assess whether it might be spam, based on several factors. These can include the time when the message was sent and the content of the message. By default, the Junk E-mail Filter is turned on and the protection level is set to Low. This level catches only the most obvious spam. You can make the filter more aggressive by changing the level of protection that it provides.

You can adjust the Junk E-mail Filter settings in the Junk E-mail Options dialogue box.

  • On the Home tab, in the Delete group, click Junk, and then click Junk E-mail Options.

Any message that is suspected to be junk is moved to the Junk E-mail folder. We recommend that you periodically review the messages in the Junk E-mail folder to check for legitimate messages that were incorrectly classified as junk. If you find a message that isn’t junk, drag them back to the Inbox or to any folder. You can also mark the item as not junk by doing the following:

  • On the Home tab, in the Delete group, click Junk, and then click Not Junk.

More detailed instructions can be found on the Office365 Knowledgebase and on Microsoft’s website.

We apologise for the inconvenience and confusion caused by these emergency measures. If you have any questions, please contact the IT Service Desk at 021 808 4367 or help@sun.ac.za.

 

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on What is the junk e-mail folder?

Warning about (Standard Bank) phishing scam being sent from university e-mail address

Friday, February 24th, 2017

It seems that phishing scammers are again using some student accounts, either by direct access or address “spoofing” (a technique commonly used by spammers to hide the origin of their e-mails by using a forged return address ) to send phishing mail such as the one below to many university accounts.

The phishers attempt to trick the recipients of their mail into thinking that because the mail is from a “sun.ac.za” account, it is genuine.

The mail below is an obvious phishing scam and should not be responded to. Also, don’t click on the enclosed links or provide any usernames, passwords or personal details to the senders.

Looking at the mail below, note the following 5 “warning signs”.

  1. No personal salutation – Just “Valued Customer”.
  2. Intimidating threats should you not comply – “Failure to Update”.
  3. Request to click a link to verify your details or to provide usernames and passwords
  4. The link takes you to a webpage that might look legitimate but is not based in the university network. (this phishing scam originated in Sri Lanka)
  5. Poor grammar and spelling.

Never be fooled if a mail seems as if it was sent from a university address.

In this case, the e-mail address of an Agricultural Sciences student was used.

Information Technology does have a good automated mechanism for submitting spam. It is quite simple to use, but being automated there will be no indication or acknowledgement that the mail has been received by Information Technology:

  1. Start a new mail addressed to sysadm@sun.ac.za
  2. Use the Title “SPAM” (without quotes) in the Subject field.
  3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an attachment and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
  4. Send the e-mail.

Do not “Forward” the Spam mail to this address. When you forward the original sender and all the information that the spam filters use to filter out the mail is lost and the Forwarded mail will be rendered useless for the filters.

Here is the mail that is circulating at the moment (malicious links have been removed):

From: Compromised, Student Account <12345678@sun.ac.za>

Sent: 23 February 2017 16:00

Subject: Mandatory Update 

Dear Valued Customer, 

STANDARD BANK MONETARY SERVICES 

We wish to inform you that your Credit Card has been listed for suspension due to recent Error/Traffic on your previous transaction. 

You are MANDATED to re-update your details here: https://dont.click.on.this.link.com 

Failure to Update within 24Hours will Lead to your Banking Services Suspension/Interruption.

We are sorry for any inconveniences this might have caused you.

[ARTICLE BY DAVID WILES]

 

Email

Tags: ,
Posted in E-mail, Security | Comments Off on Warning about (Standard Bank) phishing scam being sent from university e-mail address

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.