Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

Security

« Older Entries
Newer Entries »

Beat the cyberbully

Friday, November 11th, 2016

bully-655659_960_720Cyberbullying is deliberately and repeatedly harming or harassing someone using electronic technology  – this includes devices and equipment such as cell phones, computers, and tablets, as well as communication tools including social media sites, text messages, chat, and websites. 

With the increased use of communication technology, cyberbullying has become increasingly common, especially among teenagers. While the term cyberbullying is used predominantly for children or teenagers, cyberstalking or cyberharassment is when the same behaviour occurs in adults. 

What is cyberbullying or -stalking?

The main goal of this harassment is to threaten a person’s reputation, employment, earnings, safety or try to turn people against them. Cyberbullies aim to intimidate, hurt, control, manipulate, humiliate or falsely discredit someone. Their actions are deliberate, hostile, usually repeated and intended to harm.

Cyberstalkers use public forums, social media or online information sites to launch their attacks on. Online platforms provide anonymity and bullies can remain ignorant of the consequences their attacks have on the victims. According to the National Council on Crime Prevention’s survey, 81% of teenagers thought others cyberbully because it’s funny. 

Cyberbullying can come in various forms. It can be someone repeatedly sending e-mails or text messages even when the person clearly stated they don’t want them. It can include repeated threats, sexual remarks, hate speech, false accusations or ridiculing someone.

Some bullies/stalkers will even go so far as to hacking into a site and changing information or posting false statements to humiliate or discredit a person. They may also publicise a victim’s personal data or create a fake account to use to defame, discredit or humiliate them.

The 8 most common cyberbullying tactics used by teens according to www.wikipedia.org are the following:

  1. Exclusion: Teenagers intentionally exclude others from an online group.
  2. Cyberstalking: Teens will harass others by constantly sending emails, messages, or tagging others in posts they don’t want to be tagged in.
  3. Gossip: Post or send cruel messages that damage another’s reputation, relationships, or confidence.
  4. Outing/Trickery: Trick another teen into revealing secrets or embarrassing information which the cyberbully will then share online.
  5. Harassment: Post or send offensive, insulting, and mean messages repeatedly.
  6. Impersonation: Create fake accounts to exploit another teen’s trust. They may also hack into an account and post or send messages that are damaging to the person’s reputation or relationships.
  7. Cyber Threats: Threaten or imply violent behaviour toward others to make them feel uncomfortable.
  8. Flaming: Fights online that involve hateful or offensive messages that may be posted on various websites, forums, or blogs.

More definitions of cyberbullying can be found on The Centre for Justice and Crime Prevention’s website.

Who are the bullies?

The root of cyberbullying is the same as face-to-face bullying. The only difference is the convenience and anonymity of technology which makes it even easier.

Usually, a bully will know their victim and attack them because of their own prejudice, whether it’s race, religion or sexual orientation. Or merely because they’re “not cool” or they didn’t like something they said on social media. 

It’s important to keep in mind that, in general, a bully’s behaviour stems from their own problems or issues. According to Stopbullying.gov, there are two main groups who harass others. Popular kids or teens bully because they think it will make them more popular or hurting others give them a false perception of power. At the other end of the spectrum are those who bully because they are victims of bullying themselves and it’s their way to lash out. 

How to beat cyberbullying or cyberstalking

In most countries, cyberstalking has the same consequences as physical stalking. South Africa does not have specific legislation dealing with cyberbullying. The victims of cyberbullying, therefore, have to rely on criminal law and/or civil law. More information on these laws can be found on The Centre for Justice and Crime Prevention’s website.

For this reason, it’s important to deal with cyberbullying as soon as it rears its head. The video below provides some valuable hints in this regard.

 

[SOURCES: http://www.bullying.co.uk/cyberbullying/, http://www.deletecyberbullying.org/why-do-people-cyberbully/, http://www.cyberbullying.org.za/south-african-law.html]

 

Email

Tags:
Posted in Communication, E-mail, General, Security | Comments Off on Beat the cyberbully

Spam = blocked accounts

Thursday, October 6th, 2016

A fast-spreading spam e-mail caused problems on campus last week. Some students and staff clicked on a malicious link in a phishing e-mail and subsequently gave a hacker access to their Outlook cloud e-mail accounts. The criminal proceeded to use their e-mail addresses and mailbox to spam all their contacts. Since it was sent from a @sun address, receivers of the spam didn’t suspect anything. (An example of the e-mail, with dangerous links removed, is shown below)

Unfortunately, due to the mass e-mails sent from these mailboxes, Microsoft automatically blocked the users’ accounts and they were unable to access e-mail. 

Please remember to look for the general characteristics of a phishing e-mail before you click on links in e-mail. Just because it’s sent from a @sun address , it does not mean it’s safe.

If you suddenly don’t have access to your e-mail, contact the IT helpdesk (x4367). If you’ve clicked on a suspicious link, change your password immediately.

 

From: Known address <knownaddress1@sun.ac.za>
Sent: 05 October 2016 12:26 PM
To: SU address <knownaddress@sun.ac.za>
Subject: PI Doc copy

 

Please confirm PI doc copy below using Google documents
for your account to be credited.

Continue to Gdocs

Kind regards

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on Spam = blocked accounts

Another phishing e-mail

Wednesday, September 28th, 2016

We have noticed numerous phishing scams targeted at SU mailboxes. Please note that these, like the example below, are NOT from the IT Helpdesk and are only an attempt to source your username and password. 

You will not be asked by IT to verify your account, we have automatic ways to do this. Secondly, our e-mails will be branded and both in Afrikaans and English. Hopefully they will also have less spelling mistakes than most of these phishing e-mails. 

We realise that it might be confusing, but if in any doubt, please e-mail us (help@sun.ac.za or 021 808 4367) to make sure whether these e-mails are legitimate.

From: SUN Support [mailto:phishing@dummyaddress.com]
Sent: 28 September 2016 09:40 AM
Subject: Notice

Dear User

To re-validate your mail account please click on the below link and enter your user id and password for the upgrade of your Account and Maintenance, Very Important. 

Click here

Your Mail account will be permanently terminated in a short time for failure to adhere to our urgent notice.

Thank you for your cooperation.

SUN Mail Support

© 2016 Stellenbosch University. All Right Reserved.

 

Email

Tags:
Posted in E-mail, Security | Comments Off on Another phishing e-mail

Dangerous Phishing Scam: ITS Service Desk

Monday, September 26th, 2016

Please note that there is currently a new, and dangerous phishing scam making the rounds throughout the university.

Unfortunately, several *internal* e-mail addresses, including students and personnel that were earlier compromised, are being used to spread the phishing scam. With both students and personnel being distracted by the FeesMustFall protest actions both within the faculty and at the Main Campus, they are less alert to the ongoing threat from outside and this seems to have resulted in a number of personnel and student account details being “hijacked”and used.

The mail comes from a university address, so victims think that it has to be legitimate, which heightens the threat.

Below is the phishing scam. Please do not respond to it. The criminals are trying to trick you into providing them with your e-mail details and password. These are used to gain access to the account which is then used to propagate the scam further and gain access to more personal data within the university.

The dangerous part of the phishing scam has been deactivated by removing the link to the phishers server currently in Brazil and redirecting them to an internal page.

From: Compromised University Address <noreply@sun.ac.za>
Sent: Wednesday, 21 September 2016 05:59
Subject: ITS Service Desk

With the strengthening off our security system and improving your mailing experience, We have detected your mail settings are out of date. To enhance computer system security and comply with federal audit requirements, ITS requires all Sever Users to update their account , kindly click ITS to update your account to the latest OutlookWebApp . Sign in and automatically update your mailbox by filling out the requirements correctly.

___________________
Sincerely,
ITS Service Desk
Click Here

[ARTICLE BY DAVID WILES]

Email

Tags:
Posted in E-mail, Security | Comments Off on Dangerous Phishing Scam: ITS Service Desk

Phishing scam disguised as a mail about a “Web-mail update”

Thursday, August 11th, 2016

The scammers never stop trying to fool people and this particular version of a phishing scam is NOT new. This is the third time this year that this version of a typical phishing scam has arrived in university mail accounts. Last time it fooled several people, personnel and students alike, so there IS a danger.

I have attached a screenshot of the scam and highlighted the tricks that the criminals use to fool us. See if you can spot them yourselves…

  1. Sent from a compromised account, not in South Africa (In this case a university in the USA)
  2. It is not addressed to you… Just a “Dear Webmail user”
  3. The amounts displayed that Webmail account have are incorrect. Stellenbosch Students have 1Tb of storage on their Office365 accounts. Personnel currently has 500Mb by default.
  4. Large letters telling you the “CLICK HERE” to “”update” your account. The link does not go to a Stellenbosch site, but a server under the control of the scammers elsewhere.
  5. Threatening language to bully you into complying with their scam.

webmail-scam

So how do you tell the difference between a phishing message and a legitimate message? Unfortunately, there is no one single technique that works in every situation, but there are 10 things that you can look for:

  1. The message contains a mismatched URL – If the hyperlinked address is different from the address that is displayed, the message is probably fraudulent or malicious.
  2. URLs contain a misleading domain name – The last part of a domain name is the most telling. If the links do NOT end with SUN.AC.ZA, then it is a phishing scam.
  3. The message contains poor spelling and grammar – with the growth of SMS, WhatsApp and social media, poor spelling and grammar have become the norm, but bad grammar will never come from Information Technology.
  4. The message asks for personal information – No matter how official an email message might look, it is always a bad sign if the message asks for personal information. Your bank doesn’t need you to send them your account number. They already know what that is.
  5. The offer seems too good to be true – There is an old saying that if something seems too good to be true, it probably is. If you receive a message from someone unknown to you who is making big promises, the message is probably a scam.
  6. You didn’t initiate the action – If you get a message informing you that you have won a contest you did not enter, you can be sure that the message is a scam.
  7. You’re asked to send money to cover expenses – One telltale sign of a phishing email is that you will eventually be asked for money. If that happens, you can be sure that it’s a scam.
  8. The message makes unrealistic threats – If a message makes unrealistic threats, it’s probably a scam.
  9. The message appears to be from a government agency – Phishing artists who want to use intimidation don’t always pose as a bank. Sometimes they’ll send messages claiming to have come from a law enforcement agency, SARS, or the SA Police , or just about any other entity that might scare the average law-abiding citizen.
  10. Something just doesn’t look right – casino security teams are taught to look for anything that JDLR—Just Doesn’t Look Right. This same principle almost always applies to email messages.

[ARTICLE BY DAVID WILES]

 

Email

Posted in E-mail, Security | Comments Off on Phishing scam disguised as a mail about a “Web-mail update”

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.