Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

Security

Phishing and whaling

Friday, February 5th, 2016

Recently we gave you some pointers on identifying phishing e-mails. So now that you know all the signs and how to outwit the criminals, there’s another variant – spear phishing. But don’t panic, it’s almost the same, with a bit of a twist.

Spear phishing is an e-mail that seems to be sent from an individual or business you know. Of course it’s really from hackers attempting to obtain you credit card, bank account numbers, passwords and financial information.

These types of attacks focus on a single user or department within an organisation and use another staff member from the organisation’s name to gain the victim’s trust. (Also see our recent article on the incident at Finance.)

They often appear to be from your company’s human resources or IT department, requesting staff to update information, for example passwords or account details. Alternatively the e-mail might contain a link, which will execute spyware when clicked on.

But wait, there are even more fishing comparisons.

When a phishing attack is directed specifically at senior executives, other high profile staff or seemingly wealthy people, it’s called whaling. By whaling cyber criminals are trying to catch the “big phish”, or whale.

phishing

[SOURCE: http://www.webopedia.com]

 
 
 
 

New cyber crime e-mail targets individuals

Wednesday, January 13th, 2016

Over the past two weeks a new e-mail scam has reared its head on campus. Scammers use contact information, available on the internet, to target individuals at the university.

One example is an e-mail which has been sent to various staff at the Finance department with a request to transfer money. (see e-mail with inactive addresses below)

The e-mail is sent from a gmail address, but the display name is a SU staff member’s name. Since the cyber criminal also saw the contact person’s name on the website (in this case Finance’s website), they address the receiver personally as, for example, Karin.

Similar scams use fax numbers available on the internet and then a fax is sent directly to the contact person.

Do not, under any circumstances, react to these e-mails. It is clearly an attempt to attract your attention and convince you to conduct a financial transaction. Delete and ignore the e-mail.

Report suspicious e-mail to sysadm@sun.ac.za and also read our articles on security on our blog, as well as the fortnightly newsletter, Bits & Bytes.


 

FROM: Stellenbosch University staff member name<example@gmail.com>
TO: Stellenbosch University staff member name<example@sun.ac.za>

Karin, 

Let me know if you can process a same day domestic bank transfer to a client. You will code it to professional services

The amount is R870,000, kindly confirm so i can forward the appropriate beneficiary details to enable instant clearance.

Regards

Sent from my iPhone

Phishing remains prevalent

Wednesday, January 13th, 2016

Attempts to harvest staff’s personal information in order to gain access to bank accounts, remains a thorny issue.

Unfortunately we can’t warn you against every potentially dangerous e-mail, but we can show you what to look for so you don’t fall prey to one of these scams. Look out for these signs:

1. The e-mail is never addressed to you personally – it’s a generic heading. (e.g. Dear client)
2. It asks the receiver to divulge personal information, for example your ID number, password or username.
3. The e-mail asks you to click on a link to “activate” your account. Don’t click on any links in e-mails (unless it’s an official IT e-mail) and also don’t copy and paste it in your web browser.
4. Usually a short time limit is given, for example “within 24 hours”.
5. Make sure the request is official and legal by calling the company and confirming.
6. Do not send sensitive information by e-mail. Legitimate companies won’t ask you to send data by e-mail.

Above all, the best defence is being attentive and cautious. Report suspect email to sysadm@sun.ac.za and also read our articles on security on our blog, as well as the fortnightly newsletter, Bits & Bytes.

Phishing warning: Survey on peer review

Thursday, November 12th, 2015

It’s no secret that you can fake just about everything on the Internet, you can fake job references, fake news, fake academic credentials, and fake science.

Academic journals that distribute important research from universities, such a Stellenbosch have had to deal with a proliferation of fake peer reviews. Scams that mask themselves as academic journals which request payment, to accept and publish papers without any form of peer review whatsoever, are common, but now the peer review process itself is being hacked thanks to third-party services that can be paid to fabricate peer reviews for papers. In many cases, identity theft is also involved, with real scientists often never knowing that their identities have been stolen for the purposes of issuing false peer reviews.

Below is a mail sent to one of our own esteemed researchers, who was solicited to complete a survey about the peer review process. Although seemingly innocuous, a quick check on retractionwatch.com reveals that this particular survey has been flagged as a potential source of identity theft, malware and phishing. Dangerous parts of the mail have been removed.

If you are involved in writing and submitting academic papers and reviewing papers, be aware of the minefield of scammers out there who only want to use your good name and reputation, for their own monetary gain and status.

[ARTICLE BY DAVID WILES]


From: Scholarly Research Survey <scholarlyresearch@dummyaddress.com>

Reply-To: Scholarly Research Survey <noreply@dummyaddress.com>
Date: Thursday, 12 November 2015 at 12:05
To: Dr R.E. Searcher <emailaddress@dummyaddress.com>
Subject: Survey on peer review

   

Dear Dr. Searcher,

We are contacting you because you are the corresponding author on a paper that was published in XXXX-XXXX. We would like to invite you to complete a survey, which is about the attitudes of researchers to peer review and scholarly publishing in general. It should take no longer than 8-12 minutes of your time.

This study is being conducted on behalf of a major publisher whose identity will be revealed at the end of the study as we do not wish to bias responses. Your results will be kept confidential and used only for research purposes.

To begin the survey, please click on the link below (or paste it into your browser):

Click here for survey

Thank you very much for your time, we really value your input.

________________________________________________________________________________

If you would like to opt-out of mailings in relation to this research project, please click (here).
Please do not reply to this e-mail as the inbox is not monitored. If you are having trouble with this survey you can let us know (here) and we will address any technical problems as quickly as we can.

Cyber security – no science fiction

Monday, October 26th, 2015

“Cyber” – the word conjures up images of futuristic robots, a post apocalyptic world and machines displaying human characteristics. Clearly we’ve seen too many sci-fi movies.

However, cyber security isn’t in the future, it’s here now and the threat is very real.

Wikipedia defines cyber security as follows:

Computer security, also known as cybersecurity or IT security, is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. It includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures. https://en.wikipedia.org/wiki/Computer_security (2015/10/12)

It is clear that any theft from ICT equipment or data, as well as any disruption of service, can be added to this definition.

The following categories have been included in Wikipedia: Backdoors; Denial-of-service attack; Direct-access attacks; Eavesdropping; Spoofing; Tampering; Privilege escalation; Phishing; Clickjacking; Social engineering and trojans. (Over the next few months we will be discussing these categories in more detail.)

The reasons for attacks on companies are mostly for financial gain, but where Stellenbosch University is concerned, there are a few other reasons. For example financially, manipulation of marks or degrees, access to exam papers, access to and manipulation of research material, obtaining contact information (staff, students or donors), for ideological reasons, using our computing power and abusing our high speed internet access to launch attacks on other entities, etc.

The biggest weak spots in security include usernames and passwords; untrained or inadvertent users; unsafe work stations; obsolete equipment, faulty hard drives; “man-in-the-middle“attacks and cloud services.

The easiest way to gain access to our systems is by means of an existing username and password. Of course it’s of the utmost importance that users choose passwords that are difficult to hack and maintain good password practice.

Don’t use official SU usernames and passwords for any other service or social media. Rather create a separate gmail or live.com e-mail address and use it for official registrations and services.

User access needs to be audited on a regular basis and out-dated rights, need to be removed.

Untrained or inadvertent users are probably the single biggest risk. It’s easy to be “convinced” to click on a link or open an e-mail attachment. Someone who does not pay attention to what they do, are easy targets – even in cyber space.

Work stations under control of end users with administrator rights provide another risk, since they can install any programme. Users navigate to any web address and click links without thinking twice. Any of these links can compromise the workstation and subsequently also the whole campus infrastructure.

Even outdated equipment contains data. Therefore it is important that any data be removed before equipment leaves university property.

These are just a few examples of threats to cyber security and the challenges they present Information Technology. With the assistance of our users, we can at least prevent a few of these dangers.

 

 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.