Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

Security

« Older Entries
Newer Entries »

Cape of Storms and e-mail storms

Friday, August 16th, 2013

We’ve been having plenty of stormy weather over the past few days, so in keeping with the theme, did you know you even get e-mail storms?

“An email storm is a sudden spike of Reply All messages on an email distribution list, usually caused by a controversial or misdirected message. Such storms start when multiple members of the distribution list reply to the entire list at the same time in response to the instigating message. Other members soon respond, usually adding vitriol to the discussion, asking to be removed from the list, or pleading for the cessation of messages. If enough members reply to these unwanted messages this triggers a chain reaction of email messages. The sheer load of traffic generated by these storms can render the email servers inoperative, similar to a DDoS attack.

A related phenomenon occurs when a subscriber to a mailing list emails the mailing list to “UNSUBSCRIBE”. People will reply to the hapless individual on the mailing list, half of them advising on how to unsubscribe, the other half referring to the manual of the mailing list manager. More subscribers will reply to the previous round of respondents, again to the list, this time about mailing list etiquette.

Some email viruses also have the capacity to create email storms, by sending copies of themselves to an infected user’s contacts, including distribution lists, infecting the contacts in turn.”

[SOURCE: www.wikipedia.org]

 

Email

Posted in E-mail, Security | Comments Off on Cape of Storms and e-mail storms

SARS wants to give you money?

Friday, August 2nd, 2013

 It’s that time of the year when our mailboxes are infiltrated by messages from SARS and we start making sums and filling out forms. Unfortunately elusive cyber criminals also know that this is the perfect time to prey on our gullibility.

So it’s most likely that you will be receiving (if you haven’t already) a so-called e-mail from SARS asking you either to verify your information or to let you know that a much-welcomed amount has been paid into your account. (see example below) Don’t get excited – it’s not really SARS.

Clicking on the hyperlink in the email takes you to a fake “e-filing” site that has hyperlinks for the four big South African banks and instructions to log on to your Internet banking site for “confirmation of your details”.  When you follow the Nedbank link (as an example), you are taken to a copy of the Nedbank internet banking site that asks for profile, pin and password.  Supplying these takes you to a second page that asks you for your mobile number.  Submitting information on this page takes you to a page that requests the reference number sent to your cellphone.

Do not authorise any cellphone message that comes through if you end up in the above situation.  Furthermore, do not click on any hyperlinks in emails or divulge your account or mobile number details to anyone over the phone or via email.  Banks will never ask you to access internet banking through a link in an email, neither will banks ever ask for your mobile number when you access internet banking.

Look out for the following tell-tale signs:

–  when you move with your pc’s mouse over the link, it won’t be the official, correct web address
–  the e-mail isn’t addressed to you personally – your name isn’t mentioned anywhere
–  the address it was sent from is a generic one that doesn’t exist
–  there is no reference or account number
–  no contact person is mentioned

If you’re unsure, rather go directly to the SARS e-filing web site (type in http://www.sarsefiling.co.za/) and see if there were any payments made to your account.

———————————————————————————————–

From: Sars Efiling <message@sars.co.za>
Date: 30 July 2013 19:37:38 EDT
To: <fakeaddress@sun.ac.za>
Subject: You have a new transaction message

We have filed your return and made a deposit of R3,650.80 into your account.

Confirm your filing

This is an automated email, replies sent to this address will not be received.

Sars eFiling

 

Email

Tags: ,
Posted in E-mail, Security | Comments Off on SARS wants to give you money?

Beware of suspect phone calls

Tuesday, July 9th, 2013

If you receive a call at home from someone who claims to be a Microsoft representative, the odds that it’s a variation of the Indian phone scam is most likely.

These fraudsters target phone numbers everywhere to try and con computer users into installing malware and spyware on their pc’s by claiming they’re ridding the said pc of all kinds of viruses and threats.

The caller claims that the security settings on their pc has to be updated and after this is done, they ask your credit card number for payment of their service.

Do not fall for these scam artists. Ask yourself how they know know you have a pc? Did they address you on your name and have your details (contact numbers, etc)? Did they specifically state their company’s name? The odds that someone will call you out of the blue to assist you with computer updates are in all probability less than zero.

More info on this scam:

http://answers.microsoft.com/en-us/protect/forum/mse-protect_scanning/phone-call-scams/aefc50a4-d7a4-4c79-8db5-2fafcd6ad196

http://fullcomment.nationalpost.com/2013/03/21/joe-oconnor-microsoft-windows-scam-a-grift-that-keeps-giving-for-cyber-crooks/

 

Email

Posted in Communication, Security | 1 Comment »

WARNING: New phishing e-mail

Tuesday, June 18th, 2013

If you receive an email claiming to be from the IT department (see example below), do not open it or click on any of the links.

This is a phishing email attempting to acquire your passwords and other information. Immediately delete the email and do not reply to it.

IT e-mails will always be in the same format with IT’s name, correct contact details, the SU logo and and English and Afrikaans version. Please read our guidelines on how to distinguish between an offical e-mail and a phishing e-mail here.

From: University Mail Quota Verification [mailto:donotclickhere@cca.edu]
Sent: 17 June 2013 07:44 AM
Subject: Staff/Student/Employee

Dear: Webmail Subscriber

We hereby announce to you that your email account has exceeded its storage limit. You will be unable to send and receive mails and your email account will be deleted from our server. To avoid this problem, you are advised to verify your email account by clicking on the link
below:

http://universityhelpdeskteam.webs.com/

Thank you.
Copyright © 2013
The  System Administrator Management Team.

 

 

Email

Posted in E-mail, Security | Comments Off on WARNING: New phishing e-mail

Declare war on spam

Friday, June 7th, 2013

If your first mail in the morning is junk mail or spam, it’s enough to start your day off on the wrong foot. But did you know you can do something about it?  

Spam, or junk mail is defined as identical, disruptive e-emails sent to a large amount of e-mail or cellphone users When a receiver clicks on one of the links in the message, he/she is diverted to a phishing website or websites containing malware.  Spam e-mails can also contain hidden malware scripts.

Recently there has been various iterations of spam and phishing. One variation seems to be from SARS, another from ABSA and yet another one from the IT department.  Don’t ever respond ever to mail sent to you by “persons unknown”. If you are unsure phone or e-mail the IT Helpdesk (021-8084367) or e-mail them at helpinfo@sun.ac.za, otherwise call or e-mail your local computer expert who can advise or at least check-up for you.

Mail from Information Technology will always be branded and clearly addressed to you, will have an English and an Afrikaans translation and will always contain links that point to the “sun.ac.za” domain and never anything else.  

Unsure how to distinguish between the real thing and spam or phishing e-mails? Read more about it on our selfhelp wiki and you’ll find various examples on our blog.

If you’re bombarded by spam om a regular basis, there’s one way of declaring war on it. Did you know you can send the relevant mail to IT so we can block the user, domain and/or service provider? Just follow these simple instructions below.

HOW TO REPORT A SPAM E-MAIL 

  1. Start with a new e-mail in Outlook
  2. Click on File, New, Mail message.
  3. Type sysadm@sun.ac.za in the To-field.
  4. Type SPAM in the Subject-field.
  5. Click on Insert and choose Item OR click on the paperclip and choose Item.
  6. Select the SPAM (activate inetkey) e-mail that you want to send and click on OK.
  7. Click on Send.​​

For more a detailed description, go to our wiki.

[INFORMATION SUPPLIED BY DAVID WILES]

Email

Posted in E-mail, Security | Comments Off on Declare war on spam

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.