Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

Security

« Older Entries
Newer Entries »

Tygerberg users victim of phone scam

Friday, February 22nd, 2013

A new phone scam on Tygerberg attracted our attention this week and the possibility exists that it might spread other campusses. Please be aware of this scam that has left some victims hundreds of rands out of pocket.

Scammers are using several well-known brands, including Microsoft, to fool people into believing that something is wrong with their computers, and now they seem to be phoning university numbers.

The scam typically works as follows:

Somebody, claiming to be a representative of Microsoft, one of its brands or a third party contracted by Microsoft, tells the victim they are checking into a computer problem, infection or virus that has been detected by Microsoft. They will trick you into installing malicious software that could capture sensitive data, such as online banking user names and passwords. They might also then charge them for the removal of this software.

The victim is directed to help and connect their computer  to a website that then allows the scammers to take control of the computer remotely, adjusting the settings and leaving the computer vulnerable.

These callers claim to be from Windows Helpdesk, Windows Service Centre, Microsoft Tech Support, Microsoft Support, Windows Technical Department Support Group and even Microsoft’s Research and Development Team.

(INFORMATION BY DAVID WILES)

Email

Tags:
Posted in Security | Comments Off on Tygerberg users victim of phone scam

Twitter targeted by cybercriminals

Friday, February 22nd, 2013

As no doubt some of you are aware, within the last few weeks, the New York Times and Wall Street Journal in the United States have had breaches of their systems by Chinese-based hackers. Also recently Twitter reported that approximately 250 000 Twitter accounts were compromised by the same attackers. 

The attackers may have gained access to some user information, including usernames, email addresses, and encrypted passwords.

As a precautionary security measure, Twitter has reset passwords for these accounts. If your account was one of them, you will have recently received (or will shortly) an email from Twitter at the address associated with your Twitter account, notifying you that you will need to create a new password. Your old password will not work when you try to log in to Twitter. 

No doubt, Facebook will also be the target of this new Chinese-based attack next, as users often use the same password for both Twitter and Facebook. 

This attack was not the work of amateurs, and experts not believe this was an isolated incident. The attack is extremely sophisticated, and it is possible that other companies and organizations have also been recently similarly attacked. 

However it is very important that you do NOT access Twitter by clicking on ANY links contained in ANY e-mail sent to you Twitter (or by an e-mail looking like it comes from Twitter), as often hackers forge e-mail to make it look like it is from Twitter to trick you into divulging your password to the hackers. 

Instead it is always best, if you get such a mail from Twitter, to go directly to your Internet Browser and to type in the Twitter address directly to reset your password.

(INFORMATION SUPPLIED BY DAVID WILES)

* Zendesk also announced today that they have been hacked and three of their social clients, Pinterest, Twitter and Tumblr were affected. More on this.

Email

Tags: ,
Posted in Security | Comments Off on Twitter targeted by cybercriminals

New phishing e-mail causes confusion

Tuesday, February 19th, 2013

If you receive an email claiming to be from the SU IT department (see example below), do not open it or click on any of the links or reply to the e-mail. The e-mail attempts to gain access to the university accounts using the sun.ac.za details that looks initially genuine.

This is a phishing email attempting to acquire your passwords and other information. Immediately delete the email and do not reply to it.

There are just a few of the obvious signs that this is a phishing e-mail designed to steal personal information from you. You should never respond to mail like this both at work and at home, and you should never reveal any personal details especially your username and password in an e-mail form or on a webpage that you access via an e-mail link.

IT will never request your username, password or other personal information by means of an e-mail.

  1. If it were a genuine message from Information Technology, there would be branding, and it would be in English and Afrikaans. This one has nothing like that in this e-mail.
  2. The grammar is particularly bad. (what is a “strong virus”?)
  3. We are university personnel and students or “users” we are not “subscribers”.
  4. Why would you have to enter your password in readable form in an insecure e-mail?
  5. There is no support@sun.ac.za e-mail address.
  6. If you do reply, you’ll see the default reply address is an unknown one and not a sun address.
  7. The links and the actual sender/server originate in Korea.

More information on phishing.

 

EXAMPLE OF “PHISHING” E-MAIL:

Dear sun.ac.za subscriber,

We are currently carrying out an upgrade on our system due to the fact that it has come to our notice that one or more of our subscribers are introducing a very strong virus into our system and it is affecting our network.We are trying to find out the specific person.

For this reason all subscribers are to provide their USER NAME AND PASSWORD for us to verify and have them cleared against this virus. Failure to comply will lead to the termination of your Account in the next 48 hours.

Information Required:
* User name: (…………….. )(Compulsory)
* Password: (……………………..)(Compulsory)
* Date of Birth: (……………………..) (optional)
* Country Or Territory: (………………) (optional)

http://webmail.sun.ac.za/owa/auth/logon.aspx

Hoping to serve you better.
Sincerely, Universiteit Stellenbosch University
********************************************************
This is an Administrative Message from sun.ac.za server. It is not spam.
From time to time, sun.ac.za server will send you such messages in
order to communicate important information about your subscription. *********************************************************

 

 

 

 

 

Email

Tags: ,
Posted in E-mail, Security | Comments Off on New phishing e-mail causes confusion

No, SARS doesn’t really want to give you a refund and other phishing tales

Wednesday, February 6th, 2013

Every year we send out literally dozens of warning e-mails, and continue to do so, because despite the frequent warnings, people  still get caught falling for these tricks. 

Take note of the following scam from fraudsters claiming to be from SARS.
 
Emails are going out to university (and private addresses) seemingly coming from “SARS” informing them that they have a refund waiting for them.  (Wow! a tax refund) Clicking on the hyperlink in the email takes you to a fake “e-filing” site that has hyperlinks for the four big South African banks and instructions to log on to your Internet banking site for “confirmation of your details”.  When you follow the Nedbank link (as an example), you are taken to a copy of the Nedbank internet banking site that asks for profile, pin and password.  Supplying these takes you to a second page that asks you for your mobile number.  Submitting information on this page takes you to a page that requests the reference number sent to your cellphone.
 
Do not authorise any cellphone message that comes through if you end up in the above situation.  Furthermore, do not click on any hyperlinks in emails or divulge your account or mobile number details to anyone over the phone or via email.  Banks will never ask you to access internet banking through a link in an email, neither will banks ever ask for your mobile number when you access internet banking.

Another particulary sneaky phishing attack surfaced today. 

It comes from “Linda Perez” and has a subject line of “Administrator (Sorry for the inconvenience)” 

It asks you to contact the “sender” with your username and password so they can “expand your mailbox manually” 

Of course this is a phishing attack, and you should never respond to such mails. 

Do not respond, flag the sender as Junk Mail and delete the message.

ARTICLE BY DAVID WILES

Email

Tags: ,
Posted in E-mail, General, Security | Comments Off on No, SARS doesn’t really want to give you a refund and other phishing tales

(Afrikaans) Nuwe e-pos “malware” veroorsaak verwarring op kampus

Tuesday, January 15th, 2013

Sommige gebruikers ontvang sedert gister `n e-pos wat aandui dat jou e-pos posbus sy limiet bereik het en waarsku dat jou toegang tot sy e-pos afgesny gaan word indien dit nie onmiddellik geaktiveer word deur op `n skakel te kliek nie. Soos met alle ander weergawes van hierdie tipe “malware” e-posse, moet onder geen omstandighede op die skakel kliek nie. As jy met die muis oor die skakel beweeg, sal dit `n onbekende adres wys wat nie verband hou met die e-pos se onderwerp nie. In sommige gevalle sal dit voorkom of die e-pos deur iemand gestuur is wat jy ken, maar onthou dat die “malware” `n gebruiker se posbus infiltreer en aan sy kontakte gestuur kan word. Onder is `n voorbeeld van so `n e-pos.

From: Abrahams, B, Mnr <…..@sun.ac.za> Sent: 14 January 2013 19:51 Subject: Your Mailbox Has It Storage Limit Your Mailbox Has Exceeded It Storage Limit As Set By Your Administrator, And You Will Not Be Able To Receive New Mails Until You Re-Validate It. To Re-Validate – >Click Here: Thanks, System Administrator.

Email

Tags:
Posted in E-mail, Security | Comments Off on (Afrikaans) Nuwe e-pos “malware” veroorsaak verwarring op kampus

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.