Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

Security

« Older Entries
Newer Entries »

Phishing attack from compromised staff account with attached “Secure Message”

Wednesday, May 6th, 2020

With most students and personnel all working from home during the national lockdown, and with the reduced security (and watchfulness) of home computers and personnel/students in their home environment, and with many forced to use unfamiliar means of communication and collaboration like Teams, Zoom, Skype and Skype For Business, the environment is ripe for exploitation by phishers.

The following e-mail (with an infected attachment) is making its rounds at the moment from  a staff email.

If you get an email that look like the following do not open or respond to it. It is quite likely that the personnel doesn’t even know his account is compromised.

Please be careful when opening up attachments “sent” by colleagues especially if they are unannounced or the e-mail makes you feel a bit suspicious. Always trust your instincts.

Email

Posted in E-mail, News, phishing, Security | Comments Off on Phishing attack from compromised staff account with attached “Secure Message”

“Sextortion” scams

Tuesday, April 28th, 2020

There has been a resurgence of “sextortion” phishing scams recently but with a slight twist.

“Extortion phishing” or “sextortion” is an aggressive form of a phishing attack that targets potential victims in an e-mail demanding bitcoin in exchange for a promise of non-disclosure of an alleged sexual offence.

The aim of these sextortion e-mails is clear – to force their intended victims to pay up for their silence, or the footage will be shared on social networks. Ultimately this is a typically insidious scam that could easily snare an unsuspecting user.

This variant however has an added twist, in that the phishing scammers are displaying a stolen password (from other websites) that their victims use, to grab their victim’s attention.

It is usually those other websites (e,g,. hotmail, Instagram, Paycity or Facebook) that hackers use to gain access to our data, so changing those passwords are very important.

As in the example below we received earlier this week:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Several students and personnel say that they have also received similar phishing e-mails, and that password that they had used were displayed in the subject line. They were all concerned that their network account was under attack.

If you receive such a mail, there is little danger to you UNLESS you

  1. respond to the sender
  2. still use that same password for other non-university accounts and use a variation of that password.

If it is an old password that they are displaying, then the danger to you is relatively small, but if you are still using it on a different website or application please change and update immediately.

[ARTICLE BY DAVID WILES]

Email

Posted in E-mail, Security | Comments Off on “Sextortion” scams

Phishing emails, SMS and WhatApp messages offering payment relief during lock down

Wednesday, April 1st, 2020

A new potential threat has emerged as we enter the 2nd week of the national lock down and facing the beginning of the new month with bills  to be paid.

Phishers are already targeting the South African public with so-called COVID-19 phishing scams, attaching malware infected attachments and encouraging victims to click on a link to download “important information about the COVID-19 pandemic”.

However this week’s scam involves emails, SMS and WhatsApp messages being sent with information about “Payment Relief” from South African banks.

While it is true that most major South African banks are offering payment relief measures to their customers, phishing scammers have grasped this opportunity and adapted their tactics to send emails with content like the following:

“Dear Valued Customer,

“At ABSA Bank, we realise that this is a difficult time for our customers and businesses whose financial means are being negatively affected. After careful consideration and engagements with The Minister of Finance the, Hon. Tito Titus Mboweni, we are pleased to offer you, as a valued customer, a once-off access to a comprehensive relief programme. Please click on the following link to see if you qualify for payment relief.

VERIFY YOUR ACCOUNT

This is a once-off offer made to selected customers and will close at midnight on 2 April 2020.”

This is one such e-mail, but similar scams with forged identities from other South African banks, as well as Whatsapp and SMS messages will also surface. Note the specific deadline and the call to verify your account. Your bank won’t ever ask you to verify your account by email and certainly won’t give you a day to make such a decision. 

If you need to make use of a relief programme, rather contact your bank directly than reply to an online message. 

Here is a collection of the current verified details for payment relief from South Africa’s 4 major banks:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 [ARTICLE BY DAVID WILES]

Email

Posted in E-mail, Notices, Security | Comments Off on Phishing emails, SMS and WhatApp messages offering payment relief during lock down

Phishing email with subject “SUNCOM”

Wednesday, February 5th, 2020

An email from a sun.ac.za address with the subject “SAFECOM – 5 / FEBRUARY / 2020” has been sent to staff and students. The email asks you to open a message received from “SUNCOM” (also see image below)

This is not a legitimate email, but a phishing attempt which will lead you to a fake website.

By clicking on links and providing your information, you give criminals access to your personal information and your accounts. If you think your account or device has been compromised or you notice suspicious activity:

  • Immediately change your password on www.sun.ac.za/password.
  • Contact the IT Service Desk by logging a request or calling 808 4367.
  • More information is available on our blog and Twitter.

Email

Posted in General, phishing, Security | Comments Off on Phishing email with subject “SUNCOM”

Eduroam Visitor Access (eVA)

Wednesday, November 6th, 2019

eVA (eduroam Visitor Access) is a new service which enables higher education and research institute visitors to access the secure and trusted eduroam Wi-Fi network. As additional identity management tool, eVA is a platform where visitors who only need temporary internet access can be registered in a simple and secure manner. 

What is it? 

eVA provides a mechanism that allows authorised staff at eduroam participating institutions to sponsor a visitor and issue temporary credentials to that person for a defined period. Designated eVA admin can determine who is eligible to sponsor visitors, and how long those visitors may gain access.

How does it work?

If you are interested in using eVA to register your department’s visitors, please log a request on the ICT Partner Portal. To simplify matters, this could typically be the same contact person as for SUNid and only one person per department or division.

Note that your line manager has to approve your request before we can assign you rights. Approval can also be done on the ITC Partner Portal.

What are the benefits?

  •  No other, additional registration, for example SUNid, is necessary to use this service.
  • Ease of use. Manuals and instructions are available online.
  • Visitor rights can be managed and limited.
  • Access expires automatically after the selected set date.
  • Records can be tracked and audited.

More information on eVA.

Email

Tags: , , ,
Posted in General, Internet, Security | Comments Off on Eduroam Visitor Access (eVA)

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.