%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250716211742+00'00') /ModDate (D:20250716211742+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 4415 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 324.884 521.469 421.850 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 325.259 520.719 421.100 re S 0.773 0.773 0.773 rg 61.016 340.634 m 550.984 340.634 l 550.984 341.384 l 61.016 341.384 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(HOW DO I REPORT PHISHING?)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(May 10,2021)] TJ ET BT 156.578 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 171.086 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(You've received a suspicious email, what should you do with it? Firstly, don't click on any links. But just as important, send )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(it to us so we can prevent more staff and students falling prey to the scam. We encourage our customers to submit )] TJ ET BT 61.016 615.442 Td /F4 9.0 Tf [(potential phishing examples for review. Using these submissions, the Cyber Security Incident Response Team \(CSIRT\) )] TJ ET BT 61.016 604.453 Td /F4 9.0 Tf [(can learn from the analysis of these messages. This collectively helps to improve the level of virus and spam detection.)] TJ ET BT 61.016 584.464 Td /F1 9.0 Tf [(What is phishing?)] TJ ET BT 61.016 564.475 Td /F4 9.0 Tf [(Phishing attacks are designed to steal a person’s login and password details so that the cyber criminal can assume control )] TJ ET BT 61.016 553.486 Td /F4 9.0 Tf [(of the victim’s social network, email, and online bank accounts. Seventy percent of internet users choose the same )] TJ ET BT 61.016 542.497 Td /F4 9.0 Tf [(password for almost every web service they use. This is why phishing is so effective, as the criminal, by using the same )] TJ ET BT 61.016 531.508 Td /F4 9.0 Tf [(login details, can access multiple private accounts and manipulate them for their own good. )] TJ ET 0.373 0.169 0.255 rg BT 61.016 511.519 Td /F4 9.0 Tf [(More on how to recognise a phishing email. )] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 61.016 510.368 m 237.092 510.368 l S 0.200 0.200 0.200 rg BT 61.016 488.892 Td /F1 11.7 Tf [(REPORT PHISHING)] TJ ET 0.153 0.153 0.153 rg BT 61.016 468.244 Td /F1 9.0 Tf [(On the ICT Partner Portal:)] TJ ET 0.153 0.153 0.153 RG 85.866 451.071 m 85.866 451.483 85.696 451.893 85.404 452.185 c 85.113 452.476 84.703 452.646 84.291 452.646 c 83.878 452.646 83.469 452.476 83.177 452.185 c 82.885 451.893 82.716 451.483 82.716 451.071 c 82.716 450.659 82.885 450.249 83.177 449.957 c 83.469 449.666 83.878 449.496 84.291 449.496 c 84.703 449.496 85.113 449.666 85.404 449.957 c 85.696 450.249 85.866 450.659 85.866 451.071 c f BT 91.016 448.255 Td /F4 9.0 Tf [(Go to )] TJ ET 0.373 0.169 0.255 rg BT 115.532 448.255 Td /F4 9.0 Tf [(https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 115.532 447.104 m 412.649 447.104 l S 0.153 0.153 0.153 rg 0.153 0.153 0.153 RG 85.866 440.082 m 85.866 440.494 85.696 440.904 85.404 441.196 c 85.113 441.487 84.703 441.657 84.291 441.657 c 83.878 441.657 83.469 441.487 83.177 441.196 c 82.885 440.904 82.716 440.494 82.716 440.082 c 82.716 439.670 82.885 439.260 83.177 438.968 c 83.469 438.677 83.878 438.507 84.291 438.507 c 84.703 438.507 85.113 438.677 85.404 438.968 c 85.696 439.260 85.866 439.670 85.866 440.082 c f BT 91.016 437.266 Td /F4 9.0 Tf [(Fill in your information and add the email as an attachment. Your request will automatically be logged on the )] TJ ET BT 91.016 426.277 Td /F4 9.0 Tf [(system.?)] TJ ET BT 61.016 406.288 Td /F1 9.0 Tf [(*Spam or phishing examples must be sent in either.EML or .MSG format as an attachment and must not be )] TJ ET BT 61.016 395.299 Td /F1 9.0 Tf [(forwarded. This ensures the original email can be analysed with its full Internet message headers intact. )] TJ ET BT 61.016 384.310 Td /F4 9.0 Tf [(Alternatively, use the mail application to save the email \(usually located under File | Save As\) as an .EML or .MSG format )] TJ ET BT 61.016 373.321 Td /F4 9.0 Tf [(to a folder location, and attach the saved file to a new email.)] TJ ET 0.400 0.400 0.400 rg BT 61.016 354.832 Td /F2 9.0 Tf [(Posted in:Phishing,Security,Tips | Tagged:Malware,Phishing,Report Phishing,Report Spam,Spam | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 510.6862 237.0917 519.8437 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/en/2016/10/how-to-recognise-a-phishing-e-mail/) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 115.5317 447.4225 412.6487 456.5800 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115) >> endobj xref 0 16 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000305 00000 n 0000000334 00000 n 0000000472 00000 n 0000000561 00000 n 0000005028 00000 n 0000005140 00000 n 0000005255 00000 n 0000005375 00000 n 0000005483 00000 n 0000005610 00000 n 0000005734 00000 n 0000005862 00000 n trailer << /Size 16 /Root 1 0 R /Info 5 0 R >> startxref 5989 %%EOF Tips « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

Tips

« Older Entries
Newer Entries »

How to recognise a phishing e-mail

Tuesday, October 5th, 2021

We can’t warn you against every phishing e-mail– there’s a new variation every day. You are the only person who can protect yourself from phishing scams and identity theft. The only way to do this is to learn to recognise a harmful e-mail by paying attention and keeping an eye out for a few tell-tale signs.

phishme_how_to_spot_a_phishTypical characteristics

1. Well-known companies used as bait
These e-mails are sent out to thousands of different e-mail addresses and often the person sending them has no idea who you are. If you have no affiliation with the company the e-mail address is supposedly coming from, it’s fake. For example, if the e-mail is sent by ABSA, but you are a Standard Bank client. Also, see a list of types of companies generally used in phishing e-mails below.

2. Spelling and grammar
Improper spelling and grammar is a dead giveaway. Look for obvious errors. 

3. Lack of client information
Phishers use a generic greeting. For example, the e-mail greets you as “ABSA customer” or “Dear user”, etc. If the company was sending you information regarding your faulty account, they would mention your account details or name in the e-mail.  A company would go through the trouble to address a client by name and won’t ask you for your information. Banks have your information on their system.

4. Deadlines/Sense of urgency
Phishing e-mails demand an immediate response or stipulate a specific deadline, creating a sense of urgency and prompting you to respond before you’ve looked at the e-mail properly. For example,  demanding that you log in and change your account information within 24 hours or your account will be closed.

5. Malicious links
Although many phishing e-mails are getting better at hiding the true URL you are visiting, often these e-mails will show a URL that is unrelated to the company. Move your mouse over the link and look at the display address. Is this the website address of the company who seems to be sending the e-mail? If not, it’s clearly a phishing e-mail.

6. Attachments
Phishing e-mails occasionally include an attachment which contains malware. When opened, it will run and install a small programme on your PC, which hackers use to gain access to your PC and information. 

Typical phishing topics

• Account issues, such as accounts or passwords expiring, accounts being hacked, out-of-date accounts, or account information has to be changed.
• Credit cards expiring or being stolen, a duplicate credit card, credit card transactions, etc. 
• Confirming orders, requesting that you log in to confirm recent orders or transactions before a delivery can be made.
• Winning a prize or getting something for free. Both Woolworths and Pick ‘n Pay’s have been used in fake campaigns to lure people into providing personal details.

Company names phishers generally use

• Any major bank. ABSA and Standard Bank are both popular choices in South Africa.
• Insurance companies, for example, Outsurance.
• Internet service providers
• Apple or Microsoft claiming your account has been suspended.
• E-mail providers, e.g. Gmail or Yahoo
• SARS. Especially at this time of year. (We’ve had a few of these.)
• DHL or any delivery company claiming they have a package for you.
• Your company’s medical aid, for example, Discovery
• Your company’s IT department
• Casinos and lotteries
• Online dating websites
• Popular websites such as Amazon, Facebook, MySpace, PayPal, eBay, Microsoft, Apple, Hotmail, YouTube, etc.

A few tips to keep you safe

• Never follow links in an e-mail you’re uncertain of. Rather visit the page by typing the address of the company in your browser. For example,  instead of clicking on the “ABSA URL” in the e-mail, type http://www.absa.co.za in your web browser and log in at their official website.
• Never send personal information by e-mail. If a company is asking for your personal account information or claiming your account is invalid, visit the website and log in to the account as you normally would. If everything seems in order and there aren’t any urgent notifications from your bank, you should be fine.
• If you are still not sure about the status of your account or are concerned about your personal information, contact the company directly, either through an e-mail address provided on their website, over the phone or visit your local branch.
• Delete the e-mail and don’t click on links or fill in any information.
• If you’ve already divulged your information, immediately change your password or PIN and contact the institution to inform them of the breach.
• To report spam or phishing e-mails send an e-mail to sysadm@sun.ac.za with the subject SPAM with the suspect e-mail attached. IT system administrators will then be able to block the e-mail to protect other users.

[SOURCE: www.computerhope.com]

 

Email

Tags: , ,
Posted in E-mail, Security, Tips | Comments Off on How to recognise a phishing e-mail

How do I report phishing?

Tuesday, October 5th, 2021

You’ve received a suspicious email, what should you do with it? Firstly, don’t click on any links. But just as important, send it to us so we can prevent more staff and students falling prey to the scam. We encourage our customers to submit potential phishing examples for review. Using these submissions, the Cyber Security Incident Response Team (CSIRT) can learn from the analysis of these messages. This collectively helps to improve the level of virus and spam detection.

What is phishing?

Phishing attacks are designed to steal a person’s login and password details so that the cyber criminal can assume control of the victim’s social network, email, and online bank accounts. Seventy percent of internet users choose the same password for almost every web service they use. This is why phishing is so effective, as the criminal, by using the same login details, can access multiple private accounts and manipulate them for their own good. 

More on how to recognise a phishing email. 

Report phishing

On the ICT Partner Portal:

*Spam or phishing examples must be sent in either.EML or .MSG format as an attachment and must not be forwarded. This ensures the original email can be analysed with its full Internet message headers intact. Alternatively, use the mail application to save the email (usually located under File | Save As) as an .EML or .MSG format to a folder location, and attach the saved file to a new email.

Email

Tags: , , , ,
Posted in phishing, Security, Tips | Comments Off on How do I report phishing?

To meet or not to meet …

Monday, October 4th, 2021

Due to the current working-from-home situation we are likely to spend more time either in a teams meeting or on a Zoom call. Those working from home might have experienced a sharp increase in the number of virtual meeting invites since lock down started last year.

 We are either bouncing from one meeting to the other or struggling to schedule meetings, trying to establish who’s available and who’s not. This might be a short-term overreaction to the lack of other communication channels and social contact, but it could get in the way of productivity and efficiency.

Productive meetings are ones where you need to share expertise and the topics discussed require synchronous collaboration – where people need to be live at the same time, if not the same place. It is also helpful if you are dealing with conflict or need to build closer relationships.

On the other hand, if there’s no clear outcome, the topics are irrelevant, the outcome could be delivered without a meeting or you have no active role except to listen, then you may want to decline the meeting invitation. Typically, if we look at meeting content 40% of meetings are not necessary at all.

If you accept meeting invitations by default, particularly those without an agenda, you are saying that what the other person wants to talk about is a better use of your time than your own work.

Declining meetings can be a challenge to existing meeting agendas and fixed ways of working, but discuss the necessity of a meeting with your meeting leader. This could open up a discussion in your team about which topics you need to discuss and which are not important. Below is an infographic decision tree which might help you or your colleagues reconsider scheduling a meeting.

Take this opportunity to improve your meetings, save yourself time and improve on working towards a productive environment.

SOURCE: https://www.wrike.com/blog/meeting-infographic-decision-tree/

[ARTICLE BY MANDY WANZA]

 

 

 

Email

Tags:
Posted in Connectivity, News, Tips | Comments Off on To meet or not to meet …

New e-waste bins at IT

Monday, October 4th, 2021

 As part of the campus “Going Green” project Facilities Management will be placing e-waste bins at selected spots on campus. We encourage staff and students to use these bins for any non-asset e-waste.

Two of these yellow bins (see example right) will also be located at IT. A bin will be placed at the IT HUB by the entrance and a second one will be placed at the IT Main building in Hammanshand Rd at the service entrance (facing IT the door on your right) Both bins will be just inside the buildings by the doors. 

WHAT IS E-WASTE?

Electronic waste (e-waste) or Waste Electrical and Electronic Equipment (WEEE) are the terms used to describe old, end-of-life or discarded appliances using electricity. It includes computers, consumer electronics, batteries etc. which have been disposed of by their original users.  More on e-waste.

We encourage all staff and students to use these bins for any non-asset e-waste. Bins will be serviced by Wasteplan and weekly inspections will be made by the university’s Wasteplan site supervisor to assess when a collection is needed.

For assistance and enquiries please email fmhelpdesk@sun.ac.za.

 

Email

Tags: ,
Posted in Green IT, News, Notices, Tips | Comments Off on New e-waste bins at IT

Remember to check your Junk Email folder

Monday, August 30th, 2021

To ensure that staff and students aren’t exposed to malicious phishing or spam emails our system administrators and security team had to enable a stricter spam filter earlier this year as added protection.

A spam filter assigns every message, received and sent, a spam confidence level based on the likelihood that the message is spam. Depending on its level an inbound message may be relayed directly to the user’s Junk Email folder. The filter looks at certain criteria contained in the email it rates, for example too many hyperlinks or a suspicious file attached. Tweaking the filter can be tricky – we don’t want you to miss important emails, but at the same time it’s our responsibility to protect you and all our staff from harmful attacks. 

For this reason, it’s important that you regularly look in your Junk Email folder in case the spam filter might have relayed it there. 

The main purpose of Microsoft Outlook’s Junk Email Filter helps is to reduce unwanted email messages in your Inbox. Junk email, also known as spam, is moved by the filter away to the Junk Email folder. This is done at an institutional level by Microsoft (as mentioned above), but you can also flag or “un”flag messages from a person or company as Junk email.

How to change your spam filter’s preferences.
How to tag an email as junk mail.
How to report spam or junk email to Microsoft. (downloadable PDF-document) 

If you have any questions, please log a request on the ICT Partner Portal.

Email

Posted in E-mail, Notices, Tips | Comments Off on Remember to check your Junk Email folder

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.