%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> /XObject << /I1 24 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250716211747+00'00') /ModDate (D:20250716211747+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R 16 0 R 18 0 R 20 0 R 22 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 4042 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 291.236 521.469 455.498 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 291.611 520.719 454.748 re S 0.773 0.773 0.773 rg 61.016 306.986 m 550.984 306.986 l 550.984 307.736 l 61.016 307.736 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(REMEMBER TO CHECK YOUR JUNK EMAIL FOLDER)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(January 01,1970)] TJ ET BT 173.588 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 188.096 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(To ensure that staff and students )] TJ ET BT 195.098 637.420 Td /F1 9.0 Tf [(aren't)] TJ ET BT 219.245 637.420 Td /F4 9.0 Tf [( exposed to malicious )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(phishing or spam emails our system administrators and security )] TJ ET BT 61.016 615.442 Td /F4 9.0 Tf [(team)] TJ ET 0.373 0.169 0.255 rg BT 81.023 615.442 Td /F4 9.0 Tf [( had to enable a stricter spam filter earlier this year as added )] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 81.023 614.291 m 325.130 614.291 l S BT 61.016 604.453 Td /F4 9.0 Tf [(protection.)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 603.302 m 103.037 603.302 l S 0.153 0.153 0.153 rg BT 61.016 584.464 Td /F4 9.0 Tf [(A spam filter assigns every message, received and sent, a spam )] TJ ET BT 61.016 573.475 Td /F4 9.0 Tf [(confidence level based on the likelihood that the message is )] TJ ET BT 61.016 562.486 Td /F4 9.0 Tf [(spam. Depending on its level an inbound message may be )] TJ ET BT 61.016 551.497 Td /F4 9.0 Tf [(relayed directly to the user's Junk Email folder. The filter looks at )] TJ ET BT 61.016 540.508 Td /F4 9.0 Tf [(certain criteria contained in the email it rates, for example too )] TJ ET BT 61.016 529.519 Td /F4 9.0 Tf [(many hyperlinks or a suspicious file attached. Tweaking the filter )] TJ ET BT 61.016 518.530 Td /F4 9.0 Tf [(can be tricky we don't want you to miss important emails, but at )] TJ ET BT 61.016 507.541 Td /F4 9.0 Tf [(the same time it's our responsibility to protect you and all our staff )] TJ ET BT 61.016 496.552 Td /F4 9.0 Tf [(from harmful attacks.)] TJ ET BT 61.016 476.563 Td /F4 9.0 Tf [(For this reason, it's important that you regularly look in your Junk )] TJ ET BT 61.016 465.574 Td /F4 9.0 Tf [(Email folder in case the spam filter might have relayed it there.)] TJ ET BT 61.016 445.585 Td /F4 9.0 Tf [(The main purpose of Microsoft Outlook's Junk Email Filter helps )] TJ ET BT 61.016 434.596 Td /F4 9.0 Tf [(is to reduce unwanted email messages in your Inbox. Junk email, )] TJ ET BT 61.016 423.607 Td /F4 9.0 Tf [(also known as spam, is moved by the filter away to the Junk )] TJ ET BT 61.016 412.618 Td /F4 9.0 Tf [(Email folder. This is done at an institutional level by Microsoft \(as )] TJ ET BT 61.016 401.629 Td /F4 9.0 Tf [(mentioned above\), but you can also flag or "un"flag messages from a person or company as Junk email.)] TJ ET 0.373 0.169 0.255 rg BT 61.016 381.640 Td /F4 9.0 Tf [(How to change your spam filter's preferences.)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 380.489 m 243.806 380.489 l S BT 61.016 370.651 Td /F4 9.0 Tf [(How to tag an email as junk mail.)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 369.500 m 193.064 369.500 l S BT 61.016 359.662 Td /F4 9.0 Tf [(How to report spam or junk email to Microsoft.)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 358.511 m 244.571 358.511 l S 0.153 0.153 0.153 rg BT 244.571 359.662 Td /F4 9.0 Tf [( \(downloadable PDF-document\))] TJ ET BT 61.016 339.673 Td /F4 9.0 Tf [(If you have any questions, please log a request on the )] TJ ET 0.373 0.169 0.255 rg BT 279.149 339.673 Td /F4 9.0 Tf [(ICT Partner Portal.)] TJ ET 0.18 w 0 J [ ] 0 d 279.149 338.522 m 354.173 338.522 l S 0.400 0.400 0.400 rg BT 61.016 321.184 Td /F2 9.0 Tf [(Posted in:E-mail,Notices,Tips | | With 0 comments)] TJ ET q 225.000 0 0 225.000 325.984 421.211 cm /I1 Do Q endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 81.0227 614.6092 325.1297 623.7667 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (https://blogs.sun.ac.za/it/en/2020/03/additional-microsoft-security-for-email-activated/) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 603.6202 103.0367 612.7777 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (https://blogs.sun.ac.za/it/en/2020/03/additional-microsoft-security-for-email-activated/) >> endobj 16 0 obj << /Type /Annot /Subtype /Link /A 17 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 380.8072 243.8057 389.9647 ] >> endobj 17 0 obj << /Type /Action /S /URI /URI (https://support.office.com/en-us/article/changing-the-level-of-protection-e89c12d8-9d61-4320-8c57-d982c8d52f6b) >> endobj 18 0 obj << /Type /Annot /Subtype /Link /A 19 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 369.8182 193.0637 378.9757 ] >> endobj 19 0 obj << /Type /Action /S /URI /URI (https://support.office.com/en-us/article/Video-Block-unwanted-mail-a3cda7e7-03ab-4188-9a9c-0f05e6a41e75) >> endobj 20 0 obj << /Type /Annot /Subtype /Link /A 21 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 358.8292 244.5707 367.9867 ] >> endobj 21 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/Infoteg/dokumente/Report_junkmail.pdf) >> endobj 22 0 obj << /Type /Annot /Subtype /Link /A 23 0 R /Border [0 0 0] /H /I /Rect [ 279.1487 338.8402 354.1727 347.9977 ] >> endobj 23 0 obj << /Type /Action /S /URI /URI (http://servicedesk.sun.ac.za) >> endobj 24 0 obj << /Type /XObject /Subtype /Image /Width 300 /Height 300 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 7855>> stream JFIF,,ExifMM*C    !'"#%%%),($+!$%$C   $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$,,"D !1A"Qaq2#5BRs6Sbr$&34Cc%t&!12AQ"qBRa ?R uh֏YdQ-n_m;.n=ܜ޾nSܠJ|wo>>\s""" """ """ """ """ """ """ ""lm.{Z7O8]4 k}_ϑ\󹐎]^|w;˓a;Xأ52Tc'wWUW i]^\ӇX;RmI$dv|A.0N,?hQUhnP&p98v.wSPm  0= e.վB Â`m)H[n]-7iBhh׌HAa""  }(mq={Ldw3Eh|22@-;;i_$m :[rg{=DYnr=z>>pb-SI%GuGzH+t)sv䪵Mq뺥|6@1 y^V;VQ\&tC2n޸#D#cgymZ.ofN\Ρ舢 7kUU+jOՖg85j-SHc8j^kE5C.Cp+׏ {xg'KFm*"#LָM#z|wp˭OS0!`$eVg<8`,)bX#کlOwtUH99/}ڗHh'MYz8LNw}ӗVԉCd/0v6+< 17 z*[ ܲtjM-TSs(+TGmF2؞`>^2v5kzK`{OY!\;LѷzlV&|{r״z"" """ """ """ "" 4 wS$AU ɤ2j}ўQ2=U霰{|6oY%N+89s$`8{ F|=+oNmNY*qN$˩.R~0)|k"cV>{Wu:_+UGUoa|' 2'ѹq.=5TOԒHl=jG[y:YQT6hGrmx>ʋ9iV<';_*gtދ?@K5猁汤XB湱C\Cs[xgn]1ßʴ/!Y \=; #o[ZUNJ3?=dעQFO #WMpvGaM*K6pd#q,VЏP>17.GxYp .,o<2+>Sn3\$X]SbU>J`bqf|qZ[P6#亂nϸ%c;41rFZ?==ߧf9VΘaT;cje!ɤJR^kM=:ݹMSqQ8pk9]XsNViI;f>7-xAue\ !ܶՂwseD@DDD@DDD@DDD@DD' VJm_.]|c/uY[\VҵQ 2(enq )M9;עq a SاsbWBbwt`.e%+g'g8' mU;?u)㥘:6y`YE|쬵2UO3'i9AgM/4 ښڗ"zK/ uqϓWӝhU$ c8ȎoSBa׶)$O q-WbS6\e彎P~BYmx7v]J 3[]AR%,;Р)Y4m9,A|oX'Y*˷߬|ۇ8sVeik+aXYUKG,w|zIvwQm穾x_XYn|H e7]acw? h=mM/8 nc yFFFOOj*_OSjM2ZN;mC$isCe}$drV3Gu;>+o_BRr@^GS8y(o|3SA΀Okn"+EEepa-c#أE$,hVwn\ї=0twS!&*inc' Ĩ+U. K 8d|qy1ӻ9f 26}MB7d/CjX੊ccËO5{XZᐩ@Whsw;{+\*3A ¬lP+P=m}{WYūg d$,H[2}{&'{Z0ҷ]XnT4Յ敷A+= ({iKVxUiBAxޭT10 G&gf?pߊFhGZ;VZOw5 ̢%20pwhzJttYVyܝ]=m#\;8fslVy2ϭ50tUc:9YcprF-+ LYJdF7 j2tR\঑DE|nY6x*|G* QǗ[k,w'淐!TF"AX_ڿZ҃Nbg?ڷi^iAn:F!U` 1GeoҚQ?S#끓Ug%U7Bxv+/i*ne|s7R@DDD@DDEoFlj]1_|G.kjϪ\wngrbG.gN+{{M-qi*x^al{{ji[4҃VҶiM(5M+'ap0ѡTfѼ+5*ژIJ=n8$0gX^B0Z*'޴E%E_"GwI%["4$-P+49ӿpxNț6+3] ˧ '\)i?F<_#˱k`ع96 DGj|۴ Ճ{`V]y:c-k7q }e h- )8p] gE}$qSkm*c-SCd\זU5[jKG";8ߐ\aS=f!JTf 8\+鄄apQ@DDD@QFIQFY/q;cۧ^A(=2hRjCopH^jMH0>_HZgw͟/۩_u4ӳ=*eO?H1zm録&wg|BũlmOkUt]H mO\*=I#WXaKn"zr[eªԲUkKDEpIy^9rwÆu8gJVC<xqw%j\;i(1<9mSč< 滷nf%U&|'I Oh_eKxwZA_p).T ,+tNTiH۫dtSAt_8$;qV]XpwqU 6Fzi{0>Čjh*cT:Va) Jm:6wY%r,<+~m=ƲeE۪Inv|aUj&Tgfc\={Z2I]rMJebL"퉄dxjSP|=hqX)(D`d-`1 6i {\BHZkMW; {Or6ݟ{-x\I|t4=LL`!7-ݽbv,I38Ij6vj*Y4o.S2Zqi]<텾:1miݻyNВ"T,SNl-o(Q4d5r(~(m6֌9,PDDD@^ajrZsObܮn dQK++ƌq5Ti*{i5 ))"xx-s{W^Ol ੗UAr tgO wLrO,Y^ 0V(gVշ3vpW^zG?9A׫;T#dݞ* > startxref 14748 %%EOF Tips « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

Tips

« Older Entries
Newer Entries »

Error reporting FAQs

Wednesday, October 7th, 2020

How do I report an IT problem, request or enquiry?

Option 1
Log a service request on our ICT Partner Portal with the following information:

1. Description of problem
2. Telephone number
3. Room Number
4. Department and building
5. Asset number of computer, laptop, printer, etc.

Requests will be logged automatically and reference number sent via email.

For video instructions on how to log a request on the ICT Partner Portal, click here. More information on our Service Catalogue.

Option 2
Contact the IT Service Desk – 021 808 4367

We require username and asset number in order to assist OR leave a voicemail message.

How do I follow up on the IT request I have logged?

Whether you have called the IT Service Desk at 0218084367, sent an email to help@sun.ac.za or logged a request via the ICT Partner Portal at https://servicedesk.sun.ac.za you can do the following:

  1. Log in at https://servicedesk.sun.ac.za with your username and password.
  2. Select: Requests, My requests. The status of all the requests that you have raised will be displayed.

How do I follow up if I sent an email to help@sun.ac.za?

If you send an email to help@sun.ac.za it automatically logs a request on the IT Service Portal. You can check on the status of your request as follows:

  1. Log in at https://servicedesk.sun.ac.za with your username and password.
  2.  Select: Requests, My requests. The status of all your requests will be displayed.

How do I follow up on a request I reported by calling the IT Contact Centre?

If you call the IT Contact Centre, the service agent will log a request on your behalf on the IT Service Portal. You can check on the status of your request as follow:

  1. Log in at https://servicedesk.sun.ac.za with your username and password.
  2. Select: Requests, My requests. The status of all your requests will be displayed.

Can you follow up on a request emailing help@sun.ac.za again?

If your request have already been logged and you have a reference number, please do not send another email to help@sun.ac.za. This will log a second, duplicate request which will only clog up the system and cause confusion. The same goes for replying to emails from help@sun.ac.za. Rather click on the request number and add your comment on the system.

How do I add a comment to my request?

  1. Log in at https://servicedesk.sun.ac.za with your username and password.
  2. Select: Requests, My requestsThe status of all the requests that you have raised will be displayed.
  3. Click on the reference number of a request to see its details.
  4. Type your comment in the text box and click on Add. The comment will be added to the request. You can also add screen shots for clarification

What does the different status options mean?

WAITING ON SUPPORT =you are waiting for a response / feedback from IT regarding your request.

WAITING ON CUSTOMER =IT is waiting on a response / feedback from you regarding your request.

IN PROGRESS = your request is being attended to.

ESCALATED =your request is escalated for further investigation.

RESOLVED =your request has been resolved.

CLOSED = your request has been closed.

 

 

Email

Posted in General, Notices, Tips, Training | Comments Off on Error reporting FAQs

How to avoid phishing scams

Friday, May 24th, 2019

We are often asked by staff and students what they can do to stop phishing scams, and what software they should install to prevent them from becoming victims. In some cases students have asked us to fix their computers and to install software to block phishing scams.

Of course that request is impossible to fulfil. Phishing scams are like the common cold. Just like you cannot prevent the common cold, you can only adopt a lifestyle, and take precautionary measures to reduce your risk of infection. They will always be there and will always adapt and change. As long as there are people who are uninformed or careless who fall for these scams, phishing attacks will continue.

The best way to reduce your risk is to report all suspected phishing scams on ICT Partner Portal. (Full details at the end of this post). Here are some basic rules to help you to identify phishing scams:

  • Use common sense
    Never click on links, download files or open attachments in email or social media, even if it appears to be from a known, trusted source.
  • Watch out for shortened links
    Pay particularly close attention to shortened links. Always place your mouse over a web link in an email (known as “hovering”) to see if you’re being sent to the right website.
  • Does the email look suspicious?
    Read it again. Many phishing emails are obvious and will have implausible and generally suspicious content.
  • Be wary of threats and urgent deadlines
    Threats and urgency, especially coming from what claims to be a legitimate company, are a giveaway sign of phishing. Ignore the scare tactics and rather contact the company via phone.
  • Browse securely with HTTPS
    Always, where possible, use a secure website, indicated by https:// and a security “lock” icon in the browser’s address bar, to browse.
  • Never use public, unsecured Wi-Fi, including Maties Wi-Fi, for banking, shopping or entering personal information online
    Convenience should never be more important than safety.

If you do receive a phishing e-mail, please report it as soon as possible. Once you have reported the spam or phishing mail, you can delete it immediately.

You can report this on IT’s request logging system, the ICT Partner Portal.

  • Go to the ICT Partner Portal.
  • Fill in your information and add the email as an attachment. Your request will automatically be logged on the system and the appropriate measures will be taken by the system administrators to protect the rest of campus.

[ARTICLE BY DAVID WILES]

Email

Tags: , ,
Posted in phishing, Security, Tips | Comments Off on How to avoid phishing scams

Protecting yourself from spearphishing attacks

Tuesday, March 12th, 2019

For a large enterprise like Stellenbosch University phishing attacks are the most common cybercrime.

In the late 1990s and early 2000s, we were all inundated with spam emails, selling everything from fake pharmaceuticals to cheap perfumes. With spam, cybercriminals use a blanket approach sending emails to as many people as possible, hoping a few gullible customers will be funding further spam emails.

General “shotgun” phishing is still a problem today, but the past 18 months have seen a rise in a more sinister form of cyberattack,  spearphishing, which is much more targeted to an individual or an enterprise’s email system.

Spearphishing is similar to phishing, it’s also a vector for identity theft where cybercriminals try to get users to hand over personal and sensitive information without their knowledge.

Cybercriminals view phishing attacks as a profitable and an easy way to gain access to an enterprise enabling them to launch more sophisticated attacks, for example, spearphishing attacks. Humans are, after all,  the weakest link and thus the most effective target for criminals looking to infiltrate a network like the university.

Even though spearphishing is more focused than its less-sophisticated relative phishing, everyone can apply the following principles to protect yourself and the university against cybercriminal activity:

Use common sense when it comes to phishing attacks
Be sensible and smart while browsing online and checking your emails. Never click on links, download files or open attachments in email or social media, even if it appears to be from a known, trusted source. You should never click on links in an email to a website unless you are absolutely sure it’s authentic. If you have any doubt, open a new browser window and type the address into the address bar. Always be wary of emails asking for confidential information – especially if it asks for personal details or banking information. The university and your bank will never request sensitive information via email. They do not need it. They have it all already.

Watch out for shortened links
Pay particularly close attention to shortened links, especially on social media. Cybercriminals often use Bit.ly, Tinyurl.com, Goo.gl or Tr.im to trick you into thinking you are clicking a legitimate link when in fact, you are being inadvertently directed to a fake site. Always place your mouse over a web link in an email (known as “hovering”) to see if you’re being sent to the right website.

Does the email look suspicious? Read it again
Many phishing emails are obvious. They will be filled with plenty of spelling mistakes, CAPITALISATION and exclamation marks. They will also have impersonal salutations – e.g. ‘Dear Valued Customer’ or ‘Dear Sir/Madam’ salutations – and will have implausible and generally suspicious content. Cybercriminals will often intentionally make mistakes in their emails bypass spam filters and improve responses. 

Be wary of threats and urgent deadlines
Sometimes the university does need you to do something urgently, however, this is an exception rather the rule. For example, you all have been getting reminders to reactivate your network account by the end of March. Threats and urgency, especially coming from what claims to be a legitimate company, are a giveaway sign of phishing. Some of these threats may include notices of a fine or advising you to take action to stop your account from being closed. Ignore the scare tactics and rather contact the company via phone.

Browse securely with HTTPS
You should always, where possible, use a secure website, indicated by https:// and a security “lock” icon in the browser’s address bar, to browse. This is particularly important when submitting sensitive information online, such as credit card details.

Never use public, unsecured Wi-Fi, including MatiesWiFi, for banking, shopping or entering personal information online. Convenience should never be more important than safety. When in doubt, use your mobile’s 3/4G or LTE connection.

[ARTICLE by David Wiles]

Email

Tags: ,
Posted in phishing, Security, Tips | Comments Off on Protecting yourself from spearphishing attacks

Cybersecurity Awareness month: Some statistics and common sense advice

Monday, November 5th, 2018

It’s November and Cybersecurity Awareness month is behind us. As a final signoff,  we would like to share a few statistics and give some common sense advice to help you spot phishing scams.

Surely South Africa is not sophisticated or advanced enough to be included in phishing attacks? According to Drew van Vuuren, CEO of 4Di Privaca, South Africa is the second most targeted country globally when it comes to phishing attacks.

The cost of phishing in South Africa amounted to approximately R4.2 billion in 2013 alone and 5% of phishing attacks globally occur in South Africa. It is not a matter of “if” the university is going to be a target, but “when”. Phishing attacks are not Information Technology’s concern, but should also be yours as a user of the internet. 

According to a 2016 survey by Symantec, over 30% of South African internet users share at least three pieces of personal information on their social media profiles which could be used to steal their identity. 

60% of the respondents admitted that they had no idea what their privacy settings were and who could see their personal information on sites like Facebook, Instagram, Twitter etc.

People often become victims of online fraud by using the same password or usernames on multiple sites, including social media sites and internet banking sites. According to Ofcom’s “Adults’ Media Use and Attitudes Report 2013” report, 55% of the poll respondents used the same password for most, if not all, websites.

Here are 10 common-sense tips to help you spot and prevent becoming a victim of a phishing scam:

1. Learn to identify suspected phishing emails

  • They duplicate the images and branding of a real company.
  • They copy the name of a company or an employee of the company.
  • They include sites that are visually similar or identical to a real business.
  • They promote gifts or threaten the closure of an existing account.

2. Check the source of information from incoming email

Your bank, Information Technology, or cell phone provider will never ask you to send your passwords or personal information by mail. Never respond to these questions, and if you have the slightest doubt, call your bank, IT or your cell phone provider directly for clarification.

3. Never go to your bank’s website by clicking on links in emails

Do not click on hyperlinks or attachments, as it will direct you to a fraudulent website. Type in the URL into your browser or use your own bookmarks or favourites if you want to go faster.

4. Beef up the security of your computer

Common sense and good judgement are as vital as keeping your computer protected with a good antivirus and anti-malware software to block this type of attack. In addition, you should always have the most recent update on your operating system and web browsers.

5. Enter your sensitive data on secure websites only

In order for a site to be ‘safe’, the address must begin with ‘https://’ and your browser should show a closed lock icon.

6. Periodically check your accounts

It never hurts to check your bank accounts periodically to be aware of any irregularities in your online transactions.

7. Phishing doesn’t only pertain to online banking

Most phishing attacks are against banks, but can also use any popular website to steal personal data such as eBay, Facebook, PayPal, etc. Even the university’s e-HR site was targeted in 2017.

8. Phishing is international

Phishing knows no boundaries and can reach you in any language. In general, they are poorly written or translated so this may be another indicator that something is wrong. However, don’t be convinced it’s legitimate if it’s in Afrikaans – phishers are getting clever and adapting.

9. Have the slightest doubt? Do not risk it.

The best way to prevent phishing is to consistently reject any email or news that asks you to provide confidential data. Delete these emails and call your bank to clarify any doubts.

10. Keep up to date and read about the evolution of malware

If you want to keep up to date with the latest malware attacks, recommendations or advice to avoid any danger on the network, subscribe to the Information Technology blog or follow them on Twitter. Put your local computer geek or the IT HelpDesk on the speed dial of your cell phone, and don’t be embarrassed or too proud to ask questions from those who are knowledgeable on this topic.

Keep safe out there.

Email

Tags:
Posted in phishing, Security, Tips | Comments Off on Cybersecurity Awareness month: Some statistics and common sense advice

Cybersecurity Awareness Month: Spear phishing

Tuesday, October 30th, 2018

In a previous article, we referred to “spear phishing“. Spear phishing attacks deliberately target the university instead of sending out general emails, hoping someone will respond. This approach is successful because scammers focus on typical staff and student activities and adapt their phishing emails accordingly.

Over the past two years, the university was targeted with a few large-scale spear phishing attacks resulting in student and staff accounts being compromised and in several instances, some of the victims suffered financial loss.

In April 2017 an e-mail was sent from “Stellenbosch Payroll” with the subject of “NOTIFICATION: Your 13.69% Salary Increase.” The bait of a 13.69% salary increase certainly attracted attention and was sent at a time when salary increases and performance bonuses were being granted.

Many people overlooked the lack of a personal salutation and the grammar and spelling mistakes. The lure of a 13.69% salary increase and possible sizable salary increase made them throw caution to the wind. The university branding also created a false sense of security. 

According to the email, staff had to download the two attached documents with information on the salary increase. University staff clicked on the links and was diverted to a forged website identical to the real login page of the University Human Resources division. The forged website address was not in the university domain but very few people would spot that detail. (see below)

Once on the site, they entered their usernames and passwords to view the documents explaining their so-called salary increase. The password did not work, but the scammers captured usernames and passwords and gained access to the real HR website using the stolen details and changed the victim’s banking account details so that their salary would be paid into the scammer’s own account. The person’s bank account details were also captured and could be for further exploitation. 

 

A second spear phishing attack occurred a year later in May 2018.

An email was sent from an already compromised UNISA account. The mail warned that the receiver’s email account was due to be deactivated and that they should click on a link to renew it. The Subject said “Dear SUN E-mail User (c) Copyright 2018 Stellenbosch University” and the signature was from the “2018 Email Microsoft Administrator”, which many saw as legitimate.

Clearly, the spear-phishing scammers researched their intended target and used words and other details like SUN, Stellenbosch University & IT HelpDesk that would increase its legitimacy.

The link took the victims to another forged website. This time it was a perfect copy of the University’s own “Single Sign-On” page students and staff use to access important University services, for example SUNLearn and the staff portal. (see below)

The website address was also not in the university domain, but  the rest of the details, such as the branding and the Afrikaans link,  looked convincing.

Once the victims entered their usernames and passwords, the scammers gained control over the user’s accounts and could send out further email messages from within the university to catch more victims.

What could we have done to spot and prevent these attacks?

Unfortunately, there is an institutional perception that Information Technology has to prevent and protect users against attacks. This is not true. Users of an institutional network or even private users have the responsibility to be aware of the dangers we face in cyberspace, to sensitize themselves to the warning signs, be informed and help Information Technology flagging suspicious e-mails by reporting them and not using weak or easily-guessable passwords.

Here are some common-sense checks:

  • Don’t trust display names. These can be anything a scammer wants them to be.
  • Check for fake email domains. These will often be slightly different versions of the real thing.
  • Look at the university logo and other images.  Are they commonly available on the internet?
  • Review links carefully by hovering over the link text (without clicking). A link that is different from the one in the link text is a sign that it is malicious.
  • Look for the sun.ac.za domain name in the link. If the domain is different it is probably a malicious link.
  • Look out for bad spelling and grammar, as this can be a tell-tale sign that it’s not a legitimate message.
  • Spear phishing emails and messages are highly focused and targeted.  The criminal will spend a lot of time compiling emails and website to look authentic.
  • If you are suspicious about an email don’t visit the site. Verify it first by checking with Information Technology if it’s legitimate.
  • Use strong passwords and never use the same password (especially if it is a weak one) on multiple sites.

In the final article for the Cybersecurity Awareness Month, we will share a few thoughts on how to increase your cybersecurity awareness and give a few tips and suggestions about what the university could do to fight and prevent these attacks.

Keep safe out there.

Email

Tags:
Posted in phishing, Security, Tips | Comments Off on Cybersecurity Awareness Month: Spear phishing

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.