%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> /XObject << /I1 40 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250720012817+00'00') /ModDate (D:20250720012817+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R 16 0 R 18 0 R 20 0 R 22 0 R 24 0 R 26 0 R 28 0 R 30 0 R 32 0 R 34 0 R 36 0 R 38 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 10655 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 209.291 521.469 537.443 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 209.666 520.719 536.693 re S 0.773 0.773 0.773 rg 61.016 225.041 m 550.984 225.041 l 550.984 225.791 l 61.016 225.791 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(WHY IS CYBER SECURITY IMPORTANT?)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(May 10,2021)] TJ ET BT 156.578 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 171.086 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(Cyber security is the skill and ability of protecting networks, devices, and data from unlawful access or criminal use and )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(the practice of guaranteeing confidentiality, integrity, and availability of information.)] TJ ET BT 61.016 606.442 Td /F4 9.0 Tf [(Communication, transportation, shopping, and medicine are just some of the things that rely on computers systems and )] TJ ET BT 61.016 595.453 Td /F4 9.0 Tf [(the Internet now. Much of your personal information is stored either on your computer, smartphone, tablet or possibly on )] TJ ET BT 61.016 584.464 Td /F4 9.0 Tf [(someone elses system. Knowing how to protect the information that you have stored is of high importance not just for an )] TJ ET BT 61.016 573.475 Td /F4 9.0 Tf [(individual but for an organisation and those in it.)] TJ ET BT 61.016 553.486 Td /F4 9.0 Tf [(Did you know that:)] TJ ET 0.153 0.153 0.153 RG 85.866 536.313 m 85.866 536.725 85.696 537.135 85.404 537.427 c 85.113 537.718 84.703 537.888 84.291 537.888 c 83.878 537.888 83.469 537.718 83.177 537.427 c 82.885 537.135 82.716 536.725 82.716 536.313 c 82.716 535.901 82.885 535.491 83.177 535.199 c 83.469 534.908 83.878 534.738 84.291 534.738 c 84.703 534.738 85.113 534.908 85.404 535.199 c 85.696 535.491 85.866 535.901 85.866 536.313 c f BT 91.016 533.497 Td /F4 9.0 Tf [(As of 2021, there is a ransomware attack every 11 seconds, up from 39 seconds in 20191,2)] TJ ET 85.866 525.324 m 85.866 525.736 85.696 526.146 85.404 526.438 c 85.113 526.729 84.703 526.899 84.291 526.899 c 83.878 526.899 83.469 526.729 83.177 526.438 c 82.885 526.146 82.716 525.736 82.716 525.324 c 82.716 524.912 82.885 524.502 83.177 524.210 c 83.469 523.919 83.878 523.749 84.291 523.749 c 84.703 523.749 85.113 523.919 85.404 524.210 c 85.696 524.502 85.866 524.912 85.866 525.324 c f BT 91.016 522.508 Td /F4 9.0 Tf [(43% of cyber-attacks target of small businesses, and they have grown 400 percent since the outbreak began)] TJ ET BT 61.016 502.519 Td /F4 9.0 Tf [(More tips and resources can be found )] TJ ET 0.373 0.169 0.255 rg BT 214.592 502.519 Td /F4 9.0 Tf [(here)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 214.592 501.368 m 232.601 501.368 l S 0.153 0.153 0.153 rg BT 232.601 502.519 Td /F4 9.0 Tf [(.)] TJ ET BT 61.016 482.530 Td /F4 9.0 Tf [(The US government's Cybersecurity and Infrastructure Security )] TJ ET BT 61.016 471.541 Td /F4 9.0 Tf [(Agency has made a collection of tip sheets available for use. )] TJ ET BT 61.016 460.552 Td /F4 9.0 Tf [(These downloadable PDF documents contain all the information )] TJ ET BT 61.016 449.563 Td /F4 9.0 Tf [(you need to protect yourself from cyber security risks in a )] TJ ET BT 61.016 438.574 Td /F4 9.0 Tf [(convenient, compact format.)] TJ ET 0.153 0.153 0.153 RG 85.866 421.401 m 85.866 421.813 85.696 422.223 85.404 422.515 c 85.113 422.806 84.703 422.976 84.291 422.976 c 83.878 422.976 83.469 422.806 83.177 422.515 c 82.885 422.223 82.716 421.813 82.716 421.401 c 82.716 420.989 82.885 420.579 83.177 420.287 c 83.469 419.996 83.878 419.826 84.291 419.826 c 84.703 419.826 85.113 419.996 85.404 420.287 c 85.696 420.579 85.866 420.989 85.866 421.401 c f 0.373 0.169 0.255 rg BT 91.016 418.585 Td /F4 9.0 Tf [(Cyber security starts with you)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 91.016 417.434 m 208.547 417.434 l S 0.153 0.153 0.153 rg 0.153 0.153 0.153 RG 85.866 410.412 m 85.866 410.824 85.696 411.234 85.404 411.526 c 85.113 411.817 84.703 411.987 84.291 411.987 c 83.878 411.987 83.469 411.817 83.177 411.526 c 82.885 411.234 82.716 410.824 82.716 410.412 c 82.716 410.000 82.885 409.590 83.177 409.298 c 83.469 409.007 83.878 408.837 84.291 408.837 c 84.703 408.837 85.113 409.007 85.404 409.298 c 85.696 409.590 85.866 410.000 85.866 410.412 c f 0.373 0.169 0.255 rg BT 91.016 407.596 Td /F4 9.0 Tf [(Creating strong passwords)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 91.016 406.445 m 198.053 406.445 l S 0.153 0.153 0.153 rg 0.153 0.153 0.153 RG 85.866 399.423 m 85.866 399.835 85.696 400.245 85.404 400.537 c 85.113 400.828 84.703 400.998 84.291 400.998 c 83.878 400.998 83.469 400.828 83.177 400.537 c 82.885 400.245 82.716 399.835 82.716 399.423 c 82.716 399.011 82.885 398.601 83.177 398.309 c 83.469 398.018 83.878 397.848 84.291 397.848 c 84.703 397.848 85.113 398.018 85.404 398.309 c 85.696 398.601 85.866 399.011 85.866 399.423 c f 0.373 0.169 0.255 rg BT 91.016 396.607 Td /F4 9.0 Tf [(Cyber security at the office)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 91.016 395.456 m 197.558 395.456 l S 0.153 0.153 0.153 rg 0.153 0.153 0.153 RG 85.866 388.434 m 85.866 388.846 85.696 389.256 85.404 389.548 c 85.113 389.839 84.703 390.009 84.291 390.009 c 83.878 390.009 83.469 389.839 83.177 389.548 c 82.885 389.256 82.716 388.846 82.716 388.434 c 82.716 388.022 82.885 387.612 83.177 387.320 c 83.469 387.029 83.878 386.859 84.291 386.859 c 84.703 386.859 85.113 387.029 85.404 387.320 c 85.696 387.612 85.866 388.022 85.866 388.434 c f 0.373 0.169 0.255 rg BT 91.016 385.618 Td /F4 9.0 Tf [(Identity theft and internet scams)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 91.016 384.467 m 218.582 384.467 l S 0.153 0.153 0.153 rg 0.153 0.153 0.153 RG 85.866 377.445 m 85.866 377.857 85.696 378.267 85.404 378.559 c 85.113 378.850 84.703 379.020 84.291 379.020 c 83.878 379.020 83.469 378.850 83.177 378.559 c 82.885 378.267 82.716 377.857 82.716 377.445 c 82.716 377.033 82.885 376.623 83.177 376.331 c 83.469 376.040 83.878 375.870 84.291 375.870 c 84.703 375.870 85.113 376.040 85.404 376.331 c 85.696 376.623 85.866 377.033 85.866 377.445 c f 0.373 0.169 0.255 rg BT 91.016 374.629 Td /F4 9.0 Tf [(MFA \(Multi-factor authentication\))] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 91.016 373.478 m 221.552 373.478 l S 0.153 0.153 0.153 rg BT 91.016 363.640 Td /F4 9.0 Tf [(Also read more on MFA for Stellenbosch University staff )] TJ ET BT 91.016 352.651 Td /F4 9.0 Tf [(and students )] TJ ET 0.373 0.169 0.255 rg BT 145.052 352.651 Td /F4 9.0 Tf [(on our blog)] TJ ET 0.18 w 0 J [ ] 0 d 145.052 351.500 m 190.079 351.500 l S 0.153 0.153 0.153 rg 0.153 0.153 0.153 RG 85.866 344.478 m 85.866 344.890 85.696 345.300 85.404 345.592 c 85.113 345.883 84.703 346.053 84.291 346.053 c 83.878 346.053 83.469 345.883 83.177 345.592 c 82.885 345.300 82.716 344.890 82.716 344.478 c 82.716 344.066 82.885 343.656 83.177 343.364 c 83.469 343.073 83.878 342.903 84.291 342.903 c 84.703 342.903 85.113 343.073 85.404 343.364 c 85.696 343.656 85.866 344.066 85.866 344.478 c f 0.373 0.169 0.255 rg BT 91.016 341.662 Td /F4 9.0 Tf [(Online privacy)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 91.016 340.511 m 148.031 340.511 l S 0.153 0.153 0.153 rg 0.153 0.153 0.153 RG 85.866 333.489 m 85.866 333.901 85.696 334.311 85.404 334.603 c 85.113 334.894 84.703 335.064 84.291 335.064 c 83.878 335.064 83.469 334.894 83.177 334.603 c 82.885 334.311 82.716 333.901 82.716 333.489 c 82.716 333.077 82.885 332.667 83.177 332.375 c 83.469 332.084 83.878 331.914 84.291 331.914 c 84.703 331.914 85.113 332.084 85.404 332.375 c 85.696 332.667 85.866 333.077 85.866 333.489 c f 0.373 0.169 0.255 rg BT 91.016 330.673 Td /F4 9.0 Tf [(Phishing and spoofing)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 91.016 329.522 m 179.567 329.522 l S 0.153 0.153 0.153 rg 0.153 0.153 0.153 RG 85.866 322.500 m 85.866 322.912 85.696 323.322 85.404 323.614 c 85.113 323.905 84.703 324.075 84.291 324.075 c 83.878 324.075 83.469 323.905 83.177 323.614 c 82.885 323.322 82.716 322.912 82.716 322.500 c 82.716 322.088 82.885 321.678 83.177 321.386 c 83.469 321.095 83.878 320.925 84.291 320.925 c 84.703 320.925 85.113 321.095 85.404 321.386 c 85.696 321.678 85.866 322.088 85.866 322.500 c f 0.373 0.169 0.255 rg BT 91.016 319.684 Td /F4 9.0 Tf [(Protecting your digital home)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 91.016 318.533 m 202.562 318.533 l S 0.153 0.153 0.153 rg 0.153 0.153 0.153 RG 85.866 311.511 m 85.866 311.923 85.696 312.333 85.404 312.625 c 85.113 312.916 84.703 313.086 84.291 313.086 c 83.878 313.086 83.469 312.916 83.177 312.625 c 82.885 312.333 82.716 311.923 82.716 311.511 c 82.716 311.099 82.885 310.689 83.177 310.397 c 83.469 310.106 83.878 309.936 84.291 309.936 c 84.703 309.936 85.113 310.106 85.404 310.397 c 85.696 310.689 85.866 311.099 85.866 311.511 c f 0.373 0.169 0.255 rg BT 91.016 308.695 Td /F4 9.0 Tf [(Cyber safety on social media)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 91.016 307.544 m 206.558 307.544 l S 0.153 0.153 0.153 rg 0.153 0.153 0.153 RG 85.866 300.522 m 85.866 300.934 85.696 301.344 85.404 301.636 c 85.113 301.927 84.703 302.097 84.291 302.097 c 83.878 302.097 83.469 301.927 83.177 301.636 c 82.885 301.344 82.716 300.934 82.716 300.522 c 82.716 300.110 82.885 299.700 83.177 299.408 c 83.469 299.117 83.878 298.947 84.291 298.947 c 84.703 298.947 85.113 299.117 85.404 299.408 c 85.696 299.700 85.866 300.110 85.866 300.522 c f 0.373 0.169 0.255 rg BT 91.016 297.706 Td /F4 9.0 Tf [(Cyber security while travelling)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 91.016 296.555 m 210.041 296.555 l S 0.153 0.153 0.153 rg BT 61.016 277.717 Td /F4 9.0 Tf [(More tips and resources can be found )] TJ ET 0.373 0.169 0.255 rg BT 214.592 277.717 Td /F4 9.0 Tf [(here)] TJ ET 0.18 w 0 J [ ] 0 d 214.592 276.566 m 232.601 276.566 l S 0.153 0.153 0.153 rg BT 232.601 277.717 Td /F4 9.0 Tf [(.)] TJ ET BT 190.354 257.728 Td /F4 9.0 Tf [([SOURCE: )] TJ ET 0.373 0.169 0.255 rg BT 238.864 257.728 Td /F4 9.0 Tf [(Cybersecurity and Infrastructure Security Agency, United States Government)] TJ ET 0.18 w 0 J [ ] 0 d 238.864 256.577 m 545.485 256.577 l S 0.153 0.153 0.153 rg BT 545.485 257.728 Td /F4 9.0 Tf [(\))] TJ ET 0.400 0.400 0.400 rg BT 61.016 239.239 Td /F2 9.0 Tf [(Posted in:News,Phishing,Security,Tips,Training | | With 0 comments)] TJ ET q 225.000 0 0 126.000 325.984 365.321 cm /I1 Do Q endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 214.5917 501.6862 232.6007 510.8437 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/infoteg/dokumente/cybersecurity/why.pdf) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 91.0157 417.7522 208.5467 426.9097 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/infoteg/dokumente/cybersecurity/cybersecurity_starts_with_you.pdf) >> endobj 16 0 obj << /Type /Annot /Subtype /Link /A 17 0 R /Border [0 0 0] /H /I /Rect [ 91.0157 406.7632 198.0527 415.9207 ] >> endobj 17 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/infoteg/dokumente/cybersecurity/creating_passwords.pdf) >> endobj 18 0 obj << /Type /Annot /Subtype /Link /A 19 0 R /Border [0 0 0] /H /I /Rect [ 91.0157 395.7742 197.5577 404.9317 ] >> endobj 19 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/infoteg/dokumente/cybersecurity/cybersecure_at_work.pdf) >> endobj 20 0 obj << /Type /Annot /Subtype /Link /A 21 0 R /Border [0 0 0] /H /I /Rect [ 91.0157 384.7852 218.5817 393.9427 ] >> endobj 21 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/infoteg/dokumente/cybersecurity/identity_theft_and_internet_scams.pdf) >> endobj 22 0 obj << /Type /Annot /Subtype /Link /A 23 0 R /Border [0 0 0] /H /I /Rect [ 91.0157 373.7962 221.5517 382.9537 ] >> endobj 23 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/infoteg/dokumente/cybersecurity/mfa.pdf) >> endobj 24 0 obj << /Type /Annot /Subtype /Link /A 25 0 R /Border [0 0 0] /H /I /Rect [ 145.0517 351.8182 190.0787 360.9757 ] >> endobj 25 0 obj << /Type /Action /S /URI /URI (https://blogs.sun.ac.za/it/en/2020/05/what-is-mfa/) >> endobj 26 0 obj << /Type /Annot /Subtype /Link /A 27 0 R /Border [0 0 0] /H /I /Rect [ 91.0157 340.8292 148.0307 349.9867 ] >> endobj 27 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/infoteg/dokumente/cybersecurity/online_privacy.pdf) >> endobj 28 0 obj << /Type /Annot /Subtype /Link /A 29 0 R /Border [0 0 0] /H /I /Rect [ 91.0157 329.8402 179.5667 338.9977 ] >> endobj 29 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/infoteg/dokumente/cybersecurity/phishing.pdf) >> endobj 30 0 obj << /Type /Annot /Subtype /Link /A 31 0 R /Border [0 0 0] /H /I /Rect [ 91.0157 318.8512 202.5617 328.0087 ] >> endobj 31 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/infoteg/dokumente/cybersecurity/protecting_digital_home.pdf) >> endobj 32 0 obj << /Type /Annot /Subtype /Link /A 33 0 R /Border [0 0 0] /H /I /Rect [ 91.0157 307.8622 206.5577 317.0197 ] >> endobj 33 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/infoteg/dokumente/cybersecurity/social_media.pdf) >> endobj 34 0 obj << /Type /Annot /Subtype /Link /A 35 0 R /Border [0 0 0] /H /I /Rect [ 91.0157 296.8732 210.0407 306.0307 ] >> endobj 35 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/infoteg/dokumente/cybersecurity/travel.pdf) >> endobj 36 0 obj << /Type /Annot /Subtype /Link /A 37 0 R /Border [0 0 0] /H /I /Rect [ 214.5917 276.8842 232.6007 286.0417 ] >> endobj 37 0 obj << /Type /Action /S /URI /URI (http://admin.sun.ac.za/infoteg/dokumente/cybersecurity/why.pdf) >> endobj 38 0 obj << /Type /Annot /Subtype /Link /A 39 0 R /Border [0 0 0] /H /I /Rect [ 238.8643 256.8952 545.4853 266.0527 ] >> endobj 39 0 obj << /Type /Action /S /URI /URI (https://www.cisa.gov/publication/cybersecurity-awareness-month-publications) >> endobj 40 0 obj << /Type /XObject /Subtype /Image /Width 300 /Height 168 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 10916>> stream JFIF,,ExifMM*i2 &0000 t2017:06:02 14:57:042017:06:02 14:57:04 }http://ns.adobe.com/xap/1.0/ 2017-06-02T14:57:042017-06-22T11:50:16 C    !'"#%%%),($+!$%$C   $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$,"N  1!AQ"aq2B$345DRS#6TbsUdr#Q!12"3R ?{+ol3xKJRqh +M_$[\ sHU9a/oe1E%Zed,<xA[rcr9.[ؖ(qwDy N }/xdmrXx'࠱9x@/B ZOYaE1j[q_p"2㌔EK ;]5ے/ , wX>pa؋%Kn1`p*vNB0B pf8Q[XV)3)hJm;7v(h^#L%dm]A(:5(B=0߹7U:TzJqR۫m*6rT$Q.LJM'u5GX*2Z&(2d{DRwX06:rqF.X܍4jTw#|ԫM/<x2\$ԕp /࠹  ;JNMAQ &KeDJa "mtGnlbB8J7=e6<JPN=loiWKls5)ʤWU(^Sv7NeMcV#}65Һj}R\3QKM4oSkQ)]C~ i|C~ii^כW9gLkCwsK1 rUZJ\`¹DގS/1%Iʍ]8' d馻%k&!QY{vlSjNR5'tӨўawKohFG3)}|)*ݵ0><#zgViMSSpJMCGPB8ԧ+56WT%?Ihxcv4usI*miQ{>nğV-r$+' tJķ垵FMF=Isr*j'Q{4,թpRVmljU%_=tF*?Aw/ 2PXf+#`;2#k|[`g-V*z:Y)Qٞ}h΅WJyy,dqS~ÚzΗ$f:k4Mll^$ﵱY=~r&ZZ=:n5u?)1Gj3vo O~%i?ittcGOJ4FxHj~?k(/wXz,xw$RZ_o\YmO>MTZ3rTՔDmԔQk9,pQI5ksr, v!;$s LH/rȹ_l# fx["cQPA ؂=o|6ҬNJNOk͖/ ؕ߫wmlS )h ݚg{Ay??>Ln26af7o?~X] o?,}-~P~uƟ/UcN?y,yV.UtiߧShk?'˔=­TWJV O 3L~4 ߺ?,~[Oqjվqax;ŵ~;^ Μ)FKO=ӓ;|>&O]NPK_?/?yuhu4/ꩨ^K'Ŏxɍ+-ĖrdVf&<:.qvv-՟NB1g6cT9;=!Ν pU Xӻ!o>`!l"dU8aaN>`y({)b^@9!~/"þHEj#wquhY:r~uR7=EH8uҋ[eFjNrr?hw.[qWٞO'B~enJFm/iv*tE9)7M^m4Vk;<ܲ+ 6ҳ}NWrn=,Ct9ISk؛UgWEfzҊZjGI] s;]{ؖ{aB䂯GX}c]%{J.>.[$[0!HT jTn;x o@΄z[XяTcGW>+;aRN5a\r@6ʌ\RHTu'=b݉E  @Xaa_UUN6dR_b_b,ֵriԹo'&Jhf,0as(0> startxref 26442 %%EOF Tips « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

Tips

« Older Entries
Newer Entries »

Error reporting FAQs

Wednesday, October 7th, 2020

How do I report an IT problem, request or enquiry?

Option 1
Log a service request on our ICT Partner Portal with the following information:

1. Description of problem
2. Telephone number
3. Room Number
4. Department and building
5. Asset number of computer, laptop, printer, etc.

Requests will be logged automatically and reference number sent via email.

For video instructions on how to log a request on the ICT Partner Portal, click here. More information on our Service Catalogue.

Option 2
Contact the IT Service Desk – 021 808 4367

We require username and asset number in order to assist OR leave a voicemail message.

How do I follow up on the IT request I have logged?

Whether you have called the IT Service Desk at 0218084367, sent an email to help@sun.ac.za or logged a request via the ICT Partner Portal at https://servicedesk.sun.ac.za you can do the following:

  1. Log in at https://servicedesk.sun.ac.za with your username and password.
  2. Select: Requests, My requests. The status of all the requests that you have raised will be displayed.

How do I follow up if I sent an email to help@sun.ac.za?

If you send an email to help@sun.ac.za it automatically logs a request on the IT Service Portal. You can check on the status of your request as follows:

  1. Log in at https://servicedesk.sun.ac.za with your username and password.
  2.  Select: Requests, My requests. The status of all your requests will be displayed.

How do I follow up on a request I reported by calling the IT Contact Centre?

If you call the IT Contact Centre, the service agent will log a request on your behalf on the IT Service Portal. You can check on the status of your request as follow:

  1. Log in at https://servicedesk.sun.ac.za with your username and password.
  2. Select: Requests, My requests. The status of all your requests will be displayed.

Can you follow up on a request emailing help@sun.ac.za again?

If your request have already been logged and you have a reference number, please do not send another email to help@sun.ac.za. This will log a second, duplicate request which will only clog up the system and cause confusion. The same goes for replying to emails from help@sun.ac.za. Rather click on the request number and add your comment on the system.

How do I add a comment to my request?

  1. Log in at https://servicedesk.sun.ac.za with your username and password.
  2. Select: Requests, My requestsThe status of all the requests that you have raised will be displayed.
  3. Click on the reference number of a request to see its details.
  4. Type your comment in the text box and click on Add. The comment will be added to the request. You can also add screen shots for clarification

What does the different status options mean?

WAITING ON SUPPORT =you are waiting for a response / feedback from IT regarding your request.

WAITING ON CUSTOMER =IT is waiting on a response / feedback from you regarding your request.

IN PROGRESS = your request is being attended to.

ESCALATED =your request is escalated for further investigation.

RESOLVED =your request has been resolved.

CLOSED = your request has been closed.

 

 

Email

Posted in General, Notices, Tips, Training | Comments Off on Error reporting FAQs

How to avoid phishing scams

Friday, May 24th, 2019

We are often asked by staff and students what they can do to stop phishing scams, and what software they should install to prevent them from becoming victims. In some cases students have asked us to fix their computers and to install software to block phishing scams.

Of course that request is impossible to fulfil. Phishing scams are like the common cold. Just like you cannot prevent the common cold, you can only adopt a lifestyle, and take precautionary measures to reduce your risk of infection. They will always be there and will always adapt and change. As long as there are people who are uninformed or careless who fall for these scams, phishing attacks will continue.

The best way to reduce your risk is to report all suspected phishing scams on ICT Partner Portal. (Full details at the end of this post). Here are some basic rules to help you to identify phishing scams:

  • Use common sense
    Never click on links, download files or open attachments in email or social media, even if it appears to be from a known, trusted source.
  • Watch out for shortened links
    Pay particularly close attention to shortened links. Always place your mouse over a web link in an email (known as “hovering”) to see if you’re being sent to the right website.
  • Does the email look suspicious?
    Read it again. Many phishing emails are obvious and will have implausible and generally suspicious content.
  • Be wary of threats and urgent deadlines
    Threats and urgency, especially coming from what claims to be a legitimate company, are a giveaway sign of phishing. Ignore the scare tactics and rather contact the company via phone.
  • Browse securely with HTTPS
    Always, where possible, use a secure website, indicated by https:// and a security “lock” icon in the browser’s address bar, to browse.
  • Never use public, unsecured Wi-Fi, including Maties Wi-Fi, for banking, shopping or entering personal information online
    Convenience should never be more important than safety.

If you do receive a phishing e-mail, please report it as soon as possible. Once you have reported the spam or phishing mail, you can delete it immediately.

You can report this on IT’s request logging system, the ICT Partner Portal.

  • Go to the ICT Partner Portal.
  • Fill in your information and add the email as an attachment. Your request will automatically be logged on the system and the appropriate measures will be taken by the system administrators to protect the rest of campus.

[ARTICLE BY DAVID WILES]

Email

Tags: , ,
Posted in phishing, Security, Tips | Comments Off on How to avoid phishing scams

Protecting yourself from spearphishing attacks

Tuesday, March 12th, 2019

For a large enterprise like Stellenbosch University phishing attacks are the most common cybercrime.

In the late 1990s and early 2000s, we were all inundated with spam emails, selling everything from fake pharmaceuticals to cheap perfumes. With spam, cybercriminals use a blanket approach sending emails to as many people as possible, hoping a few gullible customers will be funding further spam emails.

General “shotgun” phishing is still a problem today, but the past 18 months have seen a rise in a more sinister form of cyberattack,  spearphishing, which is much more targeted to an individual or an enterprise’s email system.

Spearphishing is similar to phishing, it’s also a vector for identity theft where cybercriminals try to get users to hand over personal and sensitive information without their knowledge.

Cybercriminals view phishing attacks as a profitable and an easy way to gain access to an enterprise enabling them to launch more sophisticated attacks, for example, spearphishing attacks. Humans are, after all,  the weakest link and thus the most effective target for criminals looking to infiltrate a network like the university.

Even though spearphishing is more focused than its less-sophisticated relative phishing, everyone can apply the following principles to protect yourself and the university against cybercriminal activity:

Use common sense when it comes to phishing attacks
Be sensible and smart while browsing online and checking your emails. Never click on links, download files or open attachments in email or social media, even if it appears to be from a known, trusted source. You should never click on links in an email to a website unless you are absolutely sure it’s authentic. If you have any doubt, open a new browser window and type the address into the address bar. Always be wary of emails asking for confidential information – especially if it asks for personal details or banking information. The university and your bank will never request sensitive information via email. They do not need it. They have it all already.

Watch out for shortened links
Pay particularly close attention to shortened links, especially on social media. Cybercriminals often use Bit.ly, Tinyurl.com, Goo.gl or Tr.im to trick you into thinking you are clicking a legitimate link when in fact, you are being inadvertently directed to a fake site. Always place your mouse over a web link in an email (known as “hovering”) to see if you’re being sent to the right website.

Does the email look suspicious? Read it again
Many phishing emails are obvious. They will be filled with plenty of spelling mistakes, CAPITALISATION and exclamation marks. They will also have impersonal salutations – e.g. ‘Dear Valued Customer’ or ‘Dear Sir/Madam’ salutations – and will have implausible and generally suspicious content. Cybercriminals will often intentionally make mistakes in their emails bypass spam filters and improve responses. 

Be wary of threats and urgent deadlines
Sometimes the university does need you to do something urgently, however, this is an exception rather the rule. For example, you all have been getting reminders to reactivate your network account by the end of March. Threats and urgency, especially coming from what claims to be a legitimate company, are a giveaway sign of phishing. Some of these threats may include notices of a fine or advising you to take action to stop your account from being closed. Ignore the scare tactics and rather contact the company via phone.

Browse securely with HTTPS
You should always, where possible, use a secure website, indicated by https:// and a security “lock” icon in the browser’s address bar, to browse. This is particularly important when submitting sensitive information online, such as credit card details.

Never use public, unsecured Wi-Fi, including MatiesWiFi, for banking, shopping or entering personal information online. Convenience should never be more important than safety. When in doubt, use your mobile’s 3/4G or LTE connection.

[ARTICLE by David Wiles]

Email

Tags: ,
Posted in phishing, Security, Tips | Comments Off on Protecting yourself from spearphishing attacks

Cybersecurity Awareness month: Some statistics and common sense advice

Monday, November 5th, 2018

It’s November and Cybersecurity Awareness month is behind us. As a final signoff,  we would like to share a few statistics and give some common sense advice to help you spot phishing scams.

Surely South Africa is not sophisticated or advanced enough to be included in phishing attacks? According to Drew van Vuuren, CEO of 4Di Privaca, South Africa is the second most targeted country globally when it comes to phishing attacks.

The cost of phishing in South Africa amounted to approximately R4.2 billion in 2013 alone and 5% of phishing attacks globally occur in South Africa. It is not a matter of “if” the university is going to be a target, but “when”. Phishing attacks are not Information Technology’s concern, but should also be yours as a user of the internet. 

According to a 2016 survey by Symantec, over 30% of South African internet users share at least three pieces of personal information on their social media profiles which could be used to steal their identity. 

60% of the respondents admitted that they had no idea what their privacy settings were and who could see their personal information on sites like Facebook, Instagram, Twitter etc.

People often become victims of online fraud by using the same password or usernames on multiple sites, including social media sites and internet banking sites. According to Ofcom’s “Adults’ Media Use and Attitudes Report 2013” report, 55% of the poll respondents used the same password for most, if not all, websites.

Here are 10 common-sense tips to help you spot and prevent becoming a victim of a phishing scam:

1. Learn to identify suspected phishing emails

  • They duplicate the images and branding of a real company.
  • They copy the name of a company or an employee of the company.
  • They include sites that are visually similar or identical to a real business.
  • They promote gifts or threaten the closure of an existing account.

2. Check the source of information from incoming email

Your bank, Information Technology, or cell phone provider will never ask you to send your passwords or personal information by mail. Never respond to these questions, and if you have the slightest doubt, call your bank, IT or your cell phone provider directly for clarification.

3. Never go to your bank’s website by clicking on links in emails

Do not click on hyperlinks or attachments, as it will direct you to a fraudulent website. Type in the URL into your browser or use your own bookmarks or favourites if you want to go faster.

4. Beef up the security of your computer

Common sense and good judgement are as vital as keeping your computer protected with a good antivirus and anti-malware software to block this type of attack. In addition, you should always have the most recent update on your operating system and web browsers.

5. Enter your sensitive data on secure websites only

In order for a site to be ‘safe’, the address must begin with ‘https://’ and your browser should show a closed lock icon.

6. Periodically check your accounts

It never hurts to check your bank accounts periodically to be aware of any irregularities in your online transactions.

7. Phishing doesn’t only pertain to online banking

Most phishing attacks are against banks, but can also use any popular website to steal personal data such as eBay, Facebook, PayPal, etc. Even the university’s e-HR site was targeted in 2017.

8. Phishing is international

Phishing knows no boundaries and can reach you in any language. In general, they are poorly written or translated so this may be another indicator that something is wrong. However, don’t be convinced it’s legitimate if it’s in Afrikaans – phishers are getting clever and adapting.

9. Have the slightest doubt? Do not risk it.

The best way to prevent phishing is to consistently reject any email or news that asks you to provide confidential data. Delete these emails and call your bank to clarify any doubts.

10. Keep up to date and read about the evolution of malware

If you want to keep up to date with the latest malware attacks, recommendations or advice to avoid any danger on the network, subscribe to the Information Technology blog or follow them on Twitter. Put your local computer geek or the IT HelpDesk on the speed dial of your cell phone, and don’t be embarrassed or too proud to ask questions from those who are knowledgeable on this topic.

Keep safe out there.

Email

Tags:
Posted in phishing, Security, Tips | Comments Off on Cybersecurity Awareness month: Some statistics and common sense advice

Cybersecurity Awareness Month: Spear phishing

Tuesday, October 30th, 2018

In a previous article, we referred to “spear phishing“. Spear phishing attacks deliberately target the university instead of sending out general emails, hoping someone will respond. This approach is successful because scammers focus on typical staff and student activities and adapt their phishing emails accordingly.

Over the past two years, the university was targeted with a few large-scale spear phishing attacks resulting in student and staff accounts being compromised and in several instances, some of the victims suffered financial loss.

In April 2017 an e-mail was sent from “Stellenbosch Payroll” with the subject of “NOTIFICATION: Your 13.69% Salary Increase.” The bait of a 13.69% salary increase certainly attracted attention and was sent at a time when salary increases and performance bonuses were being granted.

Many people overlooked the lack of a personal salutation and the grammar and spelling mistakes. The lure of a 13.69% salary increase and possible sizable salary increase made them throw caution to the wind. The university branding also created a false sense of security. 

According to the email, staff had to download the two attached documents with information on the salary increase. University staff clicked on the links and was diverted to a forged website identical to the real login page of the University Human Resources division. The forged website address was not in the university domain but very few people would spot that detail. (see below)

Once on the site, they entered their usernames and passwords to view the documents explaining their so-called salary increase. The password did not work, but the scammers captured usernames and passwords and gained access to the real HR website using the stolen details and changed the victim’s banking account details so that their salary would be paid into the scammer’s own account. The person’s bank account details were also captured and could be for further exploitation. 

 

A second spear phishing attack occurred a year later in May 2018.

An email was sent from an already compromised UNISA account. The mail warned that the receiver’s email account was due to be deactivated and that they should click on a link to renew it. The Subject said “Dear SUN E-mail User (c) Copyright 2018 Stellenbosch University” and the signature was from the “2018 Email Microsoft Administrator”, which many saw as legitimate.

Clearly, the spear-phishing scammers researched their intended target and used words and other details like SUN, Stellenbosch University & IT HelpDesk that would increase its legitimacy.

The link took the victims to another forged website. This time it was a perfect copy of the University’s own “Single Sign-On” page students and staff use to access important University services, for example SUNLearn and the staff portal. (see below)

The website address was also not in the university domain, but  the rest of the details, such as the branding and the Afrikaans link,  looked convincing.

Once the victims entered their usernames and passwords, the scammers gained control over the user’s accounts and could send out further email messages from within the university to catch more victims.

What could we have done to spot and prevent these attacks?

Unfortunately, there is an institutional perception that Information Technology has to prevent and protect users against attacks. This is not true. Users of an institutional network or even private users have the responsibility to be aware of the dangers we face in cyberspace, to sensitize themselves to the warning signs, be informed and help Information Technology flagging suspicious e-mails by reporting them and not using weak or easily-guessable passwords.

Here are some common-sense checks:

  • Don’t trust display names. These can be anything a scammer wants them to be.
  • Check for fake email domains. These will often be slightly different versions of the real thing.
  • Look at the university logo and other images.  Are they commonly available on the internet?
  • Review links carefully by hovering over the link text (without clicking). A link that is different from the one in the link text is a sign that it is malicious.
  • Look for the sun.ac.za domain name in the link. If the domain is different it is probably a malicious link.
  • Look out for bad spelling and grammar, as this can be a tell-tale sign that it’s not a legitimate message.
  • Spear phishing emails and messages are highly focused and targeted.  The criminal will spend a lot of time compiling emails and website to look authentic.
  • If you are suspicious about an email don’t visit the site. Verify it first by checking with Information Technology if it’s legitimate.
  • Use strong passwords and never use the same password (especially if it is a weak one) on multiple sites.

In the final article for the Cybersecurity Awareness Month, we will share a few thoughts on how to increase your cybersecurity awareness and give a few tips and suggestions about what the university could do to fight and prevent these attacks.

Keep safe out there.

Email

Tags:
Posted in phishing, Security, Tips | Comments Off on Cybersecurity Awareness Month: Spear phishing

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.