%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R 11 0 R ] /Count 2 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R >> /XObject << /I1 21 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20220527184929+00'00') /ModDate (D:20220527184929+00'00') /Title (IT-artikels) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Length 2681 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 384.967 521.469 361.767 re f 0.773 0.773 0.773 rg 0.773 0.773 0.773 RG 45.266 746.734 m 566.734 746.734 l 565.984 745.984 l 46.016 745.984 l f 566.734 746.734 m 566.734 384.967 l 565.984 384.967 l 565.984 745.984 l f 45.266 746.734 m 45.266 384.967 l 46.016 384.967 l 46.016 745.984 l f 61.016 617.359 m 550.984 617.359 l 550.984 618.109 l 61.016 618.109 l f 1.000 1.000 1.000 rg BT 278.868 698.693 Td /F1 10.5 Tf [(POST LIST)] TJ ET 0.200 0.200 0.200 rg BT 212.789 670.111 Td /F1 14.4 Tf [(INFORMASIETEGNOLOGIE)] TJ ET BT 221.824 643.466 Td /F1 11.7 Tf [(INFORMATION TECHNOLOGY)] TJ ET BT 61.016 583.841 Td /F1 14.4 Tf [(WARNING: PHISHING SCAM EXPLOITING ABSA NEW LOGO)] TJ ET 0.400 0.400 0.400 rg BT 61.016 564.033 Td /F3 9.0 Tf [(Many of you use ABSA as your bank of choice, as well as making use of ABSA Bank's Internet Banking facilities, so this )] TJ ET BT 61.016 553.044 Td /F3 9.0 Tf [(warning might be of particular significance.)] TJ ET BT 61.016 533.055 Td /F3 9.0 Tf [(Earlier this month ABSA announced a new logo - part of its rebranding campaign - and almost immediately phishing )] TJ ET BT 61.016 522.066 Td /F3 9.0 Tf [(scammers exploited this opportunity to continue their nefarious campaign of identity theft through phishing email attacks.)] TJ ET BT 61.016 502.077 Td /F3 9.0 Tf [(Several users have reported getting the following email - allegedly from ABSA - taking advantage of thenew logo to target )] TJ ET BT 61.016 491.088 Td /F3 9.0 Tf [(the banks customers in a phishing email scam by attempting to trick users to click on a link to take them toa fake website.)] TJ ET BT 61.016 471.099 Td /F3 9.0 Tf [(The scam email states that it comes from Absa CEO Maria Ramos, but it's actually from an outside source and informs )] TJ ET BT 61.016 460.110 Td /F3 9.0 Tf [(victims that today marks a very significant day in the Absa journey". The email uses Absas slogan, saying We are also )] TJ ET BT 61.016 449.121 Td /F3 9.0 Tf [(launching a new, fresh and vibrant Absa logo and identity that reflects our commitment to you, our customers.Potential )] TJ ET BT 61.016 438.132 Td /F3 9.0 Tf [(victimsare then encouraged to click on their New Absa eStatements in PDF format. This is not a statement, but an )] TJ ET BT 61.016 427.143 Td /F3 9.0 Tf [(HTML file which takes users to a phishing website.)] TJ ET BT 61.016 407.154 Td /F3 9.0 Tf [(Here is one example of the phishing e-mail which has already appeared in several University email accounts, as well as )] TJ ET BT 61.016 396.165 Td /F3 9.0 Tf [(personal home email accounts:)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Page /Parent 3 0 R /Annots [ 13 0 R 15 0 R 17 0 R 19 0 R ] /Contents 12 0 R >> endobj 12 0 obj << /Length 4686 >> stream 0.400 0.400 0.400 rg 0.773 0.773 0.773 RG 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 93.196 521.469 664.788 re f 0.773 0.773 0.773 rg 45.266 93.196 m 566.734 93.196 l 565.984 93.946 l 46.016 93.946 l f 566.734 757.984 m 566.734 93.196 l 565.984 93.946 l 565.984 757.984 l f 45.266 757.984 m 45.266 93.196 l 46.016 93.946 l 46.016 757.984 l f 0.400 0.400 0.400 rg BT 402.266 749.193 Td /F3 9.0 Tf [()] TJ ET BT 402.266 729.204 Td /F3 9.0 Tf [()] TJ ET BT 402.266 709.215 Td /F3 9.0 Tf [()] TJ ET BT 402.266 689.226 Td /F3 9.0 Tf [()] TJ ET BT 402.266 669.237 Td /F3 9.0 Tf [()] TJ ET BT 402.266 649.248 Td /F3 9.0 Tf [()] TJ ET BT 402.266 629.259 Td /F3 9.0 Tf [()] TJ ET BT 402.266 609.270 Td /F3 9.0 Tf [()] TJ ET BT 402.266 589.281 Td /F3 9.0 Tf [()] TJ ET BT 402.266 569.292 Td /F3 9.0 Tf [()] TJ ET BT 402.266 549.303 Td /F3 9.0 Tf [()] TJ ET BT 402.266 529.314 Td /F3 9.0 Tf [()] TJ ET BT 402.266 509.325 Td /F3 9.0 Tf [()] TJ ET BT 402.266 489.336 Td /F3 9.0 Tf [()] TJ ET BT 402.266 469.347 Td /F3 9.0 Tf [()] TJ ET BT 402.266 449.358 Td /F3 9.0 Tf [()] TJ ET BT 402.266 429.369 Td /F3 9.0 Tf [()] TJ ET BT 402.266 409.380 Td /F3 9.0 Tf [(As always, you should never )] TJ ET BT 402.266 398.391 Td /F3 9.0 Tf [(respond to a suspicious looking )] TJ ET BT 402.266 387.402 Td /F3 9.0 Tf [(email or message or click on a link )] TJ ET BT 402.266 376.413 Td /F3 9.0 Tf [(in any suspicious looking email. )] TJ ET BT 61.016 365.424 Td /F3 9.0 Tf [(Rather delete the email. No South African bank will ever contact customers and request sensitive information \(card PIN, )] TJ ET BT 61.016 354.435 Td /F3 9.0 Tf [(card CVV or online banking password\) via email, telephone or SMS.)] TJ ET BT 61.016 334.446 Td /F3 9.0 Tf [(If you have received a phishing email, immediately report it to the Information Technology CyberSecurity Team using the )] TJ ET BT 61.016 323.457 Td /F3 9.0 Tf [(following method:)] TJ ET BT 61.016 312.468 Td /F3 9.0 Tf [()] TJ ET BT 61.016 301.479 Td /F3 9.0 Tf [(1. Start up a new mail addressed to )] TJ ET 0.373 0.169 0.255 rg BT 205.088 301.479 Td /F3 9.0 Tf [(sysadm@sun.ac.za)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 205.088 300.328 m 283.748 300.328 l S 0.400 0.400 0.400 rg BT 283.748 301.479 Td /F3 9.0 Tf [( \(CC: )] TJ ET 0.373 0.169 0.255 rg BT 307.247 301.479 Td /F3 9.0 Tf [(help@sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 307.247 300.328 m 371.912 300.328 l S 0.400 0.400 0.400 rg BT 371.912 301.479 Td /F3 9.0 Tf [(\))] TJ ET BT 61.016 290.490 Td /F3 9.0 Tf [(2. Use the Title SPAM \(without quotes\) in the Subject.)] TJ ET BT 61.016 279.501 Td /F3 9.0 Tf [(3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It )] TJ ET BT 61.016 268.512 Td /F3 9.0 Tf [(will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of )] TJ ET BT 61.016 257.523 Td /F3 9.0 Tf [(the New Mail.)] TJ ET BT 61.016 246.534 Td /F3 9.0 Tf [(4. Send the mail.)] TJ ET BT 61.016 226.545 Td /F3 9.0 Tf [(IF YOU HAVE FALLEN FOR THE SCAM:)] TJ ET BT 61.016 215.556 Td /F3 9.0 Tf [(If you did click on the link ofa phishing spam and unwittingly gave the scammers your username, email address and )] TJ ET BT 61.016 204.567 Td /F3 9.0 Tf [(password immediately go to )] TJ ET 0.373 0.169 0.255 rg BT 177.557 204.567 Td /F3 9.0 Tf [(http://www.sun.ac.za/useradm)] TJ ET 0.18 w 0 J [ ] 0 d 177.557 203.416 m 298.103 203.416 l S 0.400 0.400 0.400 rg BT 298.103 204.567 Td /F3 9.0 Tf [(and change the passwords on ALL your university accounts )] TJ ET BT 61.016 193.578 Td /F3 9.0 Tf [(\(making sure the new password is completely different and is a strong password that will not be easily guessed.\), as well )] TJ ET BT 61.016 182.589 Td /F3 9.0 Tf [(as changing the passwords on your social media and private email accounts \(especially if you use the same passwords on )] TJ ET BT 61.016 171.600 Td /F3 9.0 Tf [(these accounts.\))] TJ ET BT 61.016 160.611 Td /F3 9.0 Tf [()] TJ ET BT 61.016 149.622 Td /F3 9.0 Tf [(Useful information on how to report and combat phishing and spam can also be found on our)] TJ ET 0.373 0.169 0.255 rg BT 432.707 149.622 Td /F3 9.0 Tf [(blog)] TJ ET 0.18 w 0 J [ ] 0 d 432.707 148.471 m 449.717 148.471 l S 0.400 0.400 0.400 rg BT 432.949 129.633 Td /F3 9.0 Tf [([ARTICLE BY DAVID WILES])] TJ ET BT 61.016 111.144 Td /F3 9.0 Tf [(Posted in:E-mail,Phishing,Security | Tagged:ABSA,ABSA Banking,Phishing,Report Phishing | With 0 comments)] TJ ET q 341.250 0 0 375.000 61.016 382.984 cm /I1 Do Q endstream endobj 13 0 obj << /Type /Annot /Subtype /Link /A 14 0 R /Border [0 0 0] /H /I /Rect [ 205.0877 300.6466 283.7477 309.8041 ] >> endobj 14 0 obj << /Type /Action /S /URI /URI (mailto:sysadm@sun.ac.za) >> endobj 15 0 obj << /Type /Annot /Subtype /Link /A 16 0 R /Border [0 0 0] /H /I /Rect [ 307.2467 300.6466 371.9117 309.8041 ] >> endobj 16 0 obj << /Type /Action /S /URI /URI (mailto:help@sun.ac.za) >> endobj 17 0 obj << /Type /Annot /Subtype /Link /A 18 0 R /Border [0 0 0] /H /I /Rect [ 177.5567 203.7346 298.1027 212.8921 ] >> endobj 18 0 obj << /Type /Action /S /URI /URI (http://www.sun.ac.za/useradm) >> endobj 19 0 obj << /Type /Annot /Subtype /Link /A 20 0 R /Border [0 0 0] /H /I /Rect [ 432.7067 148.7896 449.7167 157.9471 ] >> endobj 20 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/) >> endobj 21 0 obj << /Type /XObject /Subtype /Image /Width 455 /Height 500 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 28424>> stream JFIF;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82 C    !'"#%%%),($+!$%$C   $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?bJX""Ra4Vʒ1^:sLuvѭmZ|Dl0R $qtN:_kJ4۽TC> ==;21r@:qY][m2vUyGestEFRX3/bdqPx-lRZF8 ۥh6h pmKaǯnO^4}Jy^_mUW05ծG%+ N;b6dVT-9?.3P#"s/T N%Ɠ~͵,fv:HJ wv[uu ycfHu hmXŹ f-2x8eo?e\&9|ޝm-`o?/zTz`,"9XYlh$M[FR7l듓jz5ռa"VF+29PCB? N%+u23PF-fa!ITm=Gb lpJEE3.#&*VG)29lg4zi}o|Xt*}<*[dϵdz^Y6ż0YJ#=K4[DM"G 9@QU.5[+O/θUzO㎃QR{&A"0E8~u({E * }I{Pޞ1@9Kր/QYkK1MXY( 8$H_J&E[;5yM,$D{X@9%8 +XA4 x6`Ex*I,jgo$L>@$.0@,t4EQmf|(XG P~l` 0KA {t +0o> 2N-Ma9Gr_1xdr=h-`HfDK{qr6J#WF0JlԲFA.p@asO4ITYf7(:,\z9@ y,?c/|1(N.dBp_%rq?~G3+N;`A]ͩZp/E>,^r]1 Lg<ET-tt,X#0u$[XI#Fq}ܜ`g4v.i I\$TQEQEQE[RBa:d#O 3KZ^^I3G)! ~x5Sb8GiHU=x _ ]}s^9rm#|=ϩ4ѥȇ7iq7a<8޳v +";x^h9!J-`CULJe~z(ZŽ䗷[kb,[~R}GuTLֿd+g5$V:~QzS/4ganci4ƶ3ӂF=4ǻ8µ6^ۯ878>q, :&xKz zVhsGoc@HҴ`i-e "Hԁ9㡮9[Qr@~UBM*  L G؆]DIUy ]eSy,ox9 *2@㚣ujK涟=}\aAګ Z,.5 D:qHksʡ,W%<sSEF`1 gʍ8mkrHH$Iɐ]TsMYK譥 Kȿ°!H$w9l@6qG}q~օ>c2.E 2 $A/ۮh5і)]1ģ;Ta'oS4ex#h$,}*Χ=7 $3sчOCҴh67Im-<:V>%;#  !۞WUsY^H\ZHҬP3su Ѫ;8;UmAuer!qs$+8Exf~-:_-]CdNA#6Mt72\B"dw'_0=HVO][=Kkh,ي 3 $b>}NO] EtSүmmm WɞTd27C qץh\rɨ\,JV[l}9ErzՎa%HX #">A<jƙw,,x;6#IhEea"J/L r1[-du/)R6sJմѥ,eϚ8CL:7АձEs~}̗?e7 4QLn C Z|3siv^_$B?+cuP/_]]abڷp#0]` t Vt=gXD" Wdldoݖt G Cd21:mIM꯸>9ry5Q@z[C&;dqI.APe{^UִWR'evI9f=rQ@WDڝrK"A 71Rzxj)h(((j|wmqڭh,؉#;{0jw'`\'rcmH:v&Xᅭ$eIvܬq$ߎjpq1L|ˎSA>訒-ެ@BA=ЦD#EEO C[XZjuv82=>^cgmt'YW9*ӵz%+ 745qIw%"K!J\'>u]pj+۬%,z7os]-yŦgķw!v9gqc9 ڌړyjrRZxM{jH5J|S9|]k]tcrnrvkȥk%5آI̒Nr} A;iєgRaEeC]:xGS̀$Lān5Wwۭn)6c##eUuK2>Qe|J!$x u岮渄.Hp@sdUx5 ;^.X]@̣ e̱\66`YP=M^Ci3&R(bYeQla'r:I]좾]B+Bn7r >ԤE+2OR#n8xk]vh!Gi[>SpIpx<*Z@1'1Cnی~=%c{hV 4m6r}vnʏ\,k4nn8oKh弁 ږ~Ǯinuk[)dF#Gp4no]]Ok HLlb0NQoikۿ?ō\c8 UgԭRݧY|P #`rj%zG,isQy#n8 t4ESgFiF} ={U((((ZJ(()h(Z((Z((Z(( ( KIe9hF(? ȴۍ !n^%2`**\g?7ҽzZT׺eRjnciK:l FEe܎WzH`)%xPUyz(mݚeds{ F%Hr`sZvPiwsiv.NA=v@`i~uٙ(P0铝 UWDVHX,ariQ@1O-qġcѰX9oZ7b+Uɹ{ +69Rlv=kB FܜOö3 do"\ln<qZPK۽(_%?/78LWGu$~|iR&7ĊAz1h [O Ck<}w򶝅QUwar{"O mm „Jzt8(;U$-! a7 d(PFW'Zr:t{;[l-!hĨېF3}wiKm"g24|m pҶ(:=8 ibTAq,x{5hyv! |y[9gtP L:Eœ]/s3J ˴֞<-o{YxvT&u;GZɶVWwIO̟.$gnHuMh42.TtBz?vS;_ƹ-{Y4A$ ?8`5-Rw aw`Vtrq+8jybMAb+i*lv3n;Pq?ghҟy߳5swWEIhPRBpNs4p\>nWRHfxf3Ub[i˓OiO<?Vy.,4ja3`Nľ߿xp:rqO42#j$b'g#=JvS;_ƸKIuXmdNxDH80NC/͑|jYAaIv]8 OvS;_Ə)畯?\=^}B1 PFICBg`;@$'DgNN<[LOy^B(pAxG<yQ4>gOQG<(T?!GOSyQ4T?!OG<yQ4>gOQG<(T?!GOSyQ4T?!OG<yQ4>gOQG<ZgOQG<ZgOQG<(T?!GOSQ4T?!OQ4T?!NyQ4T?!N"P>R@5_bil#Ie"n8'C}7,9A,8#0?֙tss#A?wc4i$,=_Sѥu##?泠,7O{sko ۜfDbvF60L:b|q<$e=:tp,H"򮷷;UVE9#ǯLcosFʋ$nYd0=AWBE,WT?o Z4Sm s}jM<'myS 6w7~(y6w7~(߶ m*oQM>߶ m*oQM>߶ o*oQM>߶ mGqo H60aSySϼ*o?o pYQ"FUQF]es3A;"*@z}+(i(( ((i( ZJ((i( ( ( ((i( (p>d_j}q_j}q_j}q_j}q_j}%7t_F?Z#RTrI5?|%1KOGQe 4cZt*Uvn}'W kr/Śj7d S+˭F0Xjf?Zq8hs 'QO/֧Q@ 'QO/֧PwIn}PwIfO/֧R3'Q?ZE72q}Ps'Q?ZI@ q}ԴfO/֧Q@ ̟_Fd_jufO/֧Ps'Q?ZE72q}Ps'Q?ZE7t_Fd_jufO/֧Q@ ̟_Fd_jufO/֧Q@ ̟_Fd_jufO/֧Q@ }h Z)(h(( m3(:ϯT~3Oo [a2\&duC{zuWHA☌g rz?:Sm\YBfي_f+O%3',~7lk?fTع'WBj0F¤b> *T%?'۠2a5mE[Ԅ?ҹcrլ>rʤbq`H_@n{\^ǟ O6Ȼ9$'9E{|uZd:ۿ# hӼI`w0?O=A<%Ώpb|9~?:xk=}O9\*~eGTW=oASI'918ƺ)ZӨ֌ZJZ(3 JZ()hZ(( JZ(((( JZ((Z(((((((((Z( ( (Y&(S~٩+?hj[ X#F SRvW;2$xPkڧ[WE!.twOʣz p +m{&UgDw$38ۊ=zN<ַ;NJan>c̩C?t-;CP-q'RYmVff*yWBU{e2Oo5MZ=Gkgw{sgP(ɋj"Y*iP=3G+nj.59j9u6dhib]9Lnl#,j5i6xᮜl4U>5n|k j EF⾤%_ejI봨hX| VSݟ2}=W!=?v@_~s=yu}>R𽗇y_e]Lc=iY5G/u /\98 բQAom}Gj2וCeЩB8&k;GVͅ/PMX䑂"ǠBׅ|e'=)H]s=HTrYVT:ѱ?~.CI4%{59=kBF h05[AN}7ٶqRp͸GEw}zQEQQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@ EPEPIKI@Q@]A}m%),2WG c^㯃o]sI 7Dπ?_}HFje$zYnk[>jz{3<+BUM A~W_< 1k֐1 X>$umOL?/OukٯKݸ=h@?,Tuzc=J^Zw4_StukyW:%nx~'.ѕ?tG'Y5 @r#Csyd֔x⏋%\@_mo~B<,חuc);{^xwIҬ-DHorzƴ@0K({:}{V( )i( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( (JZ())i(((((ZJ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ((((zW6pm'dhrpVk$ſ@?+2-L',~ßO=??_rtP⿌Ftkc|#YLFg[!k5k=wKteyJF2=E|_Z^-W՟G6,P_KYZt/ '{-:6eB@y?P>#?3F&{9s觓@pi ߈-N)i3 H>/Zʉf(Ϸs^`:V_~&K ܧuu+L2ǰ6qg\?={_(*?(VJFeE,WIW#{e._08*.`(^kw[ImY պ(((()i((((((((((((((((M|[`kW3?I {> yGljbokqu /G4I*k#ƾs O@<|K![k;k!j}kOx |u둺+ |F8|WA ũc(Ov:Js$[.g#ٿ (<wu&Ij`7y1g c?t_gzN.Jaf8WV@8݁<> x/ž5u?YH2nX'^N{m{e2Uhu9J_E?K\eU)!# 5/F-}1=|!~G KS/1͓+9ܣ־g%RŠi"zQy_U(V?i"zQy_U(VP?ڗ֥})< QyR3@#+oŸ֝wgAsO*z)ܤG9 |x Vf]X~khII#`H">K͟dN,k |gW>mZo;Cǿhap[iG(ŝ? {? |+a*`P?@((i( ( ( ((( ( ( ZJ(h(J(i((hJZ())i(6W:Kcg ss] H2 QIg_4-OZadL4Ʌk(iO^2_5-÷?:+_}½ @"KiFWR?1]}oOਮcf6V$m$xQW$6~+hdޱB{xEt&[FɆp_\ >xP[xcROXG4~`;_fP~ZoƕM}};[el¼Pwy-pmAlU%x_s8a]j8s[VGG~+t}c|m44K+AsWP gx{kV\M{HS=_ZċjUN()h((((((ZJ((((((((()h ( (W?iE9;`b7*'5?>5uH5?n92m}I_"|6!|KHtM/q&!AfHE4P0Ҿ=bZLo/'VD8O_bP|P^*\DGĆ?dq xp|=D5[[n dq@=),O6>" ЙIzПT|7u}Ayk-&ã|P(h#-kf=ÒFU# |ϜO! I7}esf'I{kuW${8"aalpR|1u寜|FhxƞeHyBAWR%ѵ|?}Bx_ɒ`]ZNcE#vV~kW[,_DUMxx>"\[#Jp7sހ=6+2ee͌ܡ<v){yF>.ў{- Y[+%Br$$qWbbs74fr` .~dmj/7& &P\:Jen@$+k_xG\^IA87~)Oj.?Z+|:]#Zdז>Tlx! ɍxgvo\ie3\^¹ϕrZk~ Gǟ1Iֱr$5߃<ekg -/ $`w?Ě<-8"X3 ~7THaӮF68*CG_ R=ìjz(m6oqkை:Wzv/2e S)e`F}Rx3{?@yu&J@cRk~6xoKEiMa*,3FFG 9I7֤4oRHٌEJ:Et^07yfMw!9zAgohk2Ǻhk{߸`q>#>0i7Za0vŒ}!?wI.<ȵ=z2?2C|6Iiػv=L{(y~Lȥ;H+̿eO~V6tM ,`v{zGkTO.X##99>md>߮d[{gfZ?lO]qx&a(Ȍ,}| <'ĺ:UVI^'ӭn)2 d߇Zi;V-uM3D۽冞uR̀3Is[kӯqisws:) >{cc-1_?џUB{9|8@Y4fG-__kk,7{ )~Ҽyi%{)OV 9@<{ſj_W=/J 3toy3v1/?KY0ϯJO./vu 5#Ym|sA5guղg `㱯'::%.Wc?>$O^0햯t 6=yo1G7 R-v1D&v ǠrkW寁4 [qhrq܌ұm]\j)ϓq2cTet- ?OqCTQ /⺆箩X+ kt&[^rUw< t: ( )i(((( ( ( ( ( ( ()(h ( ( ZJZ()(h)(hJZ(J(hJ(hJ(hJ(hJ(hJ(hJ(hJ(h Z(( FuLneѓSŸ0[PZfHTmx}OI^O^k:>i)kcR% !mx_~&$Nyam6NxP5N;'(0Y-x^iPO-DWX< Jg{闂Ug˭ΊT&zd@xef*Fy㍫|wCG{,ڽۅ9gHP:Sֽ[jX=1[6IA ΥO^֊((((((JZ((JZ(J)hJZ(J)h())i(cBG./-̊ \l۫6Q:G `H=scހ5t ZhZ^Qk ut|#A1cRXjOvg@1]121===h;XD $E01ULt];~bvtMvXAotpnq @x@<Ĵ{Y<2;IXÝ3V;[Mi$}х!^`'FNֿP֘NiV777ǛZ7W<=릇%|1+|: sZm6\սŬ\J޸f95u/ kڭrwR@6 L~:>][TKU}NWead1:P 8!Qw5WovׄՑ_qq[^𕗅Kɼɦe]8K=2It_Nۿ*<9[+z5HcU쁐8?)#=hwjWMy$Z u Ue\^ARsRK^qH-x.y铁kVZt"R:kAwy=Ni|sy+O jXZT:6N@PQ^s/lеa~_F̨W?9*J_۞7b=Nzơo3^}Q,J(e^\`5t]S 3/Yuyz)!Q݈ r(F I5}U.llS.UY^O^uO|Qwڍ ;o[݉#t6O)hZJZJZ(( JZ((Z((ZJ()h(Z((Z((( x 7G營Cuu-¤q2ys{(Gï^5x|D/Ρ,P;ڻ`Vok7>0!|!}o8\jYvpl0uo ’ ?a&0h* bEWKKxY'|,[%n.YSjw|^Ex?ǒگ,uUԋIE19G` 1$WszŞ#ZV[i#hЂXJ&!%+} "q^Ey'kZ2PxMɬEѐOWs)Ҡ/}O>5B Y!Go.F"0 vy^Egx{s&Hov#ݻn{洩(Z)(Z(Z)(Z)(Z))hZ)(Z)(()h JZJ)i()hZJ()i(Z(Z( ))hZ(Z))hZ()i(ZJ()i)h(()h ( JZJ(*> 𖡭$K=H%X׎pX\o\ÆPT2JK(^Hw>(xF}YDVP2ȱ)7R͓˓ꨬ}'ź6Ih E.Lgq'+>,`" $4W#h9*Lx_[KM7UpK&ҕQAp9߉Y >4vW&eU(0 EuTW-/į $̷qU?e3mϗmٻfRQ@ EQI@ E%-RQ@ EQI@Q@Q@Q@Q@ IEQEQEQEQEPIKI@p<|C:fkyɭ1oE>Wvrz`c:~͢z{qnxb˕v7m7SIf[ {JL̈́;Adkh"w [Pܬ@`>G/=b]OAu9XgӦnn$@@aG+k:hl kJW^kIm=wT Z:oxcWS˥?=ujDTʜxOBWO%hG:H1Wh9#@~kpiėQkkˈ`xȮF/9< k|τVݴk :l{Hź#6^Z(Ͼ:jk}}w:MH9QQnzgoVu[6"}Kַg7`cpzqҽяjsᗎ;<6Rc+ẶqGJ_|ImϦifnVdjDcR%xnA{zJKW_ڦ{kco$ۼ+-ݎHRЎI?M^|X/ɝ3=+J((J:KE&s@ EPIKEQޒ)(hJZ()(h(J(h))i(wRjVE4%xi9tUO]ZFtȦy wƱ$ኂ0Ǿx@N IY}4"RQ!\߁=6U׼Ohzܭq,feMCubT w]Kxe +Q`@oPA,<iJD%.㴒4+6`ʀǎ3#ZR-^FM>F$1Ϙ` lStC)o+kK 6Q(2J,`P y88kknM4FcJS͸G}/XtPE m`I<@nxU{J&771JJ`@>eL3 6U ,* ;;p>\we$QLf.<@dƭ',6qFUm>ѪIpdFD P{d;bisxu+RHT4dEg]Ѷ/-QT!'f)imh B/;Č㛘M>KX˲aĎ僗 ON_]+,>#%e >A;:s@$.湒;籍19'\;G=koZ}r_]]䬓6ܖ:2w䱿}Hf {Fw7Rhdtc@LN%a(;+m,p =~}vZ%K^a9[.T_1K(0d>D.Dp>WsA;1#þ-%r 34ygN:ap+|zX{"$B*II$A8`Gl/5Aga' *Ч#L-W  + Vn2kh ,XLMt`xR-#Sya{k` eWYdrƖ>$n"hE.r)?(rFphO>b ,gY.LpHۑ#s[xl Z%|@(YPt8VNjL2?d|ogG<\YT(9#*R]߰09>#gU9]^x$Qh*L }Ĭ`d5~ X3[GoWS]GEGDFY_98s֮#M khXūab$s1{N\X[.EUk|4M"$ba! c rIϡMsfnk9*@̠+.1~xLӯZ]ܚsJl1Q-a=qs RX"I25[5hs0w g<{c+%H[VÐKh0%3+}K]Bk.e]";rdȁ)r1[:>owy,|hYY$ć*Î9yEޭqʰӕa>Acv?_Yn5 sSmF8?:#G'gV!mgK?kD ~%ټC8kck[[aӾ#4۸1*̸={v{M-$R^=ֲkb$`9 k&5m\FV62)b\/[%~æjpR :c$Qddu<ֿ4٧ ڋ…³ ~n(vu]km%[BټʼnAtfRa'ʀ2/5A]iƯv`GmY XO2rv̥KBy`s]*xOcyREܤ#~\L^bh͹S#+ /rdqr^)H#4,#i#aDx۽9Ğ6 0v,lUۖl.!ۻ'&8۷8|Q;Y/.{#1G$oUi ךӸ2xv p9[/N1j5h?]Z^jW}Mծ|. PF\1ޝljqX?-@Umk ivu+o%Xfi;m 7^PEPEPEPEPEQERR@ TuUpQ+ G P !/ "iU8Si#&7p\9Hb ' 2OANh< iJSXZVi yk*r=pkT^-Ua 0Gj=lR +FY DXզb*~P]T:U}G}6I5_|r6i Kގ½<ԐA:erwP@v䞹^i ӮedUcqf%` s r 뢣 S~mە,8EڨA]]$S ;/8z1Һ(0RM̯4!*s:UˍO2Z9&ffQִh 9<$L$<3}Yse *h<-[ h2ƅV" I#=܆2KUUXqPz:o4M*+""*H' +ƺ Z.=٦rªV5{"%Nx]cu▒Mp #M"c1#[Jky .s:vs{H@yD5K@rx7I(O E1K̮ʸ ;4:n܉TɍXI99(_ry.U( LtSJ1[bBPQs]i>ӴCA W1Dz!, 63nu{R]B,#1x;Uzw@ !ՠr$YM/'~3Po7͍.am*\:! x?}R{!WbxH/Fbgm9<JQB dZZJ)hZJ(((J|iqX52O_OJ@(c]=z;B6ߥxBXyOWźMcy=.RQn..U ɫ-%wTE!yg 8 %x'2/ ɇu|6(԰T(uRWՍw VI]b&-Nvu/k-mj0#hnR(lTSN ˄𮽭j.5՜GlFmYUb*Bya(*1 VVjv۲)mZyHy@ la7wTڏufS;6%mTKm:d3UpF>Er#׵+ f;{kom7(ȘosȫxRKK$,K\= h( (Z(()h NQ@Q@Q@Q@Q@Q@Q@ZJ((((((((((((((((((( endstream endobj xref 0 22 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000328 00000 n 0000000365 00000 n 0000000500 00000 n 0000000563 00000 n 0000003296 00000 n 0000003408 00000 n 0000003515 00000 n 0000003631 00000 n 0000003736 00000 n 0000008475 00000 n 0000008603 00000 n 0000008678 00000 n 0000008806 00000 n 0000008879 00000 n 0000009007 00000 n 0000009087 00000 n 0000009215 00000 n 0000009340 00000 n trailer << /Size 22 /Root 1 0 R /Info 5 0 R >> startxref 37933 %%EOF ABSA banking « Informasietegnologie
Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

ABSA banking

Warning: Phishing scam exploiting ABSA new logo

Tuesday, July 17th, 2018

Many of you use ABSA as your bank of choice, as well as making use of ABSA Bank’s Internet Banking facilities, so this warning might be of particular significance.

Earlier this month ABSA announced a new logo – part of its rebranding campaign – and almost immediately phishing scammers exploited this opportunity to continue their nefarious campaign of identity theft through phishing email attacks.

Several users have reported getting the following email – allegedly from ABSA – taking advantage of the new logo to target the bank’s customers in a phishing email scam by attempting to trick users to click on a link to take them to a fake website.

The scam email states that it comes from Absa CEO Maria Ramos, but it’s actually from an outside source and informs victims that “today marks a very significant day in the Absa journey”. The email uses Absa’s slogan, saying “We are also launching a new, fresh and vibrant Absa logo and identity that reflects our commitment to you, our customers”. Potential victims are then encouraged to click on their “New Absa eStatements” in PDF format. This is not a statement, but an HTML file which takes users to a phishing website.

Here is one example of the phishing e-mail which has already appeared in several University email accounts, as well as personal home email accounts:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

As always, you should never respond to a suspicious looking email or message or click on a link in any suspicious looking email. Rather delete the email. No South African bank will ever contact customers and request sensitive information (card PIN, card CVV or online banking password) via email, telephone or SMS.

If you have received a phishing email, immediately report it to the Information Technology CyberSecurity Team using the following method:
 
1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

IF YOU HAVE FALLEN FOR THE SCAM:
If you did click on the link of a phishing spam and unwittingly gave the scammers your username, email address and password  immediately go to http://www.sun.ac.za/useradm and change the passwords on ALL your university accounts (making sure the new password is completely different and is a strong password that will not be easily guessed.), as well as changing the passwords on your social media and private email accounts (especially if you use the same passwords on these accounts.)
 
Useful information on how to report and combat phishing and spam can also be found on our blog

[ARTICLE BY DAVID WILES]

PHISHING: Absa Surecheck Profile App

Monday, October 16th, 2017

Over the weekend and as already reported by a number of Tygerberg colleagues & students, a variant of last week’s ABSA phishing scam has started flooding our email.

The tactics have changed slightly and the criminals are now using a South African domain name to launch their attack. Below is the example of the phishing email, with the forged “ABSA Bank” login page to attempt to convince you to give your bank details willingly to the scammers.

The subject of the email is “Absa Surecheck Profile App – Upgrade | FICA information” which is designed to say absolutely nothing. It is what is known in information technology circles as “techno-babble”

While the methods used to steal a your banking details may differ, the process followed by fraudsters to steal money from their victims in South Africa are nearly always the same:

  1. Get the person’s Internet banking details, typically through a phishing attack. (as shown below)
  2. Get a banking account/s to which money can be transferred to and withdrawn.
  3. Clone the SIM card used by the victim.
  4. Create beneficiaries (using the list of banking accounts) and transfer money to these beneficiaries.
  5. Withdraw the money from these accounts.

Here are the obvious warning signs:

  1. The sender is not an ABSA email account (in this case a “throwaway” German email account used to send millions of phishing e-mails)
  2. Vague and deceptive subject lines (Techno-babble)
  3. An attached file (.htm) that contains a web page that opens up in your browser and links in the background to the server in South Africa.
  4. Impersonal salutation. “Dear Valued Customer”. Banks will never address you like this. They have your money – so it stands to reason that they will know your name as well.
  5. “Online verification” has **** to convince you that the email is genuine, but university addresses end with ac.za, not co.za.

 

The web page that you are directed to is actually the .htm file based on your computer (as an attachment, but links directly to the phishing server in the background.)

In this case is iteron.co.za which is listed as “undergoing maintenance” but is fully functional in the background.

 

 

If you have received an email that looks like this please immediately report it to the Information Technology Security Team using the following method:

Send the spam/phishing email to the following addresses

help@sun.ac.za

…and sysadm@sun.ac.za as well.

 Attach the phishing or suspicious email on to the message if possible. There is a good tutorial on how to do this at the following link (Which is safe): http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Spam%20sysadmin%20Eng.aspx

  1. Start up a new email addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
  2. Use the Title “SPAM” (without quotes) in the Subject.
  3. With this New Mail window open, drag the suspicious spam/phishing email from your Inbox into the New Mail Window. It will attach the email as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
  4. Send the email.

If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and password you should immediately go to http://www.sun.ac.za/useradm and change the passwords on ALL your university accounts (making sure the new password is completely different, and is a strong password that will not be easily guessed.) as well as changing the passwords on your social media and private e-mail accounts (especially if you use the same passwords on these accounts.)

[ARTICLE BY DAVID WILES]

ABSA eStatement phishing

Sunday, September 22nd, 2013

The only thing that must be more annoying than us constantly warning you of e-mail scams, is the persistence that is shown by the criminals and scam artists to attempt to con you, and steal your personal data and money.

The problem is they will continue to send phishing mails because they continue to catch people, even within an academic institution like the University.

Recently another ABSA eStatement landed in our e-mail box, this time a little more sophisticated, but armed with a few basic tips you will be able to spot the scam quickly.

Keep an eye out for these mails in your mailbox and delete then or add then to your Junk-Mail filters to block them in future.

Here’s how you spot can them:

1. Did you give your @sun.ac.za work address as your primary contact for Internet Banking?

2. Do you bank with (in this case) ABSA?

3. Is the salutation addressed to you personally, or is it just “Dear Customer”?

4. Is there a .pdf or an .html file attached? (phishers almost always use .html – a forged web-page)

5. Is the Subject of the e-mail “important” sounding? (In this case “Absa Cheque Account Statement”)

6. If you click on (or open by mistake) the attachment, does the web page look like the bank’s normal login page but does it LACK the https:// text at the front of the address and is the normal http://?

Answering these questions, it will be easy to establish whether an e-mail is clearly a phishing scam and can be deleted. Be vigilant and alert. Anyone can be caught out – even you.

[ARTICLE BY DAVID WILES]

 

 

© 2013-2022 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.