%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20240511190204+00'00') /ModDate (D:20240511190204+00'00') /Title (IT-artikels) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 4451 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 364.750 521.469 381.984 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 365.125 520.719 381.234 re S 0.773 0.773 0.773 rg 61.016 617.359 m 550.984 617.359 l 550.984 618.109 l 61.016 618.109 l f 1.000 1.000 1.000 rg BT 278.868 698.693 Td /F1 10.5 Tf [(POST LIST)] TJ ET 0.200 0.200 0.200 rg BT 212.789 670.111 Td /F1 14.4 Tf [(INFORMASIETEGNOLOGIE)] TJ ET BT 221.824 643.466 Td /F1 11.7 Tf [(INFORMATION TECHNOLOGY)] TJ ET BT 61.016 583.841 Td /F1 14.4 Tf [(SCAM: CANCELLATION OF DEBIT ORDER \(ABSA\))] TJ ET 0.400 0.400 0.400 rg BT 61.016 564.033 Td /F3 9.0 Tf [(Please note the following phishing scam: These scams are becoming far more fine-tuned to South African victims and )] TJ ET BT 61.016 553.044 Td /F3 9.0 Tf [(especially university accounts. Earlier this month there was a specific scam using Alexander-Forbes as a means to attack, )] TJ ET BT 61.016 542.055 Td /F3 9.0 Tf [(Alexander-Forbes being the university’s preferred consultant for insurance, medical aid consultancy etc. Barely a week )] TJ ET BT 61.016 531.066 Td /F3 9.0 Tf [(later Virgin Active’s name was used to attempt to scam university personnel. This week it is the turn of Outsurance. The e-)] TJ ET BT 61.016 520.077 Td /F3 9.0 Tf [(mails are virtually identical, only the names and the servers in the background change, but you should be able to see that )] TJ ET BT 61.016 509.088 Td /F3 9.0 Tf [(they are homing more and more to South African users, which tells me one thing that either they are getting this )] TJ ET BT 61.016 498.099 Td /F3 9.0 Tf [(information from South African victims or these scamming operations are South-African based. )] TJ ET BT 440.159 498.099 Td /F4 9.0 Tf [( )] TJ ET BT 445.163 498.099 Td /F4 9.0 Tf [(Here is an expurgated )] TJ ET BT 61.016 487.110 Td /F4 9.0 Tf [(version of the scam. Please take note and be very careful!)] TJ ET BT 308.615 487.110 Td /F4 9.0 Tf [( )] TJ ET BT 313.619 487.110 Td /F4 9.0 Tf [(From:)] TJ ET BT 339.116 487.110 Td /F3 9.0 Tf [( Absa [)] TJ ET 0.373 0.169 0.255 rg BT 367.133 487.110 Td /F3 9.0 Tf [(mailto:ibt@onlinedata.co.za)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 367.133 485.959 m 477.815 485.959 l S 0.400 0.400 0.400 rg BT 477.815 487.110 Td /F3 9.0 Tf [(] )] TJ ET BT 482.819 487.110 Td /F4 9.0 Tf [(Sent:)] TJ ET BT 505.319 487.110 Td /F3 9.0 Tf [( 29 )] TJ ET BT 61.016 476.121 Td /F3 9.0 Tf [(October 2012 01:46 PM )] TJ ET BT 159.071 476.121 Td /F4 9.0 Tf [(To:)] TJ ET BT 173.066 476.121 Td /F3 9.0 Tf [( Name <)] TJ ET 0.373 0.169 0.255 rg BT 207.329 476.121 Td /F3 9.0 Tf [(university_email@address.goes.here)] TJ ET 0.18 w 0 J [ ] 0 d 207.329 474.970 m 355.514 474.970 l S 0.400 0.400 0.400 rg BT 355.514 476.121 Td /F3 9.0 Tf [(> )] TJ ET BT 363.272 476.121 Td /F4 9.0 Tf [(Subject:)] TJ ET BT 398.777 476.121 Td /F3 9.0 Tf [( Cancellation Of Debit Order\(Absa\) )] TJ ET BT 61.016 465.132 Td /F4 9.0 Tf [(Dear Customer, )] TJ ET BT 130.532 465.132 Td /F3 9.0 Tf [( We received a Debit Order alert on your account this morning from Outsurance Insurance Company to )] TJ ET BT 61.016 454.143 Td /F3 9.0 Tf [(deduct the sum of R3150.00 from your account. If you don't want to authorized this Debit Order you can cancel by )] TJ ET BT 61.016 443.154 Td /F3 9.0 Tf [(following the instruction below. Click below to Cancel the Debit Order on your profile. You will receive a message on your )] TJ ET BT 61.016 432.165 Td /F3 9.0 Tf [(cellphone with a link, type in the last Eight digit RVN on the SMS message to complete the cancellation. )] TJ ET 0.373 0.169 0.255 rg BT 475.709 432.165 Td /F3 9.0 Tf [(click )] TJ ET 0.18 w 0 J [ ] 0 d 475.709 431.014 m 495.707 431.014 l S BT 495.707 432.165 Td /F3 9.0 Tf [(here)] TJ ET 0.18 w 0 J [ ] 0 d 495.707 431.014 m 513.716 431.014 l S 0.18 w 0 J [ ] 0 d 495.707 431.014 m 513.716 431.014 l S BT 513.716 432.165 Td /F3 9.0 Tf [( to )] TJ ET 0.18 w 0 J [ ] 0 d 513.716 431.014 m 526.226 431.014 l S BT 61.016 421.176 Td /F3 9.0 Tf [(Cancel. )] TJ ET 0.18 w 0 J [ ] 0 d 61.016 420.025 m 94.028 420.025 l S 0.400 0.400 0.400 rg BT 94.028 421.176 Td /F3 9.0 Tf [(. Regards, Security Department)] TJ ET BT 359.950 401.187 Td /F3 9.0 Tf [(\(INFORMATION SUPPLIED BY DAVID WILES\))] TJ ET BT 61.016 382.698 Td /F3 9.0 Tf [(Posted in:E-mail,Security | Tagged:Malware,Security,Spam | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 367.1327 486.2776 477.8147 495.4351 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (mailto:ibt@onlinedata.co.za) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 207.3287 475.2886 355.5137 484.4461 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (mailto:university_email@address.goes.here) >> endobj xref 0 16 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000305 00000 n 0000000334 00000 n 0000000469 00000 n 0000000558 00000 n 0000005061 00000 n 0000005173 00000 n 0000005280 00000 n 0000005396 00000 n 0000005516 00000 n 0000005644 00000 n 0000005723 00000 n 0000005851 00000 n trailer << /Size 16 /Root 1 0 R /Info 5 0 R >> startxref 5944 %%EOF malware « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

malware

Newer Entries »

Vaccinate your pc

Friday, November 9th, 2012

Every year you have to go to your doctor to get an anti-flu injection. You have to get one every year because the influenza virus mutates and adapts every year into a new strain. Computer viruses are exactly the same! Here are a few handy tips and hints to ensure the whole process is as painless as possible. But first things first –

  • Use an AntiVirus Software – It is very important that your computer has an antivirus software running on your machine. By having an antivirus program running, files and emails will be scanned as you use them, download them, or open them. If a virus is found in one of the items you are about to use, the antivirus program will stop you from being able to run that program and therefore infect yourself.

See this link for a listing of some online/stand-alone antivirus programs: Virus, Spyware, and Malware Protection and Removal Resources

  • Update your AntiVirus Software –  There is no point running an antivirus program if you do not make sure it has all the latest updates available to it. If you do not update the software, it will not know about any new viruses, trojans, worms, etc that have been released into the wild since you installed the program. Then if a new infection appears in your computer, the antivirus program will not know that it is bad, and not alert you when you run it and become infected. Therefore it is imperative that you update your Antivirus software at least once a week (Even more if you wish) so that you are protected from all the latest threats. If you are lucky then you will have an anti-virus product that will update itself automatically via the internet, but never blindly trust this. A large number of the more virulent viruses and trojans can deactivate your anti-virus software’s updating functions.
  • Install an Anti-Spyware Program – Just as you installed and use an antivirus program, it is essential these days to use a Spyware protection and removal program. These programs can be used to scan your computer for spyware, dialers, browser hijackers, and other programs that are malicious in nature. The 4 program that I recommend are SuperAnti-Spyware, Spybot – Search and Destroy, andLavasoft’s Ad-Aware, and Windows Defender.A tutorial on using some of these programs can be found below:

Using Spybot – Search & Destroy to remove Spyware , Malware, and Hijackers

Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer

  • Commercial Spyware Removal/Protection Programs – If you feel more comfortable installing a commercial Spyware removal program then I recommend WebRoot’s Spysweeper or Lavasoft’s Ad-Aware Professional. Both are fair products and a worthy addition to the arsenal of software protecting your computer.

Spysweeper Product Information

  • Occasionally Run Online Virus Scans – Unfortunately not all antivirus programs are created equal. Each program may find infections that other antivirus programs do not and vice-versa. It is therefore recommended that you occasionally run some free online antivirus scanners to make sure that you are not infected with items that your particular antivirus program does not know how to find. Three online scanners that we recommend are:

Every once in a while, maybe once every 2 weeks, run one or both of these scanners to see if they find anything that may have been missed by your locally installed antivirus software. Believe me, you will not regret it!

ARTICLE BY David Wiles, GERGA

For regular updates on the latest spam, malware and ransomware threats, please check or blog regularly.

Email

Tags: , , , ,
Posted in General, Security | Comments Off on Vaccinate your pc

Scam: Cancellation Of Debit Order (Absa)

Monday, October 29th, 2012

Please note the following phishing scam: These scams are becoming far more fine-tuned to South African victims and especially university accounts. Earlier this month there was a specific scam using Alexander-Forbes as a means to attack, Alexander-Forbes being the university’s preferred consultant for insurance, medical aid consultancy etc. Barely a week later Virgin Active’s name was used to attempt to scam university personnel. This week it is the turn of Outsurance. The e-mails are virtually identical, only the names and the servers in the background change, but you should be able to see that they are homing more and more to South African users, which tells me one thing that either they are getting this information from South African victims or these scamming operations are South-African based.   Here is an expurgated version of the scam. Please take note and be very careful!  From: Absa [mailto:ibt@onlinedata.co.za] Sent: 29 October 2012 01:46 PM To: Name <university_email@address.goes.here> Subject: Cancellation Of Debit Order(Absa) Dear Customer, We received a Debit Order alert on your account this morning from Outsurance Insurance Company to deduct the sum of R3150.00 from your account. If you don’t want to authorized this Debit Order you can cancel by following the instruction below. Click below to Cancel the Debit Order on your profile. You will receive a message on your cellphone with a link, type in the last Eight digit RVN on the SMS message to complete the cancellation. click here to Cancel. . Regards, Security Department

(INFORMATION SUPPLIED BY DAVID WILES)

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on Scam: Cancellation Of Debit Order (Absa)

What is ransomware?

Friday, October 12th, 2012

The term ransomware will leave most people flabbergasted. How can software hold something ransom or is technology becoming so clever it can take over anything?

However, this description isn’t as far-fetched as it seems. Ransomware forms part of a group of malicious computer software called malware,  which cunningly installs itself on your pc and then has t he audacity to demand data or money from you. This type of programme can be installed by means of an e-mail attachment, an infected programme or unsafe website with malware installed on it. Ransomware” is also known as a a cryptovirus, cryptotrojan or cryptoworm.

The software indeed “kidnaps” your data by encrypting or limiting your access to it and then sending you a message demanding money to regain your access.  The only way access is possible again, is by acquiring an encryption key from the creator of the ransomware at a fee.

A more recent version of the software will not notify the user that ransomware has been installed, but will merely block all access to the data and depend on the victim to search the internet for information on their “problem”. This search will then lead them to legit websites selling software to remove the ransomware, which of course is sold by the creator of the original culprit.

Ransomware is nothing new. In 1996 security experts at Columbia University and IBM wrote an essay called “Cryptovirology: Extortion-Based Security Threats and Countermeasures” to describe the software. At that time businesses were the main targets of ransomware and not individuals.

In March 2006 ransomware called Crypzip of Zippo was sent to a group of internet users. Those who received the programme also received an e-mail demanding a ransom of $300 if they wanted to access their data again.

Most antivirus vendors have ways of detecting and blocking the most known ransomware. However, no data is 100% safe. To ensure you don’t find yourself in this tricky situation, try to back up data regularly, be cautious when browsing the internet and under no circumstances open e-mail attachments from unknown sources.

More info on the latest ransomware targeting Skype users.

SOURCE: Wikipedia, Microsoft en Techtarget.

Email

Tags: , , ,
Posted in General, Security | Comments Off on What is ransomware?

New malware warning doing the rounds

Tuesday, October 9th, 2012

Incidences of malware infecting computers on campus have been reported the past week. If a window from an unknown source warns of a virus, do not attempt to click on the close button or move the window as this will in fact activate malware. The window can only be closed with the Task manager.

IT Service Desk: 021 808 4367

Email

Tags:
Posted in Security | Comments Off on New malware warning doing the rounds

Money gone phishing?

Friday, May 11th, 2012

The second you connect to the internet you put yourself at risk. Scary thought, but we tend to forget just how vulnerable we are and the easy targets we become when we’re not careful about our safety on the internet.

As an internet user you expose yourself on a daily basis to malicious software and the possibility of data theft. This includes phishing. Phishing scams use bogus e-mails and Web sites that seem legitimate but are actually designed to trick users into revealing personal and financial information. Computer criminals can then use the data to spy on or blackmail users, hijack their online accounts (including bank accounts), spread rumors, or operate under the victim’s identity.

According to our local Stellenbosch ABSA branch there are still some Stellenbosch University staff who fall prey to cybercriminals by clicking on phishing emails. To make sure you don’t become a victim, read more on phishing on IT’s self help wiki.

SOURCE: www.cnet.com

Email

Tags: , , ,
Posted in E-mail, General, Internet | Comments Off on Money gone phishing?

Newer Entries »
 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.