Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

phishing

« Older Entries
Newer Entries »

Don’t Be Fooled. Protect Yourself and Your Identity

Wednesday, April 5th, 2017

According to the US Department of Justice, more than 17 million Americans were victims of identity theft in 2014. EDUCAUSE research shows that 21 percent of respondents to the annual ECAR student study have had an online account hacked, and 14 percent have had a computer, tablet, or smartphone stolen. Online fraud is an ongoing risk. The following tips can help you prevent identity theft.

  • Read your credit card, bank, and pay statements carefully each month. Look for unusual or unexpected transactions. Remember also to review recurring bill charges and other important personal account information.
  • Review your health insurance plan statements and claims. Look for unusual or unexpected transactions.
  • Shred it! Shred any documents with personal, financial, or medical information before you throw them away.
  • Take advantage of free annual credit reports. In South Africa TransUnion, Experian and CompuShare can provide these reports.
  • If a request for your personal info doesn’t feel right, do not feel obligated to respond! Legitimate companies won’t ask for personal information such as your ID number, password, or account number in a pop-up ad, e-mail, SMS, or unsolicited phone call.
  • Limit the personal information you share on social media. Also, check your privacy settings every time you update an application or operating system (or at least every few months).
  • Put a password on it. Protect your online accounts and mobile devices with strong, unique passwords or passphrases.
  • Limit use of public Wi-Fi. Be careful when using free Wi-Fi, which may not be secure. Do not access online banking information or other sensitive accounts from public Wi-Fi.
  • Secure your devices. Encrypt your hard drive, use a VPN, and ensure that your systems, apps, antivirus software, and plug-ins are up-to-date.

 

Email

Tags: , ,
Posted in Security | Comments Off on Don’t Be Fooled. Protect Yourself and Your Identity

Salary increase e-mail not quite good news

Tuesday, April 4th, 2017

Several of our observant personnel have picked up that a very suspicious e-mail is making the rounds at the moment.

The subject is “NOTIFICATION: Your 13.69% Salary Increase”. 

This is a very dangerous e-mail. Clicking on the link will take you to a forged version of the SUN e-HR site. If you enter your username and password (because the site looks like the SUN e-HR site), the criminals will have been given access to your personal details on SUN e-HR. The ramifications of this will mean that the scammers will potentially be able to get details such as your banking details, ID number, place of residence, that are all stored on the SUN e-HR system. They will potentially then be able to steal your salary.

The e-mail contains the following message:

Hello,

Attached herewith are two (2) documents summarizing your April salary as reviewed for a 13.69% merit increase in Financial Year 2017.

This review is with immediate effect starting Friday April 28th Paycheque.

Deductions and bonuses are advised therein

The documents are attached below:

 

Below is what the forged site looks like. The address is not a university server BUT very few people notice such details and tend to skim over them.

 

[ARTICLE BY David Wiles]

Email

Tags: ,
Posted in E-mail, Security | Comments Off on Salary increase e-mail not quite good news

Phishing scam disguised as a “server warning”

Friday, March 10th, 2017

There are reports that some students and personnel have already received this mail in their mailboxes. It is a typical phishing scam but uses a different tactic to trick the recipient into divulging personal details like passwords and should not be responded to in any way. That mail was sent by a “throwaway” outlook.com mail account. It started making its appearance in June last year in Yahoo!Mail accounts.

According to this e-mail, which claims to be a “Server Message”, telling the potential victim that they recently initiated an action to shut down their e-mail account. The e-mail advises that, if they did not initiate the supposed shut down action, they should click a ‘Cancel De-activation’ link to restore your account to its normal settings.

However, the e-mail is not from the university, and no account shut down action has been initiated. The e-mail is just a crude phishing scam designed to steal your university account login details. The scammers hope that at least a few recipients will click the cancel link in the mistaken belief that they must do so to save their account.

If you do click the link, you will be taken to a fraudulent web page that has been built to emulate a genuine login screen. A form on the page asks you to enter your e-mail address and account password and click a button labelled ‘Sign in to Cancel De-activation”.  After signing in on the fake page, you will be automatically redirected to the university webmail website.

Meanwhile, the scammers can collect the login details you entered and use them to hijack your university e-mail account. Once they have gained access to your account, they can use it to send out spam and scam e-mails in your name. (as has been happening in recent weeks)

E-mail phishing scams like this one are very common. Be very wary of any e-mail that claims that you must click a link or open an attached file to rectify a supposed account problem. It is always safer to log into all of your online accounts by entering the address into your browser’s address bar or via an official app.

Here is an example of the mail that is in circulation with the dangerous parts removed. 

 

[ARTICLE BY DAVID WILES]

Email

Tags:
Posted in E-mail, Security | Comments Off on Phishing scam disguised as a “server warning”

Office365 phishing e-mail

Friday, March 3rd, 2017

Please take note of a phishing e-mail circulating on campus which looks like an Office365 e-mail notification. Unfortunately, a few students have been caught out by this trap. 

We will not send you an e-mail resembling the one below. If in doubt, rather contact us to confirm whether it’s a legitimate request.

 

From: SU Student <phishingvictim@sun.ac.za>
   Sent: 03 March 2017 12:07 PM
   Subject: Missing Mails

   You have two(2) unread messages but cannot because your mailbox has
   exceeds its quota/limit.
   Click here to use the message retriever page and enter login again to
   access missing message.

   Secretary

   Office 365

   System Administrator

Email

Tags: ,
Posted in E-mail, Security, Students | Comments Off on Office365 phishing e-mail

Warning about (Standard Bank) phishing scam being sent from university e-mail address

Friday, February 24th, 2017

It seems that phishing scammers are again using some student accounts, either by direct access or address “spoofing” (a technique commonly used by spammers to hide the origin of their e-mails by using a forged return address ) to send phishing mail such as the one below to many university accounts.

The phishers attempt to trick the recipients of their mail into thinking that because the mail is from a “sun.ac.za” account, it is genuine.

The mail below is an obvious phishing scam and should not be responded to. Also, don’t click on the enclosed links or provide any usernames, passwords or personal details to the senders.

Looking at the mail below, note the following 5 “warning signs”.

  1. No personal salutation – Just “Valued Customer”.
  2. Intimidating threats should you not comply – “Failure to Update”.
  3. Request to click a link to verify your details or to provide usernames and passwords
  4. The link takes you to a webpage that might look legitimate but is not based in the university network. (this phishing scam originated in Sri Lanka)
  5. Poor grammar and spelling.

Never be fooled if a mail seems as if it was sent from a university address.

In this case, the e-mail address of an Agricultural Sciences student was used.

Information Technology does have a good automated mechanism for submitting spam. It is quite simple to use, but being automated there will be no indication or acknowledgement that the mail has been received by Information Technology:

  1. Start a new mail addressed to sysadm@sun.ac.za
  2. Use the Title “SPAM” (without quotes) in the Subject field.
  3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an attachment and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
  4. Send the e-mail.

Do not “Forward” the Spam mail to this address. When you forward the original sender and all the information that the spam filters use to filter out the mail is lost and the Forwarded mail will be rendered useless for the filters.

Here is the mail that is circulating at the moment (malicious links have been removed):

From: Compromised, Student Account <12345678@sun.ac.za>

Sent: 23 February 2017 16:00

Subject: Mandatory Update 

Dear Valued Customer, 

STANDARD BANK MONETARY SERVICES 

We wish to inform you that your Credit Card has been listed for suspension due to recent Error/Traffic on your previous transaction. 

You are MANDATED to re-update your details here: https://dont.click.on.this.link.com 

Failure to Update within 24Hours will Lead to your Banking Services Suspension/Interruption.

We are sorry for any inconveniences this might have caused you.

[ARTICLE BY DAVID WILES]

 

Email

Tags: ,
Posted in E-mail, Security | Comments Off on Warning about (Standard Bank) phishing scam being sent from university e-mail address

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.