%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R 13 0 R ] /Count 2 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> /XObject << /I1 12 0 R /I2 15 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250611011110+00'00') /ModDate (D:20250611011110+00'00') /Title (Report 06-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Length 1849 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 70.799 521.469 675.935 re f 0.773 0.773 0.773 rg 0.773 0.773 0.773 RG 45.266 746.734 m 566.734 746.734 l 565.984 745.984 l 46.016 745.984 l f 566.734 746.734 m 566.734 70.799 l 565.984 70.799 l 565.984 745.984 l f 45.266 746.734 m 45.266 70.799 l 46.016 70.799 l 46.016 745.984 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(PHISHING: CONFIRM YOUR EMAIL ACCOUNT)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(November 10,2017)] TJ ET BT 183.083 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 197.591 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(The latest phishing attempt uses a rather obtuse message about confirming your email account to prevent a shutdown of )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(your account. It also used your email address in the salutation, which might fool some people, thinking it is genuine.)] TJ ET BT 61.016 606.442 Td /F4 9.0 Tf [(Information Technology would never send out an email like this, lacking personal salutations, direct contact via telephone, )] TJ ET BT 61.016 595.453 Td /F4 9.0 Tf [(and threatening to close your account down.)] TJ ET BT 61.016 575.464 Td /F4 9.0 Tf [(Here is the phishing e-mail example below with the dangerous parts removed. Do not click on the link or provide any )] TJ ET BT 61.016 564.475 Td /F4 9.0 Tf [(personal information. Luckily the phishing email and the server comes from the Far East, so it should be rather obvious )] TJ ET BT 61.016 553.486 Td /F4 9.0 Tf [(that it is a scam:)] TJ ET q 375.000 0 0 185.250 61.016 357.038 cm /I1 Do Q BT 61.016 339.247 Td /F4 9.0 Tf [(This is what the phishing website looks like.)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /XObject /Subtype /Image /Width 500 /Height 247 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 23324>> stream JFIF;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82 C    !'"#%%%),($+!$%$C   $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?(((((((((((((((((((((((((((((((( }FiHb@BiK^8.|(<pPnUu|y?5w7}7Ao ŜS=abz๑P򞥀_ L >PnS;@,tu\KOщ}OUZ=ijM )g A"Ÿe3! uq=k).m۟MqDF3Zo5HPۓpy?4b_'ƼxeZٸ[vpL,HNЬ^G-Fɻc'1ܤAy rEw|y?52ڌj &,mx+hϔt5[x[Q_ K6۔27ŀP1@%'hĿOyW50YT2Ci*mߗL f80+o:0C8r^Ts<@?@1/?^m[h "7r pmg$;OOӥ.i7:igtlr( 5`[}xKOщxPO{mHaHbc:#i*䂠.w;j7WzBpLjP$e|0*g4b_'ƌKO '<[ĆG#ΩcY[tJc, <Û^$6zarGt}EanGnܬ\ݒ2@1/?^yxŚmM\dimUpg&Ax&ռi ' EhZ0/Pws~Qw|y?5iȑj;cYdg1*2Nc5@ ĿO|@ ĿO|@ ĿO|@ ĿO|@ ĿO|@ ĿO|@ ĿO|@ ĿO|@ ĿO|@ ĿO|@ ĿO|@ ĿO|@ ĿO|@ ĿO|@ ĿO|@ ĿO|@ ĿO|@ ĿO(YZZ\ߤηwIi UG'dܬPMN Q#)VBX`؊ϸGKR8MLYjk2&p*Bm.^dB "?˹\ЏԨ5?Px]! !MF)C b:Wޗo5ޣgs1/, %N0ʤ1Ԏ(t xhBh\ٛߴ0W9+61Ohwc\gU CVRC.G`7T𗇣o ȖS" !`8j_v4QS1W1NAȮW:ΣDЛtNd2 .Tfm! k$sG11Fڣ'$IP?{y -#> dR7̀8eǗ󭬓x^VY$e[+Ie twms]57umiPsZm߁k}2Ng3H@̨:1[vo [DB+*? _(*h+ ۢ -c@袀 ))h4SY0Y2zJuԱPP3EQEQEQEQEQEQEQEQEQEQEQEQEQE|KԞ(v0],м"@P%B+s>#i`Q #H-`-)D B3q@W-k=5>ұmAn)?u!XדivVSOg̲YqC+-?uuڙ>IcoN⥺ieM ŝQ*KjbS'( 6A# _KagU7v+D-6< ܮ88S#u CMЯL}FX6!ȡ[''&'AuOiͨhqyfXđɰ|n0σlǹkou ظ)+p{ WN43Xk;fC]w_fݤnd!D@*D 쒸'OȖ.pדEx-btʫ# yڻyEJrKBx4w\y(6@wIgVUP7:$-P|@{}F4̜Yx8/rqE؞TbwptPO(PpG$Ck:[CiZIY7mf#3w-r.Fvrr(aߊMipѠ=*qEy|G~)Em;y..c!VB-vB屿boޛ)bO[.|Fj YD`p:GuEdZ%q>0b>[ijy P3p3q]G;3&neۈ |r(ɭ][ G7Xe B2ȳ&'3/c1w:.aM9nn\QXN9 =![{iƫo3єyrrgztx5Kk94?Dgby@~by'J+ [}@0#z[W ][ϔ0^9 S p|'񄶗2ů@EΩj4F)jhUf1$d O.K4B{4ġbIX<$PE6LNvi2Ʈ6JEBFXzP.⧴EB,x#' S|_.},(TzvQ4?u0z8jz +̔E-;Bl7[H2\Kg5T Ja5#UaZ  HPxFO&rwqT1ddˇbxZ> E}6ğlU/N |;\.Mum,U9*O":NN94x x )M#{ế=?GdҥI2&BO~?,QX,Ki$fEf${ 8<OcQ{~#,9,v,`T7(((3EPEPEPE%-QE%PTMNžg *ȑ(oby@YYԗPAWU~xuu'&6c ҉Y%~+2d1C.g!H "9s?3q}j+:mΜP4M8|Cq*ۊۢ3c&hIc -4t &%-:@@=}y (<5e X#.#"I$,pťrM^t={[+x5tFD`= =Ls >d֛kiWoyme7(VsU(2? hy4@$s#0X NߙI=VHfUX.ݿGkU{BU pYg̓<j62/1HG1&ЪbP7`a3SE_O?"ѿ/JOc ,v$ e@b Ux7DiJI8>  _H_ G$Z/ O?9'}&ͥC2!>?AM>Lt#%c%Ԁ?\ K A}?ShE)4Ҭ8HL@Y>`g֬.`  `!v ҢE)4E_Oš R4$!qGߓϽY9@ E_OOH_ @ t %hjbetd =2 h{h.kJ"d$4H_ G$Z/ OGo#Ҭ)D@20{pHM6šܓ>g#8Vh]K A}?Si?"/JH.+al;|N*Ɗ+&lhRmLn@ $Z/ OF)4 巊Y[aF40GDIw&jӤb% `_H_ G$Z7 O H9cWc _s?mc.; KS眘ј~'ַ"ѿ/J'$Z7O y< eYY Bs@TR?x5w- A}?ShBE)4E_OТ"ѿ/J/$Z/ O +?-E_OѤh%?ƏH_ @V$Z/ O- A}?Si"/JhQYh%?ƏHo @Vw$Z/ OE)4EgE_OoKaRFQ'Vc)h((((((5+xn|cG*>g̶߬K^jQυ_tPO?|-?:Zߥ ET/Qυ_tPO?|-:Zߥ ET/Qυ_tPO?|-?:Zߥ ET/Qυ_tPO?|-:Zߥ ET/Qυ_tPO?|-:Zߥ ET/Qυ_tPO?|-:Zߥ ET/Qυ_tPO?|-:Zߥ ET/Qυ_tPO?|-:Zߥ ET/Qυ_tPO?|-:Zߥ ET/Qυ_tPO?|-:Zߥ ET/Qυ_tPO?|-:Zߥ ET/Qυ_tPO?|-?cO.Hm-q[0O}/VmQKEQEQEQEQEQEQEy#`m[uy#`m@tQEQEQEQEQEQEQEQEQETsje™(IA4s&q6 3%TMu4,ia?KEPE7z)n88PEG1*o98ǶGRPE7͏򷯙3=qN((((((((a+ 6袊((((((+G='׿2ڶG='׿2ڀ6袊((((((((((((((((((((((+sK[uz_*Q@Q@Q@Q@Q@Q@Q@b^>F[Vb^:F[P7ӥ`![x/>v UE>``Q 5^6P\ {ۡ 8Hn;Wj*^_Mwv1E%u!CA,zaHc<{˭_Oğa_G<|۰V`SņTvf=񷉉$u`ТB%mj4$,3n7sT-|]{jZSZ}^M(6: `26> C@Z{U MBmm aI"iV3q i~$/ ae"g>DLV4t@@T Z3^r|s`h.P[HRxK d <j4Zơ H=N$ 7 9?62h~.=hGiWsrqTdg+=wSkN |ܳȨpIlc HʊkƓcoyeeWTᔢ\ƽ67VI# +>+< FVN~eQӓ@Ep o5$ooe4]>HLm"d@z䚧׋'k`x$IBU|9ʻqz5.%s{QİHnJ`aCqH! >-Z4Wq%gXu Bg=FۯiPkCmp1<1]r=+QsPefK[M bcPTh,w֗6Z'Uht7Q 3P^ /|<}Ǫĥ-X]TfQP>s zMZ=[E} >TtrHedw dH&hO}/Vm'Шo4QEQEQEQEQEQEQEy#`m[uy#`m@Td]AWh1#uj"w9@/u+k8ԻiJc#[!ףG*U?5g0T*:U'f?:/?iכ??\ ?MiOǗ?iW>!0>4LA(Ay/C'!'?<~~B>oI~ԩ剿v3ڋ_v-3Zjg)MZLzļz_?OG/C'0X?=' ;~u?ӿ[6s@$4??1/?i?:o?y/E'!OyKO 񺸸ISW#\,^lĒGpH%Fp3^C Ihs@$4bc?__#>KKKHS$ʼn$NI$I$NMYs@$4??1/#(s@$4?_ؘWǗW??\ ?M?Lg~+cJ+\ ?M&Lg~+cJtSE-tU؄BrB8 dW2ݡ@}w/C'0XExSFBW d2Nӿ\ ?MؘWǗ?J+\ ?M&Lg~+cJ+\ ?M&&3?a{%&_?OO0X?=_OG/C'0XEx/C'!OyEx/C'!Oyd/l-dVh!\}ȯ"s@$4?_ؘWǗ?7KmͽlXvvv=Yf'Ԓjx/C'!'?<GQ^7 Ihs@$4bc?__#(s@$4??1/#+ [U?.m펅X}d^⏹JB~Ohg>߱G,(Y/>I~`X?أd_|&}}`bϿ+oZϬQ ??E>~Ohi>߱G,(Y/>Il888kZϬR 20m-أe_|Kf%2y24HVϧE)1Ŀh#lES pO;c6@?G>@?]"\4ӿ[[0Sh p?kiEy9=k}7žm %AYU[ʧ 9GU ],(~r}?>_|E}m ?>i>߱Gȿ? M-?(~"S?'4W`X?ؤ~"S?'TW`X?أ}?O?$_[}}`b}?O?%Q_Z}`b}?O?$_[}}`bYϬQ/>_|E}k O_ZϬQ/>_|E}m O>i>߱Gȿ? !B>a+  XbQK^NgcQ{6R9s[tQEygQEQEQEQEQEQEy#`m[uy#`m@%Ihzźq.fVK%V8<PjεY$W:DYIJ Xx}qV֣{ ].)4"g2[| >9A}KQ5 ;"k;(T1F ('ۭwݍgSx6/yo1Ued&'b }Oþ մ+Ɵvƫ9flDK/@3!QeXęR+5HCw9)}:3j剼ǙBg|zsOP7]h90xǽygoNd(<‘3k)w/h#V}fR݈I<*Aa:p#r_I%YYI=*?};[}ϟp/9wɴᶌtFZѢuK/,idx_4fႱ8'Pឧe}m{?ayU{2[sa Ҁ:[Zg=څ3ECͰK;;tHĬq+j] ["@p% v[0wSZCwo%2’9l&}8J%Ӷ:HLv #d%[$㚿?~uyֱM{,G%ϓ~ ]|t VK8/efHRUgAd9:mګ[j6sF92uMwv֦yufy[J.y5w[t.K[&i 1nFxvx5Cg}Z* o S::xK5-N\XG Ep̏*xRA 뎼U]'H״˘{zKmO%f[tc/"=0@'d]W;soieImEu3DP*@h䑚iZTV_]%7)f!bN?]S[xe[Ҩi3qXfFl%pTdy >`8cנ<ڡt녷,n'hՎ)ئqs_ŝ݄sPkCuم {fum;Ŀ)kBvsro危ϖ(ܯ^T@tזUww d{SjuOiI/U-'O-ֹx67m %3}|8KcW?s75 GQ+)H̲ɽ XPZւ# WzsӰ5MS父"BrFsgt宥ձy䴐4lvR@;rE`x'\|Kk v76 $v@봹?Ek Qm]6NFօ# q-Qxl<2Rh qB%m؈ 0gX vI+FI{W}HZvvOݡdۆePIPs@TKock;yRo|c4 ~y+;?|sxV6:sBAc%,0@[$tz/V5{D-egh2T0` sTh^"(SHmx RWG GP}Bе+c0gTy ;)!v{02mp$u/mnlfim]Y3#FSd9=pS"mWk2`SAZ"^ȓa,-2JENiCDu$m.K{>0U 1G]ojv6n!6}O$mj#yz.r0>a-e;m yhfD&{ 9rJa 18>.tVyR߹V #lqvnpԋguF)n-,Y+YP[+uǡ[eI ,lb8]ˇ'}e$W '9q,`Fv .Mah~!|#A.Q67T*능 mtE'qغ1*18=+y"9t." $\bo.Րdl w/c?5O Z"X \aqx2 pI GAj[C-4+Yeya>$rquj<7$s^tP38h#sTx9XZgv{i."ۙI%HЊ<^~!n%"Գ],0 LJ`s1o;e1i<:ƚq 8\ sFt/[J&9Z,:7GKzPM[DfXd22y)\!EZu.;MJ |sk1$:|6HDwؾ_˗sz}/-DC296HP m+); .!YuP ǐJ(\@j$ӚkM 8IE1ـ1;FcYIMpvAj{mDhdB@Da!Nހ89~$x领(]TUbao"_d.rs/8MyEIw{mqLZ*bH9!q&;vK^9 Aޑywݻ;[x@&XvA.rPygRu[y%]B4 dV)܇n08NDoׁdk&%$F$4ͽ; hd+1ۅ0H?/Jw_ kKwEߜoeRW=Ec7a}[l,{XT#y#e|cuWA#TuS p˵T t;0x9W[P?d84+{ۉ@/+ 2|yy`f\Aυ%TGW- d[r|Fsn}sQkk>3EyS7*!v);\ѵ^yfec%GoS ƚxM,[K7!Hd =n$;@Tr m1;mQ 9FXFֻ?yT~h|ͣv=3G۷~ѻ>OR6Mgw7j@u3c~Wo>$Ay9}> i3N4ct69avB*@Uzm`-b&/d}=(s5ndXHxH: ^h,m1e([~~;qԞqhg_?Œ'/P5 FP5JdkH$;@pdszWpOfڔh*}K|>縹Xi5#[+qBFTO^*|4m8sQ*YĨ1رm#L|U(ϊRciVGTy,D)X6ݓ$s |*ә K fI]J-0Fk{>*}Kg_?€)~ mV[YiklbdrȒ͟G*}Kg_?€+hmc*}KyKƚ ksu8`[!asֽx4g|m+ H1lFxs>*}Kg_?€0uO꺳jGsL6f@Д2p,8HzE q$k[kRp{7>*}Kg_?€9?]%jKc"mK4r,$1#|h? FrI>*}Kg_?€0,>ik iH׷Hlﰀ3#!H\(\tW-ķϬՒ@هPDmzH͝xZyWtO_>*}K#[m rGb[|&mK,SE#/FCTtctWtO_>*}K|7A-;V3$*?2evJH5N֑C4;c FB<(8kqԿF|U(38BZnI~pNF[< n5ϴźd p[LNJH˷ p9XϊRWtO_ >Ayfl M6df;dP9'5*|0ݡTA4WqL=cRUFqFckg>*}Kg_?€3(TUuFbH%f'<`že%a VR#&$yg9C>*}Kg_?€6L'/QwD ۢ3ԿF|U(nϊRWtO_ +>*}Kg_?€6?sKF|U* ;B෹>as> endobj 14 0 obj << /Length 3857 >> stream 0.153 0.153 0.153 rg 0.773 0.773 0.773 RG 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 213.682 521.469 544.302 re f 0.773 0.773 0.773 rg 45.266 213.682 m 566.734 213.682 l 565.984 214.432 l 46.016 214.432 l f 566.734 757.984 m 566.734 213.682 l 565.984 214.432 l 565.984 757.984 l f 45.266 757.984 m 45.266 213.682 l 46.016 214.432 l 46.016 757.984 l f 61.016 229.432 m 550.984 229.432 l 550.984 230.182 l 61.016 230.182 l f q 375.000 0 0 257.250 61.016 500.734 cm /I2 Do Q 0.153 0.153 0.153 rg BT 61.016 482.943 Td /F4 9.0 Tf [(If you have received mail that looks like this please immediately report it to the Information Technology Security Team by )] TJ ET BT 61.016 471.954 Td /F4 9.0 Tf [(sending an email to)] TJ ET 0.373 0.169 0.255 rg BT 141.557 471.954 Td /F4 9.0 Tf [(help@sun.ac.za)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 141.557 470.803 m 206.222 470.803 l S 0.153 0.153 0.153 rg BT 206.222 471.954 Td /F4 9.0 Tf [(.)] TJ ET BT 61.016 451.965 Td /F4 9.0 Tf [(Attach the phishing or suspicious mail on to the message if possible. There is a good tutorial on how to do this at the )] TJ ET BT 61.016 440.976 Td /F4 9.0 Tf [(following link \(Which is safe\) : )] TJ ET 0.373 0.169 0.255 rg BT 181.544 440.976 Td /F4 9.0 Tf [(http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Spam%20sysadmin%20Eng.aspx)] TJ ET 0.18 w 0 J [ ] 0 d 181.544 439.825 m 549.707 439.825 l S 0.153 0.153 0.153 rg BT 78.360 421.003 Td /F4 9.0 Tf [(1.)] TJ ET BT 91.016 420.987 Td /F4 9.0 Tf [(Start up a new mail addressed to )] TJ ET 0.373 0.169 0.255 rg BT 225.080 420.987 Td /F4 9.0 Tf [(sysadm@sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 225.080 419.836 m 303.740 419.836 l S 0.153 0.153 0.153 rg BT 303.740 420.987 Td /F4 9.0 Tf [( \(CC: )] TJ ET 0.373 0.169 0.255 rg BT 327.239 420.987 Td /F4 9.0 Tf [(help@sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 327.239 419.836 m 391.904 419.836 l S 0.153 0.153 0.153 rg BT 391.904 420.987 Td /F4 9.0 Tf [(\))] TJ ET BT 78.360 410.014 Td /F4 9.0 Tf [(2.)] TJ ET BT 91.016 409.998 Td /F4 9.0 Tf [(Use the Title SPAM \(without quotes\) in the Subject.)] TJ ET BT 78.360 399.025 Td /F4 9.0 Tf [(3.)] TJ ET BT 91.016 399.009 Td /F4 9.0 Tf [(With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail )] TJ ET BT 91.016 388.020 Td /F4 9.0 Tf [(Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the )] TJ ET BT 91.016 377.031 Td /F4 9.0 Tf [(attachments section of the New Mail.)] TJ ET BT 78.360 366.058 Td /F4 9.0 Tf [(4.)] TJ ET BT 91.016 366.042 Td /F4 9.0 Tf [(Send the mail.)] TJ ET BT 61.016 346.053 Td /F4 9.0 Tf [(If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and )] TJ ET BT 61.016 335.064 Td /F4 9.0 Tf [(password you should immediately go to )] TJ ET 0.373 0.169 0.255 rg BT 221.081 335.064 Td /F4 9.0 Tf [(http://www.sun.ac.za/useradm)] TJ ET 0.18 w 0 J [ ] 0 d 221.081 333.913 m 341.627 333.913 l S 0.153 0.153 0.153 rg BT 341.627 335.064 Td /F4 9.0 Tf [( and change the passwords on ALL your university )] TJ ET BT 61.016 324.075 Td /F4 9.0 Tf [(accounts \(making sure the new password is completely different, and is a strong password that will not be easily )] TJ ET BT 61.016 313.086 Td /F4 9.0 Tf [(guessed.\) as well as changing the passwords on your social media and private e-mail accounts \(especially if you use the )] TJ ET BT 61.016 302.097 Td /F4 9.0 Tf [(same passwords on these accounts.\))] TJ ET BT 432.949 282.108 Td /F4 9.0 Tf [([ARTICLE BY DAVID WILES])] TJ ET BT 61.016 262.119 Td /F4 9.0 Tf [()] TJ ET 0.400 0.400 0.400 rg BT 61.016 243.630 Td /F2 9.0 Tf [(Posted in:E-mail,Phishing,Security | Tagged:Phishing | With 0 comments)] TJ ET endstream endobj 15 0 obj << /Type /XObject /Subtype /Image /Width 500 /Height 343 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 25670>> stream JFIF;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82 C    !'"#%%%),($+!$%$C   $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$W" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?7}o>!VB٣hReB͒Xv#ҹ]>&~_$qnt@T$GA݇֩|C^Nӆv4q٬+(lL|K`jiTI6һ5Svcto*OC.H"\ֲ>x;OZ+S )_mB}+^RK#nC >f0ȸֽdYr1JWg G,?/>$'V"% u ɓ:zhL@m!NFO˿~3>|?c@!)ƽLw{=*8<[ҵc opT2I,A9tψSL?h.>+d>Ć+K.No3X? _?k=n.Sg,?/{^1eK+{vaȄl}aٶy.?8Gs^m|>]Z1~؁Nb#GϘs?|MU|MU3~&v?tii`e?q>ާ.sOMQ UϘ17,?T7,?UG]>c} 7G.r7\`e?p{zw|M?7G.r7\ `e?p{zw|MU|M?7\ `e?p{zw|MU|MUpT`e?p{zw|M?G.sOmWIG]>c} ܰMQ UG]>c} 7G.r7\`e?p{zw|M?7G.sOMWEwާ.sOMQ UQG]>c{ ܰMQ ܰMWKG]>c{ OmQ UG]>c} T74Up4`e?p{zw|MU|M?7\%wާ.sOMQ UG]>c} T7,?UG]>c} T74UpTQϘ17,?UZ㏊mi܎O\U.h˿~bsWF^;݂Gr?XtEn/=z7oΗϘGͭ.M6f]vi'AEml]Z6,~^Y)vI3+7{y:?|Tz.[kK\4O1f] .\''g5oRJcs3# 8'9B~ǐg <ڴ Wᶙxw}y i&H|3v?vw:mIYBI<<QI]rSbk,DEzרĕ,rsȮRH@^`\0M,Ip:q:7(!I崷y;m rr h0B>b#!D[{IWL:!ݮdwB u= mlfx6H&\9< S6C!Vܩ?XJ9qݔ$]Isbty0u$b\;8DXEo2W q#$ck1[W l}/~Lp;Ѻ@qlyMh_?"_}若I,#h9ElɥM eT A9=;W%>7aW՗y~_)$r#3++zV2i aG ZoK;I|bP67ykqus"03$*0;JI.~QɯR`&Yf/ CᘵZ,G3A_+bw0HɅ~8h^aֿ9k:oh3A_(aֿ9k}CE=OuZ,G3A_+(a| ínf ?uZ,_PG;efk 7Q írf 9{(/0_Yfk 7W4QD{Z0_Y¾v':-oZ-=OuZ,G3A_+(a| írf ?uZ,_PG;efk 7Q ŭrf zS AZL=pp? +GW93e2v+I_=O _wYu ӊ>[K ߷-O,?/-ZI$.&@C01G ';NO?/D6pSW`k$xO  -ҮzM-?$_RL'qrO_.h۪嶝cqʭ8]Ea'2Ijz \ɶ'*hvW66paUiY%P˕U99~jz |Y 6cCdrM9Pi?6?:ߓS&Ic<g?,DՄ>%Do\D?P #=wneKpKl e`xm}U0t*BTj۠S{:˞Tן?UQVFV ~pq,z $0J/^7(_MBiw(0.-d,'9?NϝAg('?o_\jOqϸ8?Zͯk$g$$z@O`q3,%e 1FAVYԫ>Mlms*jFj88t w)lUU[ݒF~9 0wT#̟TjDY0(CY3 nYغVH,Fn}yN6y-$ڌN3T1{lt`e-KS/& H(t ϓ{תsؽHwhVQq6MGo_AԜWp.wa׿Lg9T?q^ާsAl\uЮ~[cb'?gãYX.C[+ggz}1ZFтz[Ȳt"HN@IbB2L*ShV?tI̐ȸ*E*a/@r`)]O$$m:lbYA gKJ(+o?T}z~XhZ+VE@s{00={~eͦstӒBb=OQr-Gz~rmo:pWuvc;$ V/PkOxvPx!pFW? q[v +y$68FG՜fܬzx%*xhՄ'm.vGo?T}z~\õjhP3=3K&TR0yX] Z]cM*j(-R5H݌g7,tib}JYʁv ;luItUX#dB!q53vWG^ +UP쟚];KZO.]ƍ$$~j?Uq5dӵ1d,$ [ v˥hj(-oLd$} 2h֔)htiߣQ?UsѺ}Mv: r9jifSa98$sX9nX?M*vocfI'ᝉ?yc'5nM*^X?(M*X?(M*X?(M*X?(M*X?(M*X?(E*ϻ$*($ricQ@71sb?E~?3ӎ+i 4LÇ#oo?B5_d?/pU[:i?ƭQ^W:hζEVζ?Ƭ@Əoo4Pooo:j[:hζEVζ?Ƭ@Əoo4Pooo:j[:hζEVζ?Ƭ@Əoo4P_oo:j[:hζEVζOooTPoooζEUη?ƭQ@Ɠ:jW:hηEUζ?ƭQ@Ɨ:j[:i?ƭQ@ƏooTPoooζEUζ?ƭQ@Əoo4P_oo:jW:hζEVζ?Ƭ@ƏooTPxBkW*d簢Ŀx!E~x'vG_G3[uE3[F__G(13U 5ٮ.BuKt<>McL][HJ4e{~kʵZ.t&6noȯ^-[*xv;/&+]B849Tl0c5.ulzdN<燾'D͞ur\GP3p1CINg<򚷴!Eq&=;@U6FlcCs@gCoZ-=|?ϩ]Z=/"5m,A0~+̎JIhzR[y37-ͤ& ԭWil(P3d3eOJ?dkk~*hs!z:ZW{=OH>/r̶:jnywf8zp9'T,t=7[J[K=[0HeT<֟*+~(__f﷓=5D%i* n.)( 6#}Yo{4V4Z[2dTD}|:R^Q4? LJh# {]%8 (##ֻQbӟN}ۭ@N2GlT:jF4AܿEVFEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPE_rxC_(±?3Ҏ^A_x9~,`tA,EپPO~c5آfQ?.PJ\2iXmŜk.bPMM:œWNn-ͽ`#60LQ਽O2Dm!O\ Zu%?֝SPQEEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPC_(Ŀx!E~x'vG_EFX$_kj__G(2>O>?UZc2 ?*>?UZ*ods}GU( ?*M>?UZ*o\s}GU( ?*>?UZ*o\s}GU( ?*>?UZ*ods}GU(& ?*>?UZ*o\s}GU(& ?*M>?UZ*ods}GU(& ?*M>?UZ*o\s}GU( ?*M>?UZ*o\s}GU( ?*M>?UZ*ods}GU( ?*>?UZ*o\s}GU(& ?*M>?UZ*o\s}GU(& ?*>?UZ*_\s}GU( ?*M>?UZ*o\s}GU(% ?*υV k|.>7\QUjPwA$Xyh<Ŀx!E% +oO?;?ڬ_?B5_?/pQEQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@ZZ m8mƊZX(w 1E[W}Ƒ9+jQXL mGRrHڦ3Mbpi,rU7oriTX4퐄qbքִ/];B 8]ᦹR-zyYvm󏔎>$l7I9 w@sIUX,J+95 TgYr|VzlЬZԏkݥ^?'ȯg.|C` o,\:OO4qo50»pN=uD/N[Z_i9]B(p?3Z1Ht9Smm 4ߓLVc袊QEQEQEQEQEQEQEQEQEQEQE% (/.Q_c*gxC@"}#[UC"?G _Q^QEQEQEQEQEQEQEQE2IfG =Tno쟝OEAo쟝nZH899]wB]&$5gqտo쟝!n kq/*[V5Uʏ-Q(&  Y4r3Mz.ดVG<9H76=aWϝs'h2yլÖh%Y%f>U1j4/tXʹnM0y/-d9ROJnt>GS$9OO2\5}1ѵd)D3l:׃9xAZ*=*K#GhvGz'N 9(?@L >Kr7'漻%MM\:kRm$G4JdX?f7jH4[K9-SE6 an'=Bm=8pڑ*{R3^"۷=1N\%q2Q^ye}o )bԣ,VωH;pjxKK n'anTǺw8矙A柹plZ@1KYQ@Q@Q@Q@Q@ S%{TM%{T%Q@Q@Q@Q@Q@Q@Q@Q@Q@k_]?rV;zPQxC@#}!}𣆯Š(X(((((((*mOPOPɤ1D9*=qVn-wj *7ZߣW=C{HF2PX{Y:&{N6H. 0WI,?6|U҆Y;jSPGn.؜}*Vqa⫉զ8 ۖ;$G9U$|ȣFm A].xm}kYXߣRߣU] ا|6 2h`1k!+s$r<.?TlߣTWY$.TlߣTP.TlߣTP.TlߣTP.TlߣTP.TlߣTPuyc`\`sV*ؿ4OxʖoO餶xʀ$(((((((((|K!˯Q_]? TJ ;?ڬ_/B5_?/pQEQ@Q@Q@Q@Q@Q@Q@@?1S \RH2J?* E|_7ssS}A&a[^ ? P2}O5H0R/5 g?G-rL.e,oԳG\ OKϬ/ k?G-rQ,{zo/>?;4}wk |σ?9«TW SeG_}gƏrA?#g!Q*+SeG_}gƏrA#gQ*+SeG_}gƏrA?g!OQ*+SeG_}gƏr|A#gOQ*+SeG_}gƏrA?g!Q*+Se2tac`Kc+}YMz'PHs:f6vfIM%{TOxʐ(((((((((_rxC_(±?3҇ŽЍmV/? mW5~&QEzaEPEPEPEQEQEQE6b?S=6OCNh}oC7'j]ֿ3_FWCGbRVH葧cKM5<ڭ葙!$ +RTOq^sk߭5O͉4]FZil0s{h"HRnĎ6[,O6z}ƛ5B3&y ',|d3[2kZiZ>5lE(2F> |O vڿ5&[H8 3G^Klbc z vZ'-9ak5b0|,78jd&h#t =V$wq 1U0=>% `i43}511icѵ)$5;qf27>i/4֒k?R!C+oi]H 2}޿ UzdHX$dPw0{j\ _"B4X\AJt dG5EX0 ]AjU𷹎WYgG}p}뇶R(a^q#3Z\z͋“J--%-}Y뿳u_z;ר{|?>S%{TM%{UvQEQEQEQEQEQEQEQEQE% (/.Q_c*g? mV/? mW5~&QEzaEPEPEPEPEPEPEPP7'so*z?1@dԃN>Q<i5kMQui! A5OOп߆ kU+Yk){_AE?/_AE?/_A'/P*% >'/P*% >'/P*% >'/P*% >'/P*% >'/P*% >'/P*!}O_ U?2C(.GhLҺT~"d{B5ႭddrQ+I/uk}W!id(A\>|U͞g?N٫7;Z+~)iZ֡ec3]eQ@L`~-VmHVkH*swf?5jMfoַ{G" AgzՏDּ?& q[U,@X܏6p󬽼-{q\.6mh +kg&S+jPE:+0R*PkIWOem:?El:Qqm3&_Z:DcQӷ,+4+x($|n=4ӣ5ė6Zi\[ZyR<~Fׂ;in/VHYąv0s2Y.o;<;z+|;[ծ3f;KCh-[~˲9;U8 +8axVI."kiYM;A݇f9hwfȒ 3wLr(toe)v9@8]I.d#>4V$I9F.[ j6w%͛جe@7B?y⤸4KO\_[mk L]Je-~ʰfF ^37J(5%XZzdGÚ$&O.&k)}mi!W,9Ҹ=wiqZRx,X*a 9+cҟj+|gcjpY| L$g^0sа֠e6~FAF3=a*rՄgEdi-~C=cd)KyUMo-Ԭ6$oBsi8It/QTb,条Y_p&s4o]Ӽ;eR-ޱl I'krObז4Fϝ8*Pٯ5=BWS@avfI;A 8iLѴ[ƞL m1UN~obިPN w~o郞q!a5^t'CQj&d$ݤFuvS3O3sEqheM+u-dp#کB->֞%IaE8 J`pHYl`yYmSH"c“0'gmn]4 ![رA^jNr9瓾k}_ tK lV=bY6eJ~'?A[>.{iuLE>V!f=sߚmXBP:RWJyVj{yt8[SM<%aY6c9T#vS086ESqݎ3Պ+FrXxx[Jhkm3]]۩Ll.vMg࿈]JٴgҞ+oHxƒQ8 <;L%ۀ 7ڪxvi!J1g8FF+;Nq4gK]#F#_\8WI). |Ce/.-BM*[ & ʬIYn!un 3Yȕyn)݉r9Ur=1IXX-dz<7y%4=;JTk[X{O윀3'$beMNW2c1R[WBI+#ǩ7RNrsix~Ĺb ˁ~x0YD8^hLi2o R(wfP7LBÂpz{סZ6JeޯoScm^]moOm#NP<#}h`S%d6NrXj<3m^_[H\E?)r6| ^=vbc 7P^Q;Yw# s}k j:lw1{@]On▀1_NOi&#Ÿ11o; `TYғúzm`e 9 91].(a*󔜞8hF*+dr =f2uBrђ;wf>P{Z$H«[c;W1G6é-m2=;H߅>\񏃬ka@i8"DaPq[#HSx9<-u'/Og n{ &O3!-,w(d4$.Y!pkۏ4`Txwn1b! 7 sooq4x;ºRDɦx%A;@@W@ 5`P;>ȧ%u8@}ORy' eciA*^$ c` QS8)śUiUa[-1a`qE-u5WnxBFwF5nRb&ܼ]GM{i uQ@d%ԒUQ]ح̯"2^4.# 622NZhIY*J^L1Żv AQ]n&o'`VhQRVdӺ1o|=j`ǩtx^sA%”MNs]BֱOX5'QT[In) CN>}k_w˩qgpJpNBzWzhgjeEA*2goEM$n'&iFrr~gnkRJŠ(#|K!˯Q_]? TJ ;?ڬ_?B5_?/pQUē끓v^kb}c)>?1kUoM??E'&?"-QU~71}oc(WB@d>71jI$s|P*'?"M??EZ}c)>71jI@d_O??EYc)~?.EU$s|c(WG&?"-QU~71dEU$s|QI TU_M??EdEU$s|QI TU_M??EdEU$s|QI TU_M??EdEU$s|QI TUoMA ?"MA ?",U~?1}oc(WG&?&-QU?.OM??EZoc($s|P*&?"M??EZoc($s|P*(bx%u;;Ӗ O!2%Y& (? O sm%K%HݵG~M$pkҬ X.cVhÀ@#<#4Ѣ2>+-y+p#<}n<вWcϬ>/1,:)`d*Yu.1 9no7|l!{B$/)RInX:i6`b UP3#ԒhtЈex0FJf,[I$RjH _Z$Z^l-Gi7A&܎Eϡiiؖ\(#sz Wq4> %*n@:`#cn"I1 oPv= C.rև^ZenQgN(c~rr~4ڄ6Q~auB< >\qWFm.Ww2< Ir-:WG6 G<>ќlqp=+k<B_j A)<ЇoǤΰK+>0 rzq۹ 4[l`CM r<@]n.mSjsFá 9+-#~+Ŧ߮+9y6; W84ΈDZVݟ$wJ)<5<˦ZP2b=qS%tooHΛ@-R警OD"a2z8">3jnXftÞzmI E G,H"Q*xWA &\L80|Q[Ů]ͤBGtGs0t[9E c2z,W=rGLs[iX"l[+eO1e"P70: aK&a5wY[=rvKp>c;_д[E "B9*#0uWV:~ttڕs@C]M{q4;H X&@87?q6Hە^d:UMOH-cI1eB 3U'9;?gC!y1qyڗVUptc2#$'p:g4E,mnY>K^A#SeѴ٣9tIEehT\c pOh>h8;wM=Kn 䴌cm4 B.Gv㜒A cz46lah,-b6([n$sPE^6 ܍S dw\eM^([@Ԧ/$V;[ȭ< 2Angk{E$֒,$;Y<}5t3J'?1{^)Xe-,H Cp8ߝLDV` ٢2yDN1sz CæY42Hh8oݑ5EXF]Jtxo x~5mL4mʯj)hv!]v=j3tv .H޹|NbEn v9Ө5amlBGyi( Ud^RiV Et?S:Vo,Mmi7&pl0M <`]=캅ِZUuiN9 Aǝ>ui? ȿg\)۷ c/ "l#fB۠ͻ;ǦUOG liqKXQ@Q@Q@Q@k_]?rV;zQGѬL#6J~w??Ɗ+>(ҧ;Eh_Cwg> ݟVVg??A!?;[h}n?O?֬~~ Cwg>G'vqQf_??ƏN(j=;'vqϭ4QGՙ{vN?;[h3 ϭ4wg>EY`}n?O??Ɗ(Z?/a ݟϭ4QGՙ{vN?;[h3 Ϭ ݟ~EY`}n?O??Ɗ(Z?/a ݟ~G'vqQf_??ƏN(j=;'vqϭ4QGՙ{vN?;[h3 ϭ4wg>EVg??A!?;[h}n?O?֬~~ Cwg> ݟ~EY`}n?O??Ɗ(Z?/a ݟ~G'v?4QGՙ{vN?;[h3 ϭ4wg>EVg??A!?;[h}n?O?֬~~ Cwg>G'vqQf_??ƏN(j=;'vqϭ4QGՙ{vN?;[h3 ϭ4wg>EVg??A!?;YO??Ɗ(\U{v9Y"#QEΤ'9n4Zh endstream endobj 16 0 obj << /Type /Annot /Subtype /Link /A 17 0 R /Border [0 0 0] /H /I /Rect [ 141.5567 471.1216 206.2217 480.2791 ] >> endobj 17 0 obj << /Type /Action /S /URI /URI (mailto:help@sun.ac.za) >> endobj 18 0 obj << /Type /Annot /Subtype /Link /A 19 0 R /Border [0 0 0] /H /I /Rect [ 181.5437 440.1436 549.7067 449.3011 ] >> endobj 19 0 obj << /Type /Action /S /URI /URI (http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki Pages/Spam sysadmin Eng.aspx) >> endobj 20 0 obj << /Type /Annot /Subtype /Link /A 21 0 R /Border [0 0 0] /H /I /Rect [ 225.0797 420.1546 303.7397 429.3121 ] >> endobj 21 0 obj << /Type /Action /S /URI /URI (mailto:sysadm@sun.ac.za) >> endobj 22 0 obj << /Type /Annot /Subtype /Link /A 23 0 R /Border [0 0 0] /H /I /Rect [ 327.2387 420.1546 391.9037 429.3121 ] >> endobj 23 0 obj << /Type /Action /S /URI /URI (mailto:help@sun.ac.za) >> endobj 24 0 obj << /Type /Annot /Subtype /Link /A 25 0 R /Border [0 0 0] /H /I /Rect [ 221.0807 334.2316 341.6267 343.3891 ] >> endobj 25 0 obj << /Type /Action /S /URI /URI (http://www.sun.ac.za/useradm) >> endobj xref 0 26 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000350 00000 n 0000000387 00000 n 0000000525 00000 n 0000000588 00000 n 0000002489 00000 n 0000002601 00000 n 0000002716 00000 n 0000002836 00000 n 0000002944 00000 n 0000026437 00000 n 0000026549 00000 n 0000030459 00000 n 0000056298 00000 n 0000056426 00000 n 0000056499 00000 n 0000056627 00000 n 0000056758 00000 n 0000056886 00000 n 0000056961 00000 n 0000057089 00000 n 0000057162 00000 n 0000057290 00000 n trailer << /Size 26 /Root 1 0 R /Info 5 0 R >> startxref 57370 %%EOF phishing « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

phishing

« Older Entries
Newer Entries »

Ransomware attack uses fake SA Post Office e-mails

Wednesday, February 22nd, 2017

Be aware that a ransomware attack using fake SA Post Office e-mail has made its appearance recently on the Tygerberg network.

The hacking attack, originating in Russia, uses fake e-mails from the SA Post Office to inform the victim of a parcel intended for delivery. The mail contains a link which downloads malicious software – in this case a nefarious variant of the Cryptolocker malware.

Crypto ransomware is a type of malware used to extort money from victims by preventing access to their computer or files. Recovery of infected systems is virtually impossible without clean backups.

When the victim opens the malicious e-mail attachment, the virus attacks the target PC system, encrypts victim’s files and displays a ransom note, which informs the victim that in order to restore access to their files, a ransom of between $100 and $500 must be paid. Victims have only a certain amount of time to pay a ransom or they will lose access to their files forever.

If you have been backing up your data and have extra copies of your photos, documents, and other files, you won’t need to pay a ransom. Reformatting your drive, and restoring the drive from backup is the only reliable way of undoing the damage.

Cryptolocker ransomware is a nasty infection. Criminals only seek to earn easy money and frequently manage to do so. For victims of this ransomware, I want to emphasise that paying the ransom will not solve the problem. There is no guarantee that your data will be restored. Making the payment will not help to remove Cryptolocker ransomware.

Here is some advice to prevent becoming a ransomware victim:

  • Use spam filters and be cautious when opening e-mails, especially if there are attachments.
  • Make sure you are using reputable, up-to-date security products.
  • Make sure your operating system and applications are up to date and fully patched.
  • Run a regular scan of your computer.
  • Set and use strong and unique passwords.
  • Set passwords on all your hardware devices (modems and routers).
  • Back up your data.
  • Keep a backup copy of your data in a safe place, disconnected from your computer and the internet.
  • Only visit reputable websites and online services.

[ARTICLE BY DAVID WILES]

 

Email

Tags: ,
Posted in E-mail, Security | Comments Off on Ransomware attack uses fake SA Post Office e-mails

Spam e-mail distributed on campus

Friday, February 10th, 2017

If you receive an e-mail resembling the one shown below, please ignore and/or delete it. We will never send an e-mail requesting you to upgrade your mailbox. 

Note that the malicious links have been removed and replaced with fake ones.

—–Original Message—–

From: Mr Spammer [mailto:fake@fake.edu]

Sent: 10 February 2017 10:34 AM

To: fake@fake.com

Subject: Fw: Sun Help Desk

Dear SUN Mail User,

You have exceeded the 5GB allocated to your mailbox follow this to upgrade your mailbox CLICK HERE <http://phishingaddress.com> to avoid deactivation in 7 hours.

SUN IT Service Desk Support

Email

Tags:
Posted in E-mail, Security | Comments Off on Spam e-mail distributed on campus

Learn What It Takes to Refuse the Phishing Bait!

Wednesday, February 1st, 2017

Cybercriminals know the best strategies for gaining access to your institution’s sensitive data. In most cases, it doesn’t involve them rappelling from a ceiling’s skylight and deftly avoiding a laser detection system to hack into your servers; instead, they simply manipulate one staff member or student.

According to IBM’s 2014 Cyber Security Intelligence Index, human error is a factor in 95 percent of security incidents. Following are a few ways to identify various types of social engineering attacks and their telltale signs.

  • Phishing isn’t relegated to just e-mail! Cyber criminals will also launch phishing attacks through phone calls, text messages, or other online messaging applications. Don’t know the sender or caller? Seem too good to be true? It’s probably a phishing attack.
  • Know the signs. Does the e-mail contain a vague salutation, spelling or grammatical errors, an urgent request, and/or an offer that seems impossibly good? Click that delete button.
  • Verify the sender. Check the sender’s e-mail address to make sure it’s legitimate. If it appears that our help desk is asking you to click on a link to increase your mailbox quota, but the sender is “UniversityHelpDesk@yahoo.com,” it’s a phishing message.
  • Don’t be duped by aesthetics. Phishing e-mails often contain convincing logos, links to actual company websites, legitimate phone numbers, and e-mail signatures of actual employees. However, if the message is urging you to take action — especially action such as sending sensitive information, clicking on a link, or downloading an attachment — exercise caution and look for other telltale signs of phishing attacks. Don’t hesitate to contact the company directly; they can verify legitimacy and may not even be aware that their name is being used for fraud.
  • Never, ever share your password. Did we say never? Yup, we mean never.Your password is the key to your identity, your data, and your classmates’ and colleagues’ data. It is for your eyes only. The IT department will never ask you for your password.
  • Avoid opening links and attachments from unknown senders. Get into the habit of typing known URLs into your browser. Don’t open attachments unless you’re expecting a file from someone. Give them a call if you’re suspicious.
  • When you’re not sure, call to verify. Let’s say you receive an e-mail claiming to be from someone you know — a friend, colleague, or even the rector of the university. Cyber criminals often spoof addresses to convince you, then request that you perform an action such as transfer funds or provide sensitive information. If something seems off about the e-mail, call them at a known number listed in the university’s directory to confirm the request.
  • Don’t talk to strangers! Receive a call from someone you don’t know? Are they asking you to provide information or making odd requests? Hang up the phone and report it to the helpdesk.
  • Don’t be tempted by abandoned flash drives. Cyber criminals may leave flash drives lying around for victims to pick up and insert, thereby unknowingly installing malware on their computers. You might be tempted to insert a flash drive only to find out the rightful owner, but be wary — it could be a trap.
  • See someone suspicious? Say something. If you notice someone suspicious walking around or “tailgating” someone else, especially in an off-limits area, call campus safety.

[ARTICLE FROM Educause]

Email

Tags: , ,
Posted in E-mail, General, Security | Comments Off on Learn What It Takes to Refuse the Phishing Bait!

Latest WhatsApp hoax

Monday, January 9th, 2017

If you are a user of the popular chat app WhatsApp, you should be aware of the latest hoax that states that the chat service will soon start charging a fee.

Here is an example of the current hoax:

Tomorrow at 6 pm they are ending WhatsApp and you have to pay to open it, this is by law. 

This message is to inform all of our users, our servers have recently been very congested, so we are asking you to help us solve this problem. We require our active users to forward this message to each of the people in their contact list to confirm our active users using WhatsApp. 

If you do not send this message to all your contacts WhatsApp will start to charge you. 

The message is allegedly sent from Whatsapp’s chief executive officer – Jim Balsamic.

  1. The real CEO of WhatsApp is Jan Koum.
  2. WhatsApp publically declared that they’ll never charge users for the service. [ https://blog.whatsapp.com/615/Making-WhatsApp-free-and-more-useful ]

This isn’t the first time this sort of hoax has plagued the web – a similar message was sent around in 2013.

In some cases, it was reported that victims of this hoax were “tricked” into opening a legitimate-looking Word, Excel or PDF document attached to a WhatsApp message. The PDF attachment then downloaded malware to devices to steal personal information.

Another student reported that one message they received tried to persuade them to download a R200 Edgars voucher. In reality, the link simply installed cookies and a browser extension on their phone that flooded the phone with adverts.

Always be wary of messages with the following characteristics:

  1. The person sending the message claims to be associated with WhatsApp.
  2. The message contains instructions telling you to forward the message. (Use a bit of common sense here. According to this hoax message, WhatsApp servers are “very congested” and Jim Balsamic want you to add to the congestion by forwarding the message to all your WhatsApp contacts?)
  3. The message says you will suffer some sort of punishment, like account suspension, if you don’t follow the instructions.
  4. The message promises a reward or gift from Whatsapp or another party.
  5. Just because a message was forwarded to you by a friend or family member, doesn’t make it legitimate. (friends and family can be just as gullible as any other person)

[ARTICLE BY DAVID WILES]

Email

Tags: , ,
Posted in Security | Comments Off on Latest WhatsApp hoax

Scam warning: UPS Parcel Receipt with infected attachment

Wednesday, November 30th, 2016

The holiday season is upon us and there is a lot of activity around this time of the year with parcels being delivered both at home and at the university. This is being exploited by the scammers.

There is currently a UPS scam making its rounds in university mailboxes, where victims are lured into clicking a download link.

If you have received a package via the parcel company like UPS or DHL, you might be tempted open up an e-mail that seems to come from them, saying they have a package for you. There might be an attachment that you are asked to open to confirm your address or to fill in your personal details for “verification”.

The whole thing is a scam. Clicking on the attachment will download a Trojan virus onto your computer which will just sit there doing its nefarious work — reading your files, including confidential information, then transmitting the details to a server somewhere that is controlled by the criminals.

It seems there are two main variations of this “parcel delivery” scam – both looking like a genuine notification.

  • The first one tells you the parcel service tried, but was unable to deliver a package to you because of an incorrect address. The subject heading usually has a phony tracking number. The attachment is supposedly a copy of a waybill or invoice for you to print and use to collect the parcel from a UPS office.
  • The second is a customs notification and may even seem to come from “US Customs Service” rather than UPS. It says you have an international package (usually from Europe) and that you need to complete the attached customs form so it can be delivered.

In both these cases, the attachment is a compressed ZIP file (that is, one with a name that ends in “.zip”), even though the icon may look like a Word document. As soon as you double click on it, it will install a program onto your computer will then download and install several files on your system. These may disable your firewall, look for and steal credit card and bank account details, make screen snapshots and allow hackers full access to your machine.

This attack underlines the danger of opening an attached file in an email, even if it appears to come from a person or organization you know or frequently deal with.

Here is an example of one such mail.

 

 

From: Usps Parcel [mailto:shipment@uspc.com]

Sent: 28 November 2016 07:29 AM

To: Recipients <shipment@uspc.com>

Subject: Parcel Receipt

 

USPS Shipment Notification

A parcel was sent to our office for you and we have tried to deliver it several times to your address on file.

Attached is the receipt via Dropbox, used in sending you the parcel. We advise you DOWNLOAD the document and reconfirm the address on receipt if its your valid address.

For further assistance, please call USPS Customer Service.

For International Customer Service, please use official USPS site.

 

Copyright © 2016 USPS. All Rights Reserved.

This message has been scanned for viruses and dangerous content by Fair Distribution MailScanner, and is believed to be clean. 

 

So do not succumb to the temptation of opening up attachments in emails, especially if it comes from couriers and parcel delivery companies like UPS or DHL. It is the end of the year. Our energy and concentration is ebbing and we are all more vulnerable, making us all potential targets of the cyber-criminal.

[ARTICLE BY DAVID WILES]

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on Scam warning: UPS Parcel Receipt with infected attachment

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.