Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

phishing

« Older Entries
Newer Entries »

Whatsapp scams

Wednesday, November 23rd, 2016

WhatsApp is a popular communication tool, used by students and personnel every day. On the downside, it provides cyber criminals with another way to convince you to part with your well-earned money and unfortunately it’s usually quite convincing.

WhatsApp scams come in many different forms and are often very convincing. Just make sure that you stay vigilant and don’t fall for anything that seems too good or too worrying to be true. Just because a friend or a family member sends you something, it doesn’t mean that it is safe.

Voucher scams

A message arrives in your WhatsApp from someone who looks like your friend, recommending a deal they’ve found. The messages usually come with a link that actually takes you to another website and tricks you into giving your personal information. Don’t ever click a link you’re not sure of and certainly don’t ever hand over personal information to a website you haven’t checked.

WhatsApp shutting down

There are many fake messages claiming that WhatsApp is going to end unless enough people share a certain message. The messages often look convincing, claiming to come from the CEO or another official. They’re written using the right words and phrases and look like an official statement. Any official statement wouldn’t need users to send it to everyone like a round robin. You would either see it in the news or it’ll come up as a proper notification in the app from the actual WhatsApp team.

WhatsApp threatening to shut down your account

This is very similar to the previous scam. It looks like an official message that claims that people’s WhatsApp accounts are being shut down for being inactive. Sending the message on will prove that it’s actually being used and often instructs people to pass it along.

WhatsApp forcing you to pay

Similar to the previous scam, with the only difference being that the message supposedly exempts you from having to pay for your account – if you send it on to other people.

WhatsApp Gold or WhatsApp Premium

The claim suggests that people pay for or download a special version of WhatsApp, usually called Gold or Premium. It offers a range of exciting-sounding features, like the ability to send more pictures, use new emoji or add extra security features. The problem is that it is far from secure. Downloading the app infects people’s phones with malware that use the phone to send more fake messages at the cost of the original victim.

Emails from WhatsApp

Spam e-mails are bad enough. E-mails plus WhatsApp is even worse. There’s a range of scams out there that send people e-mails that look like they’ve come from WhatsApp, usually looking like a notification for a missed voice call or voicemail. But when you click through, you will end up getting tricked into giving over your information, passphrases etc. Don’t ever click on an e-mail from a questionable sender. WhatsApp doesn’t send you e-mails including information about missed calls or voicemails.

Fake WhatsApp spying apps

Currently, it is not possible to let people spy on other’s conversations on WhatsApp, because it has end-to-end encryption enabled, which ensures that messages can only be read by the phones that send and receive them. These scam apps encourage people to download something that isn’t actually real and force people to pay money for malware, or actually read your chats once they’ve got onto your phone.

Lastly – 

Hopefully, you have  already blocked sharing your WhatsApp details with Facebook (telephone number, name etc. and allowing Facebook to suggest phone contacts as friends) and Facebook will not be able to  make your WhatsApp account accessible to the 13 million South African Facebook users.

There are some details about this controversial policy change by WhatsApp on the following page: http://www.mirror.co.uk/tech/you-can-stop-whatsapp-sharing-8893949

 

[ARTICLE BY DAVID WILES]

 

 

Email

Tags: , , , ,
Posted in Apps, Communication | Comments Off on Whatsapp scams

Spam = blocked accounts

Thursday, October 6th, 2016

A fast-spreading spam e-mail caused problems on campus last week. Some students and staff clicked on a malicious link in a phishing e-mail and subsequently gave a hacker access to their Outlook cloud e-mail accounts. The criminal proceeded to use their e-mail addresses and mailbox to spam all their contacts. Since it was sent from a @sun address, receivers of the spam didn’t suspect anything. (An example of the e-mail, with dangerous links removed, is shown below)

Unfortunately, due to the mass e-mails sent from these mailboxes, Microsoft automatically blocked the users’ accounts and they were unable to access e-mail. 

Please remember to look for the general characteristics of a phishing e-mail before you click on links in e-mail. Just because it’s sent from a @sun address , it does not mean it’s safe.

If you suddenly don’t have access to your e-mail, contact the IT helpdesk (x4367). If you’ve clicked on a suspicious link, change your password immediately.

 

From: Known address <knownaddress1@sun.ac.za>
Sent: 05 October 2016 12:26 PM
To: SU address <knownaddress@sun.ac.za>
Subject: PI Doc copy

 

Please confirm PI doc copy below using Google documents
for your account to be credited.

Continue to Gdocs

Kind regards

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on Spam = blocked accounts

Another phishing e-mail

Wednesday, September 28th, 2016

We have noticed numerous phishing scams targeted at SU mailboxes. Please note that these, like the example below, are NOT from the IT Helpdesk and are only an attempt to source your username and password. 

You will not be asked by IT to verify your account, we have automatic ways to do this. Secondly, our e-mails will be branded and both in Afrikaans and English. Hopefully they will also have less spelling mistakes than most of these phishing e-mails. 

We realise that it might be confusing, but if in any doubt, please e-mail us (help@sun.ac.za or 021 808 4367) to make sure whether these e-mails are legitimate.

From: SUN Support [mailto:phishing@dummyaddress.com]
Sent: 28 September 2016 09:40 AM
Subject: Notice

Dear User

To re-validate your mail account please click on the below link and enter your user id and password for the upgrade of your Account and Maintenance, Very Important. 

Click here

Your Mail account will be permanently terminated in a short time for failure to adhere to our urgent notice.

Thank you for your cooperation.

SUN Mail Support

© 2016 Stellenbosch University. All Right Reserved.

 

Email

Tags:
Posted in E-mail, Security | Comments Off on Another phishing e-mail

Dangerous Phishing Scam: ITS Service Desk

Monday, September 26th, 2016

Please note that there is currently a new, and dangerous phishing scam making the rounds throughout the university.

Unfortunately, several *internal* e-mail addresses, including students and personnel that were earlier compromised, are being used to spread the phishing scam. With both students and personnel being distracted by the FeesMustFall protest actions both within the faculty and at the Main Campus, they are less alert to the ongoing threat from outside and this seems to have resulted in a number of personnel and student account details being “hijacked”and used.

The mail comes from a university address, so victims think that it has to be legitimate, which heightens the threat.

Below is the phishing scam. Please do not respond to it. The criminals are trying to trick you into providing them with your e-mail details and password. These are used to gain access to the account which is then used to propagate the scam further and gain access to more personal data within the university.

The dangerous part of the phishing scam has been deactivated by removing the link to the phishers server currently in Brazil and redirecting them to an internal page.

From: Compromised University Address <noreply@sun.ac.za>
Sent: Wednesday, 21 September 2016 05:59
Subject: ITS Service Desk

With the strengthening off our security system and improving your mailing experience, We have detected your mail settings are out of date. To enhance computer system security and comply with federal audit requirements, ITS requires all Sever Users to update their account , kindly click ITS to update your account to the latest OutlookWebApp . Sign in and automatically update your mailbox by filling out the requirements correctly.

___________________
Sincerely,
ITS Service Desk
Click Here

[ARTICLE BY DAVID WILES]

Email

Tags:
Posted in E-mail, Security | Comments Off on Dangerous Phishing Scam: ITS Service Desk

Email from “IT” a scam

Friday, July 15th, 2016

 Phishing scams disguised as an e-mail from The IT Admin Desk, asking you to upgrade your e-mail, are nothing new. This week two more of these e-mails, from the same source, have been sent to SU staff’s mailboxes. One is from the ADMIN TEAM and another from IT SERVICE DESK.

Both e-mails ask you to “log in” to update or verify your account, using the link included. Both are sent from compromised e-mail accounts from Minnesota and Iowa educational institutions. One diverts to a server controlled by scammers in Brazil and the other California. However, both use a forged “login page” and the same details.

Do not respond to these e-mails or go to the site given in the e-mail. Do not fill in your username, password or other details on any site. Stellenbosch University Information Technology has no need for users to provide user names and passwords on any site other than www.sun.ac.za/useradm, where you can manage your network account. We are also able to upgrade or migrate your e-mail account without asking you to assist.

Our e-mails will always be branded and in Afrikaans and English. If you are unsure about an e-mail you received, speak to your local computer expert or ask the IT Service Desk (021-8084367 or helpinfo@sun.ac.za).

Here is an example of the phishing mail: 

From: I, Amscammer

Sent: Thursday, July 14, 2016 5:56 AM

To: 1,Amscammer

Subject: ADMIN TEAM/IT SERVICE DESK/IT HELPDESK/IT SUPPORT/WEBMAIL ADMIN (and all variations you could think of) 

Dear E-mail User:- 

Take note of this important update that our new webmail has been improved with a new messaging system from Owa/outlook which also include faster usage on e-mail, shared calendar,web-documents and the New 2016 Anti-Spam Version. 

Please use the link below to complete your update for our new Owa/outlook improved webmail.

Log on to Outlook Web Access<http://iam.aspammer.com> to update your mailbox.

ITS Help Desk
ADMIN TEAM
©Copyright 2016 Microsoft Outlook
All Right Reserved.

[INFORMATION SUPPLIED BY DAVID WILES]

Email

Tags:
Posted in E-mail, Security | 2 Comments »

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.