Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

phishing

« Older Entries
Newer Entries »

Phishing remains prevalent

Wednesday, January 13th, 2016

Attempts to harvest staff’s personal information in order to gain access to bank accounts, remains a thorny issue.

Unfortunately we can’t warn you against every potentially dangerous e-mail, but we can show you what to look for so you don’t fall prey to one of these scams. Look out for these signs:

1. The e-mail is never addressed to you personally – it’s a generic heading. (e.g. Dear client)
2. It asks the receiver to divulge personal information, for example your ID number, password or username.
3. The e-mail asks you to click on a link to “activate” your account. Don’t click on any links in e-mails (unless it’s an official IT e-mail) and also don’t copy and paste it in your web browser.
4. Usually a short time limit is given, for example “within 24 hours”.
5. Make sure the request is official and legal by calling the company and confirming.
6. Do not send sensitive information by e-mail. Legitimate companies won’t ask you to send data by e-mail.

Above all, the best defence is being attentive and cautious. Report suspect email to sysadm@sun.ac.za and also read our articles on security on our blog, as well as the fortnightly newsletter, Bits & Bytes.

Email

Tags:
Posted in E-mail, Security | Comments Off on Phishing remains prevalent

Phishing warning: Survey on peer review

Thursday, November 12th, 2015

It’s no secret that you can fake just about everything on the Internet, you can fake job references, fake news, fake academic credentials, and fake science.

Academic journals that distribute important research from universities, such a Stellenbosch have had to deal with a proliferation of fake peer reviews. Scams that mask themselves as academic journals which request payment, to accept and publish papers without any form of peer review whatsoever, are common, but now the peer review process itself is being hacked thanks to third-party services that can be paid to fabricate peer reviews for papers. In many cases, identity theft is also involved, with real scientists often never knowing that their identities have been stolen for the purposes of issuing false peer reviews.

Below is a mail sent to one of our own esteemed researchers, who was solicited to complete a survey about the peer review process. Although seemingly innocuous, a quick check on retractionwatch.com reveals that this particular survey has been flagged as a potential source of identity theft, malware and phishing. Dangerous parts of the mail have been removed.

If you are involved in writing and submitting academic papers and reviewing papers, be aware of the minefield of scammers out there who only want to use your good name and reputation, for their own monetary gain and status.

[ARTICLE BY DAVID WILES]

From: Scholarly Research Survey <scholarlyresearch@dummyaddress.com>

Reply-To: Scholarly Research Survey <noreply@dummyaddress.com>
Date: Thursday, 12 November 2015 at 12:05
To: Dr R.E. Searcher <emailaddress@dummyaddress.com>
Subject: Survey on peer review

   

Dear Dr. Searcher,

We are contacting you because you are the corresponding author on a paper that was published in XXXX-XXXX. We would like to invite you to complete a survey, which is about the attitudes of researchers to peer review and scholarly publishing in general. It should take no longer than 8-12 minutes of your time.

This study is being conducted on behalf of a major publisher whose identity will be revealed at the end of the study as we do not wish to bias responses. Your results will be kept confidential and used only for research purposes.

To begin the survey, please click on the link below (or paste it into your browser):

Click here for survey

Thank you very much for your time, we really value your input.

________________________________________________________________________________

If you would like to opt-out of mailings in relation to this research project, please click (here).
Please do not reply to this e-mail as the inbox is not monitored. If you are having trouble with this survey you can let us know (here) and we will address any technical problems as quickly as we can.
Email

Tags:
Posted in Research, Security | Comments Off on Phishing warning: Survey on peer review

Credit card fraud increasing

Friday, October 23rd, 2015

It’s Friday afternoon and you are looking forward to an effortless evening of movies and take-aways. You drop in at the closest pizza place on your way home. In your rush to silence your growling stomach, you forgot to draw cash. The closest ATM is 5 kilometres away, but at least you have a credit card.

Paying is no problem and the transaction is safe. You can see the card machine the shop assistant uses and you discreetly type in your PIN number. Besides, card cloning only takes place when someone takes your card out of sight. So they say.

But did you notice that the machine swallowed a little bit more of your card than other times. Usually you can still fit your thumb on the card while you complete the transaction, but now it’s hardly visible.

Coincidence. Actually no. Your card was just skimmed.

Last year R450 million was lost to credit card scams, 23% more than in 2013. The increase was particularly sharp at take-away outlets. But even handheld devices in restaurants can be tampered with. Between 2005 and 2015 1377 compromised devices were confiscated.

Card cloning is just one form of credit card fraud. When you use your card on the internet, whether it’s for banking or online shopping, there’s always some risk involved.

According to Kaspersky Lab, one of the leaders in internet security, 5000 websites are compromised daily. Malware and phishing through e-mails are still one of the biggest problems at Stellenbosch University.

How do you avoid becoming a victim?

Keep an eye on your card at all times.

  • Place your credit card in the machine yourself so you can feel if it goes in easily. With a chip card, you should still be able to comfortably fit your thumb on the card, even when it’s in the machine.
  • Never send your banking details with e-mail.
  • Also never click on a link asking these details – even if it looks like you bank’s branding.
  • Install spam blocking software to eliminate phishing e-mails.
  • Ensure that your antivirus software is up to date and regularly updated.
  • When you purchase online with your credit card, only use official, safe websites. Even then, see if the address starts with “https:”, otherwise it’s not secure.
  • Don’t use public wi-fi for any personal transactions or purchases. (read more here)

[SOURCE: www.mybroadband.co.za]

 

Email

Tags:
Posted in Security | Comments Off on Credit card fraud increasing

E-mails with a hidden agenda

Wednesday, October 14th, 2015

Two e-mails trying to scam staff out of their information, and potentially money, materialised in our mailboxes last week.

The first is a familiar one attempting to get you to reactivate to increase your webmail quota.

The source of the scam is Russia, and  it uses a man-in-the-middle method to send out the mail. This method takes the e-mail credentials from a staff member who has inadvertently given their e-mail details to the scammers. It typically occurs when you respond to a “you have won/inherited X-amount of money in a lucky draw/online survey/death of a unknown relative/government official” e-mail or click on an advert on a compromised website.

The scammers use your e-mail address and, if it is also infected with malware or a virus, your PC, to send an e-mail to all accounts within the same organisation.

The use of a university e-mail as the alleged sender often lulls us into thinking it is legitimate and we respond. We forget that “senders” and most mail details in an e-mail can be forged by these scammers.

The mail below is an example of one such scam. It might be useful to remember that personnel currently have 1Gb of mailbox storage, and students have 50Gb through Office365. The dangerous links have been removed.

The second e-mail targets Pick & Pay clients with an e-mail on Smart Shopper credits. (see example below with active links removed)

Take note of the following:

1. The e-mail is never addressed to you personally – it’s just a generic heading.
2. It asks the receiver to divulge personal information, e.g, Smartshopper number and ID number.
3. The wording is somewhat threatening –  “make sure” and “must”.

With the information sourced by the e-mail, Smartshopper cards can be duplicated. Since your ID number is also joined with your Smartshopper card, not only your credits are at risk, but also the possibility of identity theft.

Never respond to this sort of mail. Information Technology will never send such a mail about your mailbox size and Pick & Pay also won’t communicate with its clients in this way. If in doubt phone the IT Service Desk.

 

From: University, Personnel, Address <faultyaddress@sun.ac.za>

Sent: Wednesday, 14 October 2015 08:24
Subject: 500MB

Dear E-mail User,

Your webmail quota has exceeded the set quota which is 500MB. you are currently running on 1.3GB. To re-activate and increase your webmail quota please verify and update your webmail Account In order to  re-activate and increase your webmail quota click linkhttp://phishing.site.in.russia/   LOGON WITH YOUR LOGIN DETAILS TO COMPLETE UPGRADE.

Failure to do so may result in the cancellation of your webmail account. You may not be able to send or receive new mail until you re-validate your mailbox.

Thanks, and sorry for the inconvenience.

Admin/ Webmaster/ Local host

 

From: Pick N Pay [mailto:faultyaddress@pnp.co.za]

Sent: Tuesday, 20 October 2015 05:42
Subject: Your R700 Pick N Pay (PNP) Shopping Voucher ready for claim

Attention PNP Smart Card Owner,

You have qualified to receive a shopping voucher of R700 to shop for groceries at any “PNP” outlet near you. Make sure you have your SMART SHOPPER CARD with you before you can proceed.

CLICK HERE TO PROCEED

Regards,

PNP

 [INFORMATION SUPPLIED BY DAVID WILES]

Email

Tags: ,
Posted in E-mail, Security | Comments Off on E-mails with a hidden agenda

Tax season = cyber scams

Friday, July 24th, 2015

Only people with an unusual desire for pain and discomfort look forward to a trip to the dentist. The same goes for tax.

Criminals know this and prey on our vulnerability. Every year at this time, e-mails like the one below end up in SU staff inboxes. It informs you that the taxman owes you money and all you have to do to receive it, is to click on a link.

This is a scam, and you should never respond or go to the site or open up the attached file, as this could compromise your banking security.

  1. SARS has your banking details on record and keeps it in secure and encrypted form. They do not need you to confirm or enter your banking details.
  2. SARS will always either SMS or send you a registered letter in the post to inform you of tax returns. They will never contact you by unsecured e-mail.
  3. They also have enough data to address the mail to you PERSONALLY and not via some vague “Dear Taxpayer” or “Good Day” salutation.
  4. There is no EFiling@sars.gov.za address.
  5. The attached file is usually a html (webpage) file and will connect you to a server controlled by the criminals. This server downloads a Trojan virus to your computer that will install software, malware and do all sorts of nasty things to your computer and data. Another tactic is to present you with a “login page” where you enter your banking account details, your PIN code etc.
  6. Unless you have added your university e-mail address as the primary contact address on the SARS system, you should never receive mail on your university account.

This phishing scam will allow the criminals to log into and take control of your bank account via the internet.

They can create themselves as beneficiaries, transfer your money to their account, and then delete the evidence pointing to their account.

These scam e-mails will never stop. It is always difficult to block them too because scammers change their addresses, details and methods on a daily basis. So it is always best to dump these mails in the junk mail folder, blacklist the sending domain and delete the mail immediately.

Why do these criminals continue to send their mail? Because they catch people regularly. In 2012 R14+ million was stolen from South Africans alone using phishing tactics such as this one.

Also read more on this on the mybroadband website.

EXAMPLE OF E-MAIL:

From: SARS eFiling [mailto:eFiling@sars.gov.za]
Sent: Saturday, 27 June 2015 10:14
Subject: Your account has been credited with R3,167.14
efiling

Your account has been credited with R3,167.14

Please click below to accept and verify payment.

Accept Payment

During this process, there will be verifications. If you don’t receive codes on time, come back to finish verification when received

SARS eFiling

[ARTICLE BY DAVID WILES]

Email

Tags: , , ,
Posted in Security | Comments Off on Tax season = cyber scams

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.