%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20240927092327+00'00') /ModDate (D:20240927092327+00'00') /Title (Report 09-2024) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 4415 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 324.884 521.469 421.850 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 325.259 520.719 421.100 re S 0.773 0.773 0.773 rg 61.016 340.634 m 550.984 340.634 l 550.984 341.384 l 61.016 341.384 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(HOW DO I REPORT PHISHING?)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(May 10,2021)] TJ ET BT 156.578 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 171.086 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(You've received a suspicious email, what should you do with it? Firstly, don't click on any links. But just as important, send )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(it to us so we can prevent more staff and students falling prey to the scam. We encourage our customers to submit )] TJ ET BT 61.016 615.442 Td /F4 9.0 Tf [(potential phishing examples for review. Using these submissions, the Cyber Security Incident Response Team \(CSIRT\) )] TJ ET BT 61.016 604.453 Td /F4 9.0 Tf [(can learn from the analysis of these messages. This collectively helps to improve the level of virus and spam detection.)] TJ ET BT 61.016 584.464 Td /F1 9.0 Tf [(What is phishing?)] TJ ET BT 61.016 564.475 Td /F4 9.0 Tf [(Phishing attacks are designed to steal a person’s login and password details so that the cyber criminal can assume control )] TJ ET BT 61.016 553.486 Td /F4 9.0 Tf [(of the victim’s social network, email, and online bank accounts. Seventy percent of internet users choose the same )] TJ ET BT 61.016 542.497 Td /F4 9.0 Tf [(password for almost every web service they use. This is why phishing is so effective, as the criminal, by using the same )] TJ ET BT 61.016 531.508 Td /F4 9.0 Tf [(login details, can access multiple private accounts and manipulate them for their own good. )] TJ ET 0.373 0.169 0.255 rg BT 61.016 511.519 Td /F4 9.0 Tf [(More on how to recognise a phishing email. )] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 61.016 510.368 m 237.092 510.368 l S 0.200 0.200 0.200 rg BT 61.016 488.892 Td /F1 11.7 Tf [(REPORT PHISHING)] TJ ET 0.153 0.153 0.153 rg BT 61.016 468.244 Td /F1 9.0 Tf [(On the ICT Partner Portal:)] TJ ET 0.153 0.153 0.153 RG 85.866 451.071 m 85.866 451.483 85.696 451.893 85.404 452.185 c 85.113 452.476 84.703 452.646 84.291 452.646 c 83.878 452.646 83.469 452.476 83.177 452.185 c 82.885 451.893 82.716 451.483 82.716 451.071 c 82.716 450.659 82.885 450.249 83.177 449.957 c 83.469 449.666 83.878 449.496 84.291 449.496 c 84.703 449.496 85.113 449.666 85.404 449.957 c 85.696 450.249 85.866 450.659 85.866 451.071 c f BT 91.016 448.255 Td /F4 9.0 Tf [(Go to )] TJ ET 0.373 0.169 0.255 rg BT 115.532 448.255 Td /F4 9.0 Tf [(https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 115.532 447.104 m 412.649 447.104 l S 0.153 0.153 0.153 rg 0.153 0.153 0.153 RG 85.866 440.082 m 85.866 440.494 85.696 440.904 85.404 441.196 c 85.113 441.487 84.703 441.657 84.291 441.657 c 83.878 441.657 83.469 441.487 83.177 441.196 c 82.885 440.904 82.716 440.494 82.716 440.082 c 82.716 439.670 82.885 439.260 83.177 438.968 c 83.469 438.677 83.878 438.507 84.291 438.507 c 84.703 438.507 85.113 438.677 85.404 438.968 c 85.696 439.260 85.866 439.670 85.866 440.082 c f BT 91.016 437.266 Td /F4 9.0 Tf [(Fill in your information and add the email as an attachment. Your request will automatically be logged on the )] TJ ET BT 91.016 426.277 Td /F4 9.0 Tf [(system.?)] TJ ET BT 61.016 406.288 Td /F1 9.0 Tf [(*Spam or phishing examples must be sent in either.EML or .MSG format as an attachment and must not be )] TJ ET BT 61.016 395.299 Td /F1 9.0 Tf [(forwarded. This ensures the original email can be analysed with its full Internet message headers intact. )] TJ ET BT 61.016 384.310 Td /F4 9.0 Tf [(Alternatively, use the mail application to save the email \(usually located under File | Save As\) as an .EML or .MSG format )] TJ ET BT 61.016 373.321 Td /F4 9.0 Tf [(to a folder location, and attach the saved file to a new email.)] TJ ET 0.400 0.400 0.400 rg BT 61.016 354.832 Td /F2 9.0 Tf [(Posted in:Phishing,Security,Tips | Tagged:Malware,Phishing,Report Phishing,Report Spam,Spam | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 510.6862 237.0917 519.8437 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/en/2016/10/how-to-recognise-a-phishing-e-mail/) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 115.5317 447.4225 412.6487 456.5800 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115) >> endobj xref 0 16 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000305 00000 n 0000000334 00000 n 0000000472 00000 n 0000000561 00000 n 0000005028 00000 n 0000005140 00000 n 0000005255 00000 n 0000005375 00000 n 0000005483 00000 n 0000005610 00000 n 0000005734 00000 n 0000005862 00000 n trailer << /Size 16 /Root 1 0 R /Info 5 0 R >> startxref 5989 %%EOF phishing « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

phishing

« Older Entries
Newer Entries »

Phishing attempt from SUN email address

Monday, June 25th, 2018

If you receive an email with the subject “Mailbox” or “Urgent Alert !!” from a university account, do not respond to it or click on the link. This is not a legitimate email from Information Technology.

We have received reports that a suspicious email is being sent out from a university account informing users that their email has exceeded its storage limit and they have to click on a link to “avoid blockage or deactivation”(As shown in example)

If you follow the link and give your information, it will be used by phishing criminals to gain access to your personal information, including your bank details. If you did click on the link of this phishing email, immediately go to the www.sun.ac.za/useradm website and change the passwords on all your university accounts.

If you have any inquiries, please let us know by logging a request or calling our Service Desk at 808 4367. 

Email

Tags:
Posted in E-mail, phishing, Security | Comments Off on Phishing attempt from SUN email address

Phishing Scam about “Unexpected Mail Shutdown

Wednesday, June 6th, 2018

There is currently a bombardment of phishing emails arriving in university accounts about an “Unexpected Mail Shutdown”. The mail used alarmist threats about pending shutdowns and has all the signs of a phishing scam, including a website that is not on the university network.

This is a typical phishing scam and although it is being sent to university addresses, you should not react, respond or click on any links, as the phishers insert your email address in the link field and thus can identify your account as functional.

Below is the mail arriving in many university accounts:

 

If you have received this mail like this, please report is to the Information Technology Cybersecurity Team using the following method:

Send the spam/phishing mail to help@sun.ac.za and sysadm@sun.ac.za

Attach the phishing or suspicious mail on to the message if possible.
1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

[Information supplied by David Wiles]

Email

Tags: ,
Posted in phishing, Security | Comments Off on Phishing Scam about “Unexpected Mail Shutdown

Phishing mail using intimidation and threats

Friday, June 1st, 2018

There is no need to panic or be in anyway concerned for your personal safety about the latest batch of “phishing” emails that are going out with “death threats” or extortion regarding your “alleged” online activity around pornography sites etc.

A simple Google search using the following term “I Was Paid To Kill You scam” gave me 43 million results, all of the first 100 or so pages reporting this mail as a scam. A further search, narrowing the results down to only South Africa and only from last week, resulted in a little over 100 000 results, all of which were reporting as a hoax.

A similar scam first surfaced in the USA in 2006. An email from a would-be assassin was sent to a number of users from a Russian e-mail address. The “assassin” apparently appointed by a close acquaintance of his target, offers the victim the opportunity to buy him or herself a new lease on life by paying between $50,000 and $150,000.

If you receive mail like this, you should never panic. If you look at the extortion mail there are clues that reveal that the mail is a hoax:

  1. The subject line: “I Was Paid To Kill You”, “YOU SHOULD BE ASHAMED OF YOURSELF”, “YOUR PRIVACY HAS BEEN COMPROMISED”
    These are designed to cause anxiety, stress and panic.
  2. Time limits: “You have 48 Hours to pay…”
    How can the scammer know that you have received the mail and when you have read the mail and keep track of time to see if “48-hours” has passed?
  3. Engagement: “Contact me back via e-mail…”
    Never make contact with the scammers. This immediately alerts them that a “real person” read their mail and they will be able to concentrate their nefarious efforts on you.

If you ever receive emails like these, please report is to the Information Technology Cybersecurity Team using the following method:

Send the spam/phishing mail to help@sun.ac.za and sysadm@sun.ac.za.

Attach the phishing or suspicious mail on to the message if possible.
1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

[Article by David Wiles]

Email

Tags: ,
Posted in E-mail, Security | Comments Off on Phishing mail using intimidation and threats

Phishing scam disguised as the university’s single-sign on page

Wednesday, May 16th, 2018

Due to the vigilance of an observant personnel member from the US Business School, we have encountered a dangerous phishing scam being sent from a compromised UNISA account.

The Subject is “Dear SUN E-mail User © Copyright 2018 Stellenbosch University” which should immediately raise eyebrows. The phishing email “warns” you about the pending expiration of your e-mail account and prompts you to click on a link to reactivate it.

See below what the mail looks like:

The danger is that the phishing scammers have perfectly forged the university’s SINGLE SIGN-ON page, that is used by students an personnel to access the portal pages, the my.sun.ac.za page, SUNLearn etc., as you can see below. Not many people will notice that the address is not a university address, neither is it secure.

It is imperative that you do not click on the link in the mail, and do not provide the scammers with your username and password as they might be able to access the university’s systems that are accessible through the Single Sign-On page.

Last year scammers were able to forge the e-HR login page through a phishing scam and several staff members had their bank accounts details and other personal details exposed to the scammers.  In the light of the issues that Tygerberg staff have been having with general network access earlier this month, and this week’s issue with e-mail, the arrival of this sort of mail at this time can fool some people into thinking that it is legitimate and lead to compromised network and e-mail accounts.

Here’s how to report any phishing or spam mail:

Send the spam/phishing mail to help@sun.ac.za and sysadm@sun.ac.za.

Attach the phishing or suspicious mail on to the message if possible.
1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

[Information supplied by David Wiles]

Email

Tags: ,
Posted in E-mail, Security | Comments Off on Phishing scam disguised as the university’s single-sign on page

Phishing Scam with subject: “IT Helpdesk! Treat Very Urgently!”

Wednesday, April 25th, 2018

There is a rather pesky phishing e-mail making its rounds at the moment that you need to watch out for.

The Subject is “IT HelpDesk! Treat Very Urgently!”

The subject alone with its exclamation marks and every word capitalised should show that it is a phishing mail.

Below is an example of the mail:

Please do not respond or click on the links. Report it to the IT CyberSecurity reporting addresses.

Here’s how to report any phishing or spam mail:

Send the spam/phishing mail to help@sun.ac.za and sysadm@sun.ac.za.

Attach the phishing or suspicious mail on to the message if possible.
1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

Email

Tags:
Posted in E-mail, Security | Comments Off on Phishing Scam with subject: “IT Helpdesk! Treat Very Urgently!”

« Older Entries
Newer Entries »
 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.