%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R 17 0 R ] /Count 2 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> /XObject << /I1 12 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20240927023937+00'00') /ModDate (D:20240927023937+00'00') /Title (Report 09-2024) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 13 0 R 15 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 2477 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 78.332 521.469 668.402 re f 0.773 0.773 0.773 rg 0.773 0.773 0.773 RG 45.266 746.734 m 566.734 746.734 l 565.984 745.984 l 46.016 745.984 l f 566.734 746.734 m 566.734 78.332 l 565.984 78.332 l 565.984 745.984 l f 45.266 746.734 m 45.266 78.332 l 46.016 78.332 l 46.016 745.984 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(PHISHING WITH SUBJECT EMAIL EXPIRED)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(January 02,2018)] TJ ET BT 173.588 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 188.096 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(Several students and personnel have informed us of a )] TJ ET BT 279.131 637.420 Td /F2 9.0 Tf [(new)] TJ ET BT 301.631 637.420 Td /F4 9.0 Tf [( mail making its rounds on our campuses.)] TJ ET BT 61.016 617.431 Td /F4 9.0 Tf [(The sender is )] TJ ET BT 118.040 617.431 Td /F1 9.0 Tf [(Postmaster)] TJ ET BT 176.054 617.431 Td /F4 9.0 Tf [( with the subject of )] TJ ET BT 253.094 617.431 Td /F1 9.0 Tf [(Email Expired. )] TJ ET BT 326.624 617.431 Td /F4 9.0 Tf [(Thisphishing scam tells you that your e-mail account )] TJ ET BT 61.016 606.442 Td /F4 9.0 Tf [(will shortly expire and uses scare tactics to convince you to click on a link to activate your email.)] TJ ET BT 61.016 586.453 Td /F4 9.0 Tf [(Information Technology will never send you this type of email, ask you to click on a link or provide your username or )] TJ ET BT 61.016 575.464 Td /F4 9.0 Tf [(password. Do not respond to these emails or click on links.)] TJ ET q 210.750 0 0 375.000 61.016 189.266 cm /I1 Do Q BT 61.016 171.475 Td /F4 9.0 Tf [(If you have received mail that looks like this please immediately report it to the Information Technology Security Team )] TJ ET BT 61.016 160.486 Td /F4 9.0 Tf [(using the following method:)] TJ ET BT 61.016 140.497 Td /F4 9.0 Tf [(Send the spam/phishing mail to the following addresses)] TJ ET 0.373 0.169 0.255 rg BT 61.016 120.508 Td /F4 9.0 Tf [(help@sun.ac.za)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 61.016 119.357 m 128.183 119.357 l S 0.153 0.153 0.153 rg BT 128.183 120.508 Td /F4 9.0 Tf [(and)] TJ ET 0.373 0.169 0.255 rg BT 145.697 120.508 Td /F4 9.0 Tf [(sysadm@sun.ac.za.)] TJ ET 0.18 w 0 J [ ] 0 d 145.697 119.357 m 226.859 119.357 l S endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /XObject /Subtype /Image /Width 281 /Height 500 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 19231>> stream JFIF;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82 C    !'"#%%%),($+!$%$C   $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?ಖ'h"̭ь׭I6y 0O[)EiSȬ*F :ڷ57wi8v8bTjkX\-KAB>xuN:Q*v/Scyf_&CO6`m. )J@ {tIerQNŤF3}%ˀn:;f-sDf %2{=MF]z2 Lp U6Ã4 {ӖmLg?iR BӴM-SR"Eh\[9{S;hmv<aTzօ.c%27,z=uXaٮ㱹P,esiV${}ME B Z+rI'bv`}OfOY[ 7)Zh7;@~5֟=|>Ev:a|9v2\qk1 v]r;F1`8,FHRkh)ӄc<`V$Ficx8O-dqֽz5иȍ?6GzZ]\[J$8 :lRnE5E2D T`Ǣ99~naŌ+kZF=7%VJ0G-UmF<[ *QQSN>Ѵ+wQη pGN¡0|*u/D`;E)3AzQO¹5_Z8z%35$w3Cy*qV]yۼJ d8n˪YNΝ%T' s:eekod{T\w ]ʎ}kJW jaV%;EgM_[٭ܐ-P*JR P6̰ IQֽ׈lҡI.~hJ[?8 nK1O$ 4S)x@eu9mJ{/jiQR};s%®[qx VP[HmbTnU fl$+m{=D4>T}!٪4fe_Q~tbΧG4{ K\EGآk/e$WX/ΏV9={rآkQՎi9A(:>_Xɤ^]>_aΧaIw+:_SG`AڣQT{8vrآjD?Վh旳{Iw+/z>CQ~]>~t1Χj{ O6qg9ܯ(Qz7V)@ɣǰ{Iw+}/:>~uc(PaϹ_Q(?Xi{8rGkh=͔_~taάIKð{IwZ89v~B[t3B~ɺLZħv?磞s `Ixu-_AS|svp5jlB2J 1y9_~*49W#(Q8='qHbqGQ-8Q/F)8\QzN({qG?Fqg=7O W͙P9q^"w_h8Z ;pfpplc,Dc=㯇V:?nFд> IEx_K|Yl$]說Oν擊zJd_~~{J:T(+FH?<8kCΛiРy 88R3dGm|FHGqnoSx`+ռ+s_HujJ02>9_ݜܡ9kక#[񦕗>w<|G!^$7}v&W^~=_-/`[cގ(N`(u!xv--x/]XX T\z͵->׬kz~)gѭJlr] q%eil\ bOE36:v&|VWo5UX05瑏ǚfRLwW6噀EE^L Gjmcq% nՍR>6?,G"^okiw 4QnTFr'ڰMĚ֭(m.)ึKm&%<":jy>#]` ͟(@c+~ONg+t [A /NR7mDH 9Ѭ͔ii㾴c%~p2qpqI jεexa- QUa[Y~%6M6LM#Ggŋ~q K ;ϊ:Eme(K#١ø퍧#֒6M^~&-oȷf};*a {:uh6\4Ȱ;'$v?mJ:67At44e Zu,Ɍ#̕GSQҴPhkH zuVÛ_wݵv{u4QBaw`|=#F[n($?ځKhiȨn#8TlF]X-\ ]I<8H>~ kXjBi$yaDmȱ9P4s/+H s}ᡑdO)+:)hZū]Zڴ/hLgzw"tshrv..:c\^b4&{`ec߼sqW },r#F*);IRwUKۦmmiwr4m8C-%sڶ.xn4} #fL9s@t_.UՅW͕'F ;©cVχ~ k$ m&Ѯwu(SԨ,ڟƅ9a^k|ӫ[A ~]Ҵ4 iUW N3!}vrws@ -QEQEQEQEQE֮OOomo Eq4JdI1<]iFb$Ev ߨv=vKFx/a 8O^ijx V'%xI07  :(!eYsaG54HeYq+БPk nUOktFə`ͿQ[66H0.K9}wzg+@ PEPk>5FFqq~ ף'4=ǁ)c"Z55 Lӑt;'~X\+n95Zeq-4sDJ7Q{*v}yQ|4 _TMC[`ʉ63I'&'zs-V p~sp8EMo xJ1бIV!4XlᶅBP;1TuzVI79sI13cuL.?\LD +;nTIyNxa^y6xxGILޤ"-^ve\l-q@j(5};OR۱P7n-QJ'݊姿W#<%OL5mSn9[بTvwf\4ڍN#BXSWn.v٨$@' rItfݏi2 ;/HSt}Ӛ nRle]/~ysEA Z ёU䴱x3:!"1իϴ_ZOȷ{[>5HF{VS jΊxբ>j][a.~_"1J/!5ju*LET5!V\rg8_ @kYeGF 8Y04i`#VĨK/UJelu($xns+M(!?n[8_ʁ@t-kъ])v8BcZʅvzJ.1ZxFToDTU(\Ap'LPJ+g5eth^&n;Fi`cZPx^`tB21U`-mf%_=8@,{#I[qACz۵[( 8(((*Ҧ|g\8/ yOeXӓ1r봱'5!,6g[b#o89ǵt0閐,(T7ֈX"X4V 7ր93m ɦ No&O`s*džRc 8G M^Mtio Hy@&VbH;OL:=]BNĶ&G*=xkaU,`ssDz qvwdM6GZ7v1ȂkŸZp2. 񸃁ڶdq=te0!G_Z4Q.jŝ=p;t+Vr!~*{DGi:n,"K^ $R@x ٭ [SЭ.; 6A#;q[UFCG*T'v;`I0)QEQEQEQEQEQEQE&h'ݣOyIGݠϽRyi<.h'ݣOyIG>Zv)=(sFi<Zv>fOhsF}<Zv>gIh?JO-?GݠҌyi<.hϽ'ݣOyi<.~fO姥.~fOJ<ҏ-?@ 7})<ZtP:\ĉM̗ }Z YLyC2ns@fG&,:ƚq []FDvln j5AK]¤mC(d' @(ыauj%j54|$ADM##y!b5:\5*O"L_%G5fY:ߴK+B9rhXpx6;uⅹ85I}rG[k`k ;1J+:jH5y3k_5_ 7Z]^@T1ޗcX)ҹA\z߰ʀNӪ]+#P(((((((('(XG$dcTGFlZUFn;('tT>4z2*e01M:lrqZԔ$@tWEO9\2Nt(ҵ*Q2ڝEjQOL=L#S*LQ[ ETQEQEQEQEQEQEQEQEKQ֬4Kہ ] '|:6KX|ƈØЫ cim%ȫ#DI~u8aV>_5:~զt@$i?6RG!iHݞz*#]n K-CREnypۣO@(0$H=)jL=|)tIl5JC@9\fg.1_O.ʳLcy#PB1sМKD 1S >xF{hH\r;u}+g%G4VXem)99j* gciҘ248 :(ԼwUN)x.l\o=c_X<2xB =PSY-N9Q.cmص:8ր=0 px'Ґ {W]WP(G<{Ar ̨lmǯ~o kڄem⻏W?wIx=I ph%'K4]zNPF!H?{^]VӚ k=F`ӆ`c#5t ,i[jZ|K ; 6ߐRPʡcRrp8?wZ'M4 "x'rxT; ,dJw1GE\ҴMj-jy.+ˇ=A8'۵w%L _4^[pRRK^VK=zo4+iַT!_Vkw3Y7 HGZԭ-6Z3(p5c0|OyynJ5+\Be|QQG\5i fխO 2sRA䁌=V$Qd4q 6*<_OUy-#Kb2Kϛzs5FzZ*8ǚ&]cN[#Ӵhfp|TA]*9kEn"$2&W jZZt7VVEF \{aϵTf, ,?$[d褄/n(Я[-253m\K@$zzxJkֺYa_+w󲬌Qb>gۑvI&b(Oa^x'[m;TK8//c{"vqd4nՔ|AaZY$F)vEu5x{RB?O+Y2ɐȾwǹy|#qk*P t-f/DW~x$`&=Q<)( 0 D0)QEQEQEv-i\\jr@H+ZLj[Kv+.dYԕu(XEi#Kk! 8H֩i7u=7O FYA1rq#T8#Skrs XfF@V1 FҞKe 3>- tuAZK>U 3k\w5$2:nU soX.m-M=&Vܸ#QI^mR;58dR $^8ޏ #Uw( *4j~',#.䍦lWqbI ~uN=ú*'un6a<92O@]#S Ӟ;pq<7(d\p).zb/RGl3,~xbGMꄞww*[9/][-$:rqTWo~&S"C5\/\E\gzTs_ֲekͧ\[%՜r 2"?@{Pmkz~"}6nJloǯs.g,pm. ǷT|={hyL0e'~|Im~POJelq@mtvGz["AuLs{w.;R}>m', &ϏVY}f;[m7zu֬jw21Y8XH #M(e;Qya2p x6Zrpi7`FWOrx8͔ v%fq[ W#6w7pۣPXe'>sO|4PAir-ĦPV\WnդIh/Ċ#XH#kܷ,z/!Y#L|RU>ԭ )", EQy`NOjݟ:2Cԭ٦@㼂@Ig*0fRHV&8ث>Gn9Y6ml4Y3S!`eEV\9\9\#)9NA ԭDhxˆ8R=rF+U[uqU֏K=i$, d6JA QEQF(l,x@s@9Rf@ E5oґe H@4f(-<ӖP*A)3Fhh4-I❻ڀMfL.Gجqf%sEQEQEQEQEQEQEQEC86nT<1:WMH@=@8($׮tuI$k]Ec1B$.D{H_Wڴ,GɬXZIq7q9˒G}:Qzʀs^}L1"1^4t'F3 jpB$܌ :žͨēބQpC ]֍hzlZuld" V$&_APĉ%6ܡ# <]}ź\kga:̙@붏APT~TK&^*ֵ "8t@ d`5aMQl RHXZj7#+Nqr1ֽohPGEy-%ў" 8rz|ME'5vX-m-]ć&Em%H qפ`z 6(.|Qˠ_.HL,˰ cA |Wpj5ZMTI`3t95TH˴r1Ҁ8_x]ԯZWQAMoRO167@7w0Ş#{O6=d5^ׯ鎵Ol4Kh]Y"!F}@:(y6-%̍LC)8- 8'#V.J{gsihP8=3z#ʑqG@c4^rOvpH`PmR2c{cJ ( ( ( ( ( ( ( 3Ebx^v CP/wgs@Y&syVy;)%lq~ hdoO<㙄D Q\:IɶJ(>K˪865 HfۍsTYh[8#W4^,c/,ㅶv?8=}*hw:?zljJ2/ǸWQıͰe|q子{h+6Ϊ8Nr3B5sV,|WjbF2ʐa':r[nɛTV~/ӞO$BZHM軈ӧ?JxN)b4[sYq֏g.(?ĶZ&'i\mnbg{;3[Gŝ?tRZ2%-QQX* Q<ۋY²41$ zONQsv$0BX*MDZ;O_ttW,ͬ:p[Iaw sZw~6i异"WH#y>s@ {xcYP 993WI՗Ζy4qQl7M"yBG0Əމy5*Mk s,D]~#tV;Sҧc\DcR$O\`+n[HC@BN6%CRrQ|L&d zѤۚVeem-Y gP,`+v7/@iku+$0Am@OtTQtM5#=-%4Cuj7sDwCKl'B0r8v:!I]]%- ' y dңauwtV)b.Y 36F7z62+9 <e2Nsp_!BI_9έ:[(h [lj9 1v. eym qp= %ƇEjm .m($h<;WWE`Z'K%ٜ̌͡94,N\3o0 zֺ(_O[? U;\[Q҆{i-_]ʜs<#:(V p4m*4r2.rxRy#oQ@Rx3IIex][becMxxǥ4x#Gd-d&V?0B9<Οh@m!*#mȠSKkcx/7% L֥^!"O94v$G 󤅟!eN8푑+I/-6uX_pIO4YKR˵eM˷|npqjoYL-?ahlC8rqʲ3ȠW7G9(Xg#Si^$xK[`uhʣ#Ú &[&)rH8+`Ӆ<.\ a$3S@%AKDTwҗvc~R|zfE-y`bi>9yy\g!v; {?j[3#FO<rz<}xEI]S,, ֚sKt?˸Igٞ9 Gϻ#oB0_`2(QEQEQEQEQEQEQEQEQEQEQEQEQE~imQZ*÷!`q3Z[8 ^2Hh YmNP#HƯi8rt6O^ڈ.|h.p\L#s 0 Z-ŷabx b!/lVu_PN-i Ph݁*dg P1СBjP*$,pcMƺ Jڔxr2Ocn3ZFcbVV6y~\T^b +vo.aʑ]=NH9@%vlJ9 gHSǾ[Xaw`Rboʲ Cm*c̅ d`ƥӼsc} Lk1a!eT} sZA֖ ( ( ( ( ( ( ( ( ( ( ( ( ( .3.kbeUx|ݍ8߬gH]b+xybXgIL|O9@#Ƃoojf޵1.򝈀s){HnͲX{vB[G>܂{q0ZGuzd1y9#9;`c4_ePK ^Sq۱ znx:\TdI𣓌9}r'| J19+mZIRFߺTf!je_hc$ƞx'1֭[=gd$2Bw )BTޮ@}-Szx9' 9WA@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@z/G=QMtfOESy违_΀E7fOESy违_΀E32z/K=QM̞ES>E̞:Oz/@=2z/@Es't)_Ό违>f_:?y违>g=~:?y违>g=t)_Ό违>g=t( ( (5Q+uK }ztn@sK@Q@Q@Q@Q@66q<#e\l:XНN~@xK@Q@Q@Q@RUiu HPF^@rx;->EPEPGEQEQE2W_^.鈗tp8yE4{@VN7Cp>v\S(((4P^%BZn?\ׄ;k̆S2O&wN:r3ސ-sVڰ)`:}~Sv)QEQEQER0▊|SOV$#UV?U6<Ɂ`T(z4->}E<̊Y@QEQES/_\yG.缿٠??e4}{}A/_\yG.缿٠??e4}{}A/_\Ŀ٣w?oƟ?Ə??~eOiZAwrϟ*GLuTs?f?P44liik?_˟/hcOOGƟ?ƿ/s=lf?P?44e5z7]Emʨ@Ɵ?Ə??~_q}>s=~liih/.缿٣?_Ɵ?ƗcOO_lf\y@??45 !bJ^?M44liikъ+,Alf?P?44e4}{}A/_\yG.缿٠??/Ɵ?ƿ/s=lf?P44liik?_˟/h{яz81F=(ǽ8cގ($?2TBʻ]{j=CJ~2EbpB?Ҽ nh1Դ{xwVd2OC9 kF᧝+P8gp#5?Xi=ʼn[awފYTa>^r> endobj 14 0 obj << /Type /Action /S /URI /URI (mailto:help@sun.ac.za) >> endobj 15 0 obj << /Type /Annot /Subtype /Link /A 16 0 R /Border [0 0 0] /H /I /Rect [ 145.6967 119.6752 226.8587 128.8327 ] >> endobj 16 0 obj << /Type /Action /S /URI /URI (mailto:sysadm@sun.ac.za) >> endobj 17 0 obj << /Type /Page /Parent 3 0 R /Annots [ 19 0 R 21 0 R 23 0 R 25 0 R 27 0 R ] /Contents 18 0 R >> endobj 18 0 obj << /Length 3908 >> stream 0.373 0.169 0.255 rg 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 430.954 521.469 327.030 re f 0.773 0.773 0.773 rg 0.773 0.773 0.773 RG 45.266 430.954 m 566.734 430.954 l 565.984 431.704 l 46.016 431.704 l f 566.734 757.984 m 566.734 430.954 l 565.984 431.704 l 565.984 757.984 l f 45.266 757.984 m 45.266 430.954 l 46.016 431.704 l 46.016 757.984 l f 61.016 446.704 m 550.984 446.704 l 550.984 447.454 l 61.016 447.454 l f 0.153 0.153 0.153 rg BT 61.016 740.193 Td /F4 9.0 Tf [(Attach the phishing or suspicious mail on to the message if possible. There is a good tutorial on how to do this at the )] TJ ET BT 61.016 729.204 Td /F4 9.0 Tf [(following link \(Which is safe\) : )] TJ ET 0.373 0.169 0.255 rg BT 181.544 729.204 Td /F4 9.0 Tf [(http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Spam%20sysadmin%20Eng.aspx)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 181.544 728.053 m 549.707 728.053 l S 0.153 0.153 0.153 rg BT 78.360 709.231 Td /F4 9.0 Tf [(1.)] TJ ET BT 91.016 709.215 Td /F4 9.0 Tf [(Start up a new mail addressed to )] TJ ET 0.373 0.169 0.255 rg BT 225.080 709.215 Td /F4 9.0 Tf [(sysadm@sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 225.080 708.064 m 303.740 708.064 l S 0.153 0.153 0.153 rg BT 303.740 709.215 Td /F4 9.0 Tf [( \(CC: )] TJ ET 0.373 0.169 0.255 rg BT 327.239 709.215 Td /F4 9.0 Tf [(help@sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 327.239 708.064 m 391.904 708.064 l S 0.153 0.153 0.153 rg BT 391.904 709.215 Td /F4 9.0 Tf [(\))] TJ ET BT 78.360 698.242 Td /F4 9.0 Tf [(2.)] TJ ET BT 91.016 698.226 Td /F4 9.0 Tf [(Use the Title SPAM \(without quotes\) in the Subject.)] TJ ET BT 78.360 687.253 Td /F4 9.0 Tf [(3.)] TJ ET BT 91.016 687.237 Td /F4 9.0 Tf [(With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail )] TJ ET BT 91.016 676.248 Td /F4 9.0 Tf [(Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the )] TJ ET BT 91.016 665.259 Td /F4 9.0 Tf [(attachments section of the New Mail.)] TJ ET BT 78.360 654.286 Td /F4 9.0 Tf [(4.)] TJ ET BT 91.016 654.270 Td /F4 9.0 Tf [(Send the mail.)] TJ ET BT 61.016 634.281 Td /F4 9.0 Tf [(IF YOU HAVE FALLEN FOR THE SCAM:)] TJ ET BT 61.016 614.292 Td /F4 9.0 Tf [(If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and )] TJ ET BT 61.016 603.303 Td /F4 9.0 Tf [(password you should immediately go to )] TJ ET 0.373 0.169 0.255 rg BT 221.081 603.303 Td /F4 9.0 Tf [(http://www.sun.ac.za/useradm)] TJ ET 0.18 w 0 J [ ] 0 d 221.081 602.152 m 341.627 602.152 l S 0.153 0.153 0.153 rg BT 341.627 603.303 Td /F4 9.0 Tf [( and change the passwords on ALL your university )] TJ ET BT 61.016 592.314 Td /F4 9.0 Tf [(accounts \(making sure the new password is completely different, and is a strong password that will not be easily )] TJ ET BT 61.016 581.325 Td /F4 9.0 Tf [(guessed.\) as well as changing the passwords on your social media and private e-mail accounts \(especially if you use the )] TJ ET BT 61.016 570.336 Td /F4 9.0 Tf [(same passwords on these accounts.\))] TJ ET BT 61.016 550.347 Td /F4 9.0 Tf [(IT has set up a website page with useful information on how to report and combat phishing and spam. The address is:)] TJ ET 0.373 0.169 0.255 rg BT 61.016 539.358 Td /F4 9.0 Tf [(http://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 538.207 m 357.647 538.207 l S 0.153 0.153 0.153 rg BT 61.016 519.369 Td /F4 9.0 Tf [()] TJ ET BT 458.968 499.380 Td /F4 9.0 Tf [([Article by David Wiles])] TJ ET BT 61.016 479.391 Td /F4 9.0 Tf [()] TJ ET 0.400 0.400 0.400 rg BT 61.016 460.902 Td /F2 9.0 Tf [(Posted in:Security | Tagged:Phishing,Report Phishing | With 0 comments)] TJ ET endstream endobj 19 0 obj << /Type /Annot /Subtype /Link /A 20 0 R /Border [0 0 0] /H /I /Rect [ 181.5437 728.3716 549.7067 737.5291 ] >> endobj 20 0 obj << /Type /Action /S /URI /URI (http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki Pages/Spam sysadmin Eng.aspx) >> endobj 21 0 obj << /Type /Annot /Subtype /Link /A 22 0 R /Border [0 0 0] /H /I /Rect [ 225.0797 708.3826 303.7397 717.5401 ] >> endobj 22 0 obj << /Type /Action /S /URI /URI (mailto:sysadm@sun.ac.za) >> endobj 23 0 obj << /Type /Annot /Subtype /Link /A 24 0 R /Border [0 0 0] /H /I /Rect [ 327.2387 708.3826 391.9037 717.5401 ] >> endobj 24 0 obj << /Type /Action /S /URI /URI (mailto:help@sun.ac.za) >> endobj 25 0 obj << /Type /Annot /Subtype /Link /A 26 0 R /Border [0 0 0] /H /I /Rect [ 221.0807 602.4706 341.6267 611.6281 ] >> endobj 26 0 obj << /Type /Action /S /URI /URI (http://www.sun.ac.za/useradm) >> endobj 27 0 obj << /Type /Annot /Subtype /Link /A 28 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 538.5256 357.6467 547.6831 ] >> endobj 28 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/) >> endobj xref 0 29 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000339 00000 n 0000000376 00000 n 0000000514 00000 n 0000000603 00000 n 0000003132 00000 n 0000003244 00000 n 0000003359 00000 n 0000003479 00000 n 0000003587 00000 n 0000022987 00000 n 0000023114 00000 n 0000023187 00000 n 0000023315 00000 n 0000023390 00000 n 0000023502 00000 n 0000027463 00000 n 0000027591 00000 n 0000027722 00000 n 0000027850 00000 n 0000027925 00000 n 0000028053 00000 n 0000028126 00000 n 0000028254 00000 n 0000028334 00000 n 0000028461 00000 n trailer << /Size 29 /Root 1 0 R /Info 5 0 R >> startxref 28586 %%EOF report phishing « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

report phishing

« Older Entries

How do I report phishing?

Tuesday, October 5th, 2021

You’ve received a suspicious email, what should you do with it? Firstly, don’t click on any links. But just as important, send it to us so we can prevent more staff and students falling prey to the scam. We encourage our customers to submit potential phishing examples for review. Using these submissions, the Cyber Security Incident Response Team (CSIRT) can learn from the analysis of these messages. This collectively helps to improve the level of virus and spam detection.

What is phishing?

Phishing attacks are designed to steal a person’s login and password details so that the cyber criminal can assume control of the victim’s social network, email, and online bank accounts. Seventy percent of internet users choose the same password for almost every web service they use. This is why phishing is so effective, as the criminal, by using the same login details, can access multiple private accounts and manipulate them for their own good. 

More on how to recognise a phishing email. 

Report phishing

On the ICT Partner Portal:

*Spam or phishing examples must be sent in either.EML or .MSG format as an attachment and must not be forwarded. This ensures the original email can be analysed with its full Internet message headers intact. Alternatively, use the mail application to save the email (usually located under File | Save As) as an .EML or .MSG format to a folder location, and attach the saved file to a new email.

Email

Tags: , , , ,
Posted in phishing, Security, Tips | Comments Off on How do I report phishing?

How to avoid phishing scams

Friday, May 24th, 2019

We are often asked by staff and students what they can do to stop phishing scams, and what software they should install to prevent them from becoming victims. In some cases students have asked us to fix their computers and to install software to block phishing scams.

Of course that request is impossible to fulfil. Phishing scams are like the common cold. Just like you cannot prevent the common cold, you can only adopt a lifestyle, and take precautionary measures to reduce your risk of infection. They will always be there and will always adapt and change. As long as there are people who are uninformed or careless who fall for these scams, phishing attacks will continue.

The best way to reduce your risk is to report all suspected phishing scams on ICT Partner Portal. (Full details at the end of this post). Here are some basic rules to help you to identify phishing scams:

  • Use common sense
    Never click on links, download files or open attachments in email or social media, even if it appears to be from a known, trusted source.
  • Watch out for shortened links
    Pay particularly close attention to shortened links. Always place your mouse over a web link in an email (known as “hovering”) to see if you’re being sent to the right website.
  • Does the email look suspicious?
    Read it again. Many phishing emails are obvious and will have implausible and generally suspicious content.
  • Be wary of threats and urgent deadlines
    Threats and urgency, especially coming from what claims to be a legitimate company, are a giveaway sign of phishing. Ignore the scare tactics and rather contact the company via phone.
  • Browse securely with HTTPS
    Always, where possible, use a secure website, indicated by https:// and a security “lock” icon in the browser’s address bar, to browse.
  • Never use public, unsecured Wi-Fi, including Maties Wi-Fi, for banking, shopping or entering personal information online
    Convenience should never be more important than safety.

If you do receive a phishing e-mail, please report it as soon as possible. Once you have reported the spam or phishing mail, you can delete it immediately.

You can report this on IT’s request logging system, the ICT Partner Portal.

  • Go to the ICT Partner Portal.
  • Fill in your information and add the email as an attachment. Your request will automatically be logged on the system and the appropriate measures will be taken by the system administrators to protect the rest of campus.

[ARTICLE BY DAVID WILES]

Email

Tags: , ,
Posted in phishing, Security, Tips | Comments Off on How to avoid phishing scams

Phishing scams requesting quotes and notification about “new message”

Wednesday, November 21st, 2018

Phishing attacks on the university continue with this week’s “flavour” being a return of the old “Request For Quotation” scam. With this scam you might receive an email from a large corporation arrives asking for you to provide a quotation, with an attached PDF that you are asked to fill in and send back to the sender.

Why would an academic department secretary be getting an RFQ to supply industrial supplies like sewage pumps? Scammers often only want to steal information from their victims, and in the case of the Faculty of Health Sciences, the scam RFQ could change to supply something like medical supplies or equipment.

Remember the email may look very convincing, with known company letterheads, VAT certificates etc.

It is important not to respond to the sender or to open up the attachment. Often scammers just need a response so they can identify “live bait” and fine-tune their attack to a particular person.

Another phishing scam that appears to be coming back uses attention-getting subjects like “You have a new message” or “We’ve resolved your dispute” or “SARS refund pending” designed to get your attention. This particular one uses forged “Citibank” branding and informs you that a dispute has been resolved and you will be paid some money, but you are asked to open up a “document” to see the disputed transaction.

The danger is in the document which will be download if you click on the link. In this particular case, it is a document with embedded macros that will install malware on your computer to steal personal information. Normally macros in Microsoft Word are disabled by default, but if you have enabled them for legitimate reasons then there would be a danger to your computer if you attempt to open the attached document.

These phishing scams are sent out to many university email addresses at the same time, so you are not personally being targeted by the phishers. These attacks will continue in various forms, because there are still individuals who fall for these scams, making phishing attacks very profitable.

If you do receive mail like this then please report it to IT Cyber Security. Once you have reported the spam or phishing mail, you can delete it immediately. You can do this in two ways:

  1. By reporting it on the ICT Partner Portal. Go to https://servicedesk.sun.ac.za and select “Report phishing, spam and malware” right at the bottom of the list. Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.
  2. By sending an email
    – Start up a new mail addressed to csirt@sun.ac.za. 
    – Use the Title “SPAM” (without quotes) in the Subject.
    – With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the – New Mail.
    – Send the mail.

[Article by David Wiles]

Email

Tags: ,
Posted in phishing, Security | Comments Off on Phishing scams requesting quotes and notification about “new message”

Warning: Phishing scam exploiting ABSA new logo

Tuesday, July 17th, 2018

Many of you use ABSA as your bank of choice, as well as making use of ABSA Bank’s Internet Banking facilities, so this warning might be of particular significance.

Earlier this month ABSA announced a new logo – part of its rebranding campaign – and almost immediately phishing scammers exploited this opportunity to continue their nefarious campaign of identity theft through phishing email attacks.

Several users have reported getting the following email – allegedly from ABSA – taking advantage of the new logo to target the bank’s customers in a phishing email scam by attempting to trick users to click on a link to take them to a fake website.

The scam email states that it comes from Absa CEO Maria Ramos, but it’s actually from an outside source and informs victims that “today marks a very significant day in the Absa journey”. The email uses Absa’s slogan, saying “We are also launching a new, fresh and vibrant Absa logo and identity that reflects our commitment to you, our customers”. Potential victims are then encouraged to click on their “New Absa eStatements” in PDF format. This is not a statement, but an HTML file which takes users to a phishing website.

Here is one example of the phishing e-mail which has already appeared in several University email accounts, as well as personal home email accounts:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

As always, you should never respond to a suspicious looking email or message or click on a link in any suspicious looking email. Rather delete the email. No South African bank will ever contact customers and request sensitive information (card PIN, card CVV or online banking password) via email, telephone or SMS.

If you have received a phishing email, immediately report it to the Information Technology CyberSecurity Team using the following method:
 
1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

IF YOU HAVE FALLEN FOR THE SCAM:
If you did click on the link of a phishing spam and unwittingly gave the scammers your username, email address and password  immediately go to http://www.sun.ac.za/useradm and change the passwords on ALL your university accounts (making sure the new password is completely different and is a strong password that will not be easily guessed.), as well as changing the passwords on your social media and private email accounts (especially if you use the same passwords on these accounts.)
 
Useful information on how to report and combat phishing and spam can also be found on our blog

[ARTICLE BY DAVID WILES]

Email

Tags: , , ,
Posted in E-mail, phishing, Security | Comments Off on Warning: Phishing scam exploiting ABSA new logo

Phishing Scam about “Unexpected Mail Shutdown

Wednesday, June 6th, 2018

There is currently a bombardment of phishing emails arriving in university accounts about an “Unexpected Mail Shutdown”. The mail used alarmist threats about pending shutdowns and has all the signs of a phishing scam, including a website that is not on the university network.

This is a typical phishing scam and although it is being sent to university addresses, you should not react, respond or click on any links, as the phishers insert your email address in the link field and thus can identify your account as functional.

Below is the mail arriving in many university accounts:

 

If you have received this mail like this, please report is to the Information Technology Cybersecurity Team using the following method:

Send the spam/phishing mail to help@sun.ac.za and sysadm@sun.ac.za

Attach the phishing or suspicious mail on to the message if possible.
1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

[Information supplied by David Wiles]

Email

Tags: ,
Posted in phishing, Security | Comments Off on Phishing Scam about “Unexpected Mail Shutdown

« Older Entries
 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.