%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> /XObject << /I1 12 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20240518043600+00'00') /ModDate (D:20240518043600+00'00') /Title (IT-artikels) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Length 9572 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 61.981 521.469 684.753 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 62.356 520.719 684.003 re S 0.773 0.773 0.773 rg 61.016 617.359 m 550.984 617.359 l 550.984 618.109 l 61.016 618.109 l f 1.000 1.000 1.000 rg BT 278.868 698.693 Td /F1 10.5 Tf [(POST LIST)] TJ ET 0.200 0.200 0.200 rg BT 212.789 670.111 Td /F1 14.4 Tf [(INFORMASIETEGNOLOGIE)] TJ ET BT 221.824 643.466 Td /F1 11.7 Tf [(INFORMATION TECHNOLOGY)] TJ ET BT 61.016 583.841 Td /F1 14.4 Tf [(BEWARE OF SIM CARD SWAP FRAUD)] TJ ET 0.400 0.400 0.400 rg BT 61.016 564.033 Td /F3 9.0 Tf [()] TJ ET BT 61.016 544.044 Td /F3 9.0 Tf [(Although it is a known scam, when it hits one of your colleagues, it makes you aware that there are very real dangers out )] TJ ET BT 61.016 533.055 Td /F3 9.0 Tf [(there. A SIM card swap fraud occurs when criminals obtain and utilise a replacement SIM card to acquire security )] TJ ET BT 61.016 522.066 Td /F3 9.0 Tf [(messages and one-time passwords \(OTP\) sent to you by the bank. Using the OTP, criminals are able to change, add )] TJ ET BT 61.016 511.077 Td /F3 9.0 Tf [(beneficiaries and transfer money out of your account using your personal information that they would have obtained )] TJ ET BT 61.016 500.088 Td /F3 9.0 Tf [(through phishing. One of our colleagues lost R20 000 over the holidays and asked us to warn other staff as well:)] TJ ET BT 61.016 480.099 Td /F4 9.0 Tf [(How does a SIM swap scam work?)] TJ ET 0.400 0.400 0.400 RG 85.866 462.926 m 85.866 463.339 85.696 463.748 85.404 464.040 c 85.113 464.332 84.703 464.501 84.291 464.501 c 83.878 464.501 83.469 464.332 83.177 464.040 c 82.885 463.748 82.716 463.339 82.716 462.926 c 82.716 462.514 82.885 462.104 83.177 461.813 c 83.469 461.521 83.878 461.351 84.291 461.351 c 84.703 461.351 85.113 461.521 85.404 461.813 c 85.696 462.104 85.866 462.514 85.866 462.926 c f BT 91.016 460.110 Td /F3 9.0 Tf [(The SIM swap takes place after the fraudsters have received a your bank logon details as a result of the you )] TJ ET BT 91.016 449.121 Td /F3 9.0 Tf [(responding to, for example, a Phishing e-mail. \(this is why phishing e-mails are so dangerous and you should )] TJ ET BT 91.016 438.132 Td /F3 9.0 Tf [(never ever respond or click on links contained in these phishing e-mails.\))] TJ ET 85.866 429.959 m 85.866 430.372 85.696 430.781 85.404 431.073 c 85.113 431.365 84.703 431.534 84.291 431.534 c 83.878 431.534 83.469 431.365 83.177 431.073 c 82.885 430.781 82.716 430.372 82.716 429.959 c 82.716 429.547 82.885 429.137 83.177 428.846 c 83.469 428.554 83.878 428.384 84.291 428.384 c 84.703 428.384 85.113 428.554 85.404 428.846 c 85.696 429.137 85.866 429.547 85.866 429.959 c f BT 91.016 427.143 Td /F3 9.0 Tf [(Once the fraudsters have the your cell phone number and other personal information, the fraudster can pose as )] TJ ET BT 91.016 416.154 Td /F3 9.0 Tf [(you, requesting a new SIM card from a cellular service provider.)] TJ ET 85.866 407.981 m 85.866 408.394 85.696 408.803 85.404 409.095 c 85.113 409.387 84.703 409.556 84.291 409.556 c 83.878 409.556 83.469 409.387 83.177 409.095 c 82.885 408.803 82.716 408.394 82.716 407.981 c 82.716 407.569 82.885 407.159 83.177 406.868 c 83.469 406.576 83.878 406.406 84.291 406.406 c 84.703 406.406 85.113 406.576 85.404 406.868 c 85.696 407.159 85.866 407.569 85.866 407.981 c f BT 91.016 405.165 Td /F3 9.0 Tf [(The cellular service provider transfers the your SIM card identity to the new SIM card, cancelling your old SIM card )] TJ ET BT 91.016 394.176 Td /F3 9.0 Tf [(in the process.)] TJ ET 85.866 386.003 m 85.866 386.416 85.696 386.825 85.404 387.117 c 85.113 387.409 84.703 387.578 84.291 387.578 c 83.878 387.578 83.469 387.409 83.177 387.117 c 82.885 386.825 82.716 386.416 82.716 386.003 c 82.716 385.591 82.885 385.181 83.177 384.890 c 83.469 384.598 83.878 384.428 84.291 384.428 c 84.703 384.428 85.113 384.598 85.404 384.890 c 85.696 385.181 85.866 385.591 85.866 386.003 c f BT 91.016 383.187 Td /F3 9.0 Tf [(The result is that there is no signal on the old SIM card, which means the you cannot receive / make phone calls or )] TJ ET BT 91.016 372.198 Td /F3 9.0 Tf [(send SMS messages. \(This ought to be the first sign of something wrong, so if you get SIMCARD INVALID error )] TJ ET BT 91.016 361.209 Td /F3 9.0 Tf [(on your cell phone\))] TJ ET 85.866 353.036 m 85.866 353.449 85.696 353.858 85.404 354.150 c 85.113 354.442 84.703 354.611 84.291 354.611 c 83.878 354.611 83.469 354.442 83.177 354.150 c 82.885 353.858 82.716 353.449 82.716 353.036 c 82.716 352.624 82.885 352.214 83.177 351.923 c 83.469 351.631 83.878 351.461 84.291 351.461 c 84.703 351.461 85.113 351.631 85.404 351.923 c 85.696 352.214 85.866 352.624 85.866 353.036 c f BT 91.016 350.220 Td /F3 9.0 Tf [(The SMS authorisation reference number, which is normally sent to the client, reaches the fraudster instead of )] TJ ET BT 91.016 339.231 Td /F3 9.0 Tf [(you, the legitimate owner, and the fraudster is able to make once-off payments and create beneficiaries fraudulently)] TJ ET BT 61.016 319.242 Td /F4 9.0 Tf [(What should I do if I suspect an unlawful SIM swap?)] TJ ET 85.866 302.069 m 85.866 302.482 85.696 302.891 85.404 303.183 c 85.113 303.475 84.703 303.644 84.291 303.644 c 83.878 303.644 83.469 303.475 83.177 303.183 c 82.885 302.891 82.716 302.482 82.716 302.069 c 82.716 301.657 82.885 301.247 83.177 300.956 c 83.469 300.664 83.878 300.494 84.291 300.494 c 84.703 300.494 85.113 300.664 85.404 300.956 c 85.696 301.247 85.866 301.657 85.866 302.069 c f BT 91.016 299.253 Td /F3 9.0 Tf [(If you fall prey to an unlawful SIM swap, or suspect that you have, contact your cellular service provider for )] TJ ET BT 91.016 288.264 Td /F3 9.0 Tf [(assistance.)] TJ ET 85.866 280.091 m 85.866 280.504 85.696 280.913 85.404 281.205 c 85.113 281.497 84.703 281.666 84.291 281.666 c 83.878 281.666 83.469 281.497 83.177 281.205 c 82.885 280.913 82.716 280.504 82.716 280.091 c 82.716 279.679 82.885 279.269 83.177 278.978 c 83.469 278.686 83.878 278.516 84.291 278.516 c 84.703 278.516 85.113 278.686 85.404 278.978 c 85.696 279.269 85.866 279.679 85.866 280.091 c f BT 91.016 277.275 Td /F3 9.0 Tf [(Also contact the internet banking helpdesk to request that your internet banking access be suspended with )] TJ ET BT 91.016 266.286 Td /F3 9.0 Tf [(immediate effect. This will prevent fraudsters from gaining access and transacting on your accounts.)] TJ ET BT 61.016 246.297 Td /F4 9.0 Tf [(What can I do to prevent SIM swap fraud?)] TJ ET 85.866 229.124 m 85.866 229.537 85.696 229.946 85.404 230.238 c 85.113 230.530 84.703 230.699 84.291 230.699 c 83.878 230.699 83.469 230.530 83.177 230.238 c 82.885 229.946 82.716 229.537 82.716 229.124 c 82.716 228.712 82.885 228.302 83.177 228.011 c 83.469 227.719 83.878 227.549 84.291 227.549 c 84.703 227.549 85.113 227.719 85.404 228.011 c 85.696 228.302 85.866 228.712 85.866 229.124 c f BT 91.016 226.308 Td /F3 9.0 Tf [(Protect your information all your information.)] TJ ET 85.866 218.135 m 85.866 218.548 85.696 218.957 85.404 219.249 c 85.113 219.541 84.703 219.710 84.291 219.710 c 83.878 219.710 83.469 219.541 83.177 219.249 c 82.885 218.957 82.716 218.548 82.716 218.135 c 82.716 217.723 82.885 217.313 83.177 217.022 c 83.469 216.730 83.878 216.560 84.291 216.560 c 84.703 216.560 85.113 216.730 85.404 217.022 c 85.696 217.313 85.866 217.723 85.866 218.135 c f BT 91.016 215.319 Td /F3 9.0 Tf [(Do not disclose your ID number on websites unless you have verified the legitimacy of the site. The bank already )] TJ ET BT 91.016 204.330 Td /F3 9.0 Tf [(knows your ID number and will not require you to give it to us again.)] TJ ET 85.866 196.157 m 85.866 196.570 85.696 196.979 85.404 197.271 c 85.113 197.563 84.703 197.732 84.291 197.732 c 83.878 197.732 83.469 197.563 83.177 197.271 c 82.885 196.979 82.716 196.570 82.716 196.157 c 82.716 195.745 82.885 195.335 83.177 195.044 c 83.469 194.752 83.878 194.582 84.291 194.582 c 84.703 194.582 85.113 194.752 85.404 195.044 c 85.696 195.335 85.866 195.745 85.866 196.157 c f BT 91.016 193.341 Td /F3 9.0 Tf [(Do not disclose your cell number on websites unless you have verified the legitimacy of the site. Phishing sites )] TJ ET BT 91.016 182.352 Td /F3 9.0 Tf [(often request for information such as ID Number, email address and email address password, physical address, )] TJ ET BT 91.016 171.363 Td /F3 9.0 Tf [(etc.)] TJ ET 85.866 163.190 m 85.866 163.603 85.696 164.012 85.404 164.304 c 85.113 164.596 84.703 164.765 84.291 164.765 c 83.878 164.765 83.469 164.596 83.177 164.304 c 82.885 164.012 82.716 163.603 82.716 163.190 c 82.716 162.778 82.885 162.368 83.177 162.077 c 83.469 161.785 83.878 161.615 84.291 161.615 c 84.703 161.615 85.113 161.785 85.404 162.077 c 85.696 162.368 85.866 162.778 85.866 163.190 c f BT 91.016 160.374 Td /F3 9.0 Tf [(Always make sure that your contact details on Internet banking are valid and correct. You know when your details )] TJ ET BT 91.016 149.385 Td /F3 9.0 Tf [(have changed, so when you are ready, you can update the information on Internet banking or at a local bank )] TJ ET BT 91.016 138.396 Td /F3 9.0 Tf [(branch.)] TJ ET BT 360.940 118.407 Td /F3 9.0 Tf [([INFORMATION SUPPLIED BY DAVID WILES])] TJ ET BT 61.016 98.418 Td /F3 9.0 Tf [()] TJ ET BT 61.016 79.929 Td /F3 9.0 Tf [(Posted in:Communication,Security | Tagged:Cell Phone,Phishing,Security | With 0 comments)] TJ ET q 225.000 0 0 156.000 61.016 332.890 cm /I1 Do Q endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /XObject /Subtype /Image /Width 300 /Height 208 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 7784>> stream JFIF;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80 C   %# , #&')*)-0-(0%()(C   (((((((((((((((((((((((((((((((((((((((((((((((((((," }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?((((((((((h2JTW=y&VDK Mocu.EU "+ oS18z袊`QEQEQEQEQEQEQEQEf(Q@Q@hP3EQEPU.ⴄ)S5謢˜:d3d_{.}U8#/3 XW=7H)ɝB7$cInq#fƺC!,Pε5Z|8 q5*9(E]*I $c'sӥ|ow[ xS7Z=U OjiM{w> b!AT>.cY֙rz<#5~4ԕ󲌠dfE2C4f((3KEfE%-PIKEPQKEQEQE%-PQKE%P5M 1/}UmA 4篢뙑G,Y'&YyZIXni6{9f>Ukv=2fK(S9>{\>U$_bkލU^'U5$mQwZ$ F[': zէZ\gNiD$ $_;=h0!,C߻?ʽM-5;D'2c_Eºw|;.-EFTWA%PQKE%-PEPEPEPEPEPEPEdMcVAjFOCaz3°[I$ϾD;{#銳js=XJ?[r-nm19kE(gu֭ʏ.Xd7|Qzsu$=e$wsXD,Tްķ:s !cЀiB<Ó}`^-4} ?z/SҶcv Ĝ|қoj"%=jKF\AOYz܉~EO4,2A֢&{-4"5X}۷zak\ Nv9gnǹ' h3QNg^YU KԻPkc9AK kp͍(&b{eQUg;xGF:.߼hO VЖ828"6)RQ1 >x=ZlQS$ӷaԛvi|sxeԶxֺ\ȷ&hݑT|S{8F^da#Apk ~]ss./a]N4TWp_Zsg2M*rN.N(QEQEQEQEQEQEQQ*CI+E@vTRBzW3rLPw=Qj6@ k79ԭ}cAMi3ڢ͖u9?=E+&f~dܱ*:[ȶ@VHt5Z+vᰣcӅMttՑh-v'Qncv#};bTF8}jvطu͍{a3nn4]:}KaRF.d’}NV1&_Sִ4M 2"IaE3eq}GZZ }k@gԖFVReҪZY"1l=0-ޱoX.O4ekr桨Ecg 9IHހTZ}qy{D*}OEcgWkBA5 A~_&qҥǾzs~Sj䧍nO!tͼ :|'ªlv0s+ .i{)lUB^V2̕S$dç@=j4E2U~h̳*jws.vv]߇, '!t{W>ڌwKV?{}]>B#;wZ( ( ( ( ( (y[9'hKa2LQ /e|^mQjCw=}sb\VUԭVOʅE&1y:M];,y'5|X4YH5m>@c |&FRpMWknT5-D[2An{?L{(Q^9E \d)9=[+id=j-eE7G] u\,**>Rq5w-wVKy$@*=J|[i)lU}qRM5/$,q3(2\S o++2I:B*sfVI, )@0p{VcդUԕbI_}Sw5g Y5ɵVރXbtҳK' srz?ߡJ+NbH@9HI5m"(П|Gk4㷾c g8`pF@Sp[;ϐGө' J+cBMOGV##\(jdUzGEZXy1F$*9$CKVjo K3Yp5t=@Jy'޸Ha@wbqd_U{e+I;x sܤdq([ڗPY#̍yt]. *C˞^B9sps$_+ӲO[Zœ'V|JR' .٧#AO>՛ok6:^jqC SսoIik-^Kly}[߷oZs7_JOFkEx!b“ $?;S+ݴ: 2`\1סʇ.sz-Lҭ6sjW ( ( ( ( ( ( W䑷3]۝ff}-RP!k3]lV@`Dėl>HW7}ܭ$ܓq^~/_9$vWH~4dω*<正;dj83f%Tr6 gqjSX^F1'wǡOeמ;NHHQQ+HMˉSS娵/]W䤣xD19jh9-٠ "AW\ų8"kw{SpS6>_w6g.Mshvt?o~ZЋ]CmT^:OsP!HmQaUz Pśgdպ_4RIWXf:Tj00Pֵ83m*cIEVUّu: YpX@ =ҫT:Ąat VDCk8O[9*zGzvXj~ E*.~K  ~g>/5[#/^קAڤɵ'ף[;ý:t4U0=XE,QEQEQERR ( ( (/18JAJ9&r(\c`>՛o}?{ל#%Į$`ԓ+~ΖϨ2/j|Jz.C/.%i/#c?+7j`nS@_b=g$hm8]*֧lBQDTrIƷl'm}PZv#5l $WQL$*ʖViԐIV2oP+cpV3xuHkܒ%c<I(P.A1/_AVJwcԛ^`' |SuR\oŕ)R.k|u\$H ^?VYR8NG3ׂO6_L}=Oh @@?ֽ\ߩYˬ6X$5}MX ( ( ( ))h(((( k8D?:u=wԌ53*p|Xܡ`p~YңCkԇg7 8S*Ӽ|coC}ϵ|+*WC2KIv/Zn\c 31Nj؁flSqlTE,WNyMM"iKx.E <>lv~}ROu19i.}.I;OJ] Imuq*IAo?%K (A_v: Gz-HmPvbrIɩ!-u?3J<$@֧8"v֒yA?Z-p)vc i=${"֗8PkԼq4gB~)CM6d`+hcGj8DSssדEYۤ$TQ^aEPEPE%-QI@ EPEPEPEPEPEPX:m8+~c\e=}zM&ƛ>z.4.D6-9\DvfKęc)_Wzt[e\8:y% rp,ּ|^4}VY{?rvCˎqOJ[;YnXBǀ(IJJ7 $dH$:fSV~x'|qOt1 W׭CAE *F 0t ѣb[) 4U(Th((((()(h((((+Z):7PjZ(˼oH-wn +ȐW )^!f<$8澯QmU pi#PƬ. V׈|9w $Y#89Q\: ti#0 ],Q]ӡ\I*E$OsM翜Gd=m#jTӜ,Y؛[{WW$s9\o`nn? }O|;4K \ܩOVe޽YcEH*(P0T|oK*O4XTB uW|QEQIK@QEQEQE%-PE%-Q@Q@RPEQEQEQEVeq7kU> startxref 18598 %%EOF security « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

security

« Older Entries
Newer Entries »

Scam warning: UPS Parcel Receipt with infected attachment

Wednesday, November 30th, 2016

The holiday season is upon us and there is a lot of activity around this time of the year with parcels being delivered both at home and at the university. This is being exploited by the scammers.

There is currently a UPS scam making its rounds in university mailboxes, where victims are lured into clicking a download link.

If you have received a package via the parcel company like UPS or DHL, you might be tempted open up an e-mail that seems to come from them, saying they have a package for you. There might be an attachment that you are asked to open to confirm your address or to fill in your personal details for “verification”.

The whole thing is a scam. Clicking on the attachment will download a Trojan virus onto your computer which will just sit there doing its nefarious work — reading your files, including confidential information, then transmitting the details to a server somewhere that is controlled by the criminals.

It seems there are two main variations of this “parcel delivery” scam – both looking like a genuine notification.

  • The first one tells you the parcel service tried, but was unable to deliver a package to you because of an incorrect address. The subject heading usually has a phony tracking number. The attachment is supposedly a copy of a waybill or invoice for you to print and use to collect the parcel from a UPS office.
  • The second is a customs notification and may even seem to come from “US Customs Service” rather than UPS. It says you have an international package (usually from Europe) and that you need to complete the attached customs form so it can be delivered.

In both these cases, the attachment is a compressed ZIP file (that is, one with a name that ends in “.zip”), even though the icon may look like a Word document. As soon as you double click on it, it will install a program onto your computer will then download and install several files on your system. These may disable your firewall, look for and steal credit card and bank account details, make screen snapshots and allow hackers full access to your machine.

This attack underlines the danger of opening an attached file in an email, even if it appears to come from a person or organization you know or frequently deal with.

Here is an example of one such mail.

 

 

From: Usps Parcel [mailto:shipment@uspc.com]

Sent: 28 November 2016 07:29 AM

To: Recipients <shipment@uspc.com>

Subject: Parcel Receipt

 

USPS Shipment Notification

A parcel was sent to our office for you and we have tried to deliver it several times to your address on file.

Attached is the receipt via Dropbox, used in sending you the parcel. We advise you DOWNLOAD the document and reconfirm the address on receipt if its your valid address.

For further assistance, please call USPS Customer Service.

For International Customer Service, please use official USPS site.

 

Copyright © 2016 USPS. All Rights Reserved.

This message has been scanned for viruses and dangerous content by Fair Distribution MailScanner, and is believed to be clean. 

 

So do not succumb to the temptation of opening up attachments in emails, especially if it comes from couriers and parcel delivery companies like UPS or DHL. It is the end of the year. Our energy and concentration is ebbing and we are all more vulnerable, making us all potential targets of the cyber-criminal.

[ARTICLE BY DAVID WILES]

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on Scam warning: UPS Parcel Receipt with infected attachment

Whatsapp scams

Wednesday, November 23rd, 2016

WhatsApp is a popular communication tool, used by students and personnel every day. On the downside, it provides cyber criminals with another way to convince you to part with your well-earned money and unfortunately it’s usually quite convincing.

WhatsApp scams come in many different forms and are often very convincing. Just make sure that you stay vigilant and don’t fall for anything that seems too good or too worrying to be true. Just because a friend or a family member sends you something, it doesn’t mean that it is safe.

Voucher scams

A message arrives in your WhatsApp from someone who looks like your friend, recommending a deal they’ve found. The messages usually come with a link that actually takes you to another website and tricks you into giving your personal information. Don’t ever click a link you’re not sure of and certainly don’t ever hand over personal information to a website you haven’t checked.

WhatsApp shutting down

There are many fake messages claiming that WhatsApp is going to end unless enough people share a certain message. The messages often look convincing, claiming to come from the CEO or another official. They’re written using the right words and phrases and look like an official statement. Any official statement wouldn’t need users to send it to everyone like a round robin. You would either see it in the news or it’ll come up as a proper notification in the app from the actual WhatsApp team.

WhatsApp threatening to shut down your account

This is very similar to the previous scam. It looks like an official message that claims that people’s WhatsApp accounts are being shut down for being inactive. Sending the message on will prove that it’s actually being used and often instructs people to pass it along.

WhatsApp forcing you to pay

Similar to the previous scam, with the only difference being that the message supposedly exempts you from having to pay for your account – if you send it on to other people.

WhatsApp Gold or WhatsApp Premium

The claim suggests that people pay for or download a special version of WhatsApp, usually called Gold or Premium. It offers a range of exciting-sounding features, like the ability to send more pictures, use new emoji or add extra security features. The problem is that it is far from secure. Downloading the app infects people’s phones with malware that use the phone to send more fake messages at the cost of the original victim.

Emails from WhatsApp

Spam e-mails are bad enough. E-mails plus WhatsApp is even worse. There’s a range of scams out there that send people e-mails that look like they’ve come from WhatsApp, usually looking like a notification for a missed voice call or voicemail. But when you click through, you will end up getting tricked into giving over your information, passphrases etc. Don’t ever click on an e-mail from a questionable sender. WhatsApp doesn’t send you e-mails including information about missed calls or voicemails.

Fake WhatsApp spying apps

Currently, it is not possible to let people spy on other’s conversations on WhatsApp, because it has end-to-end encryption enabled, which ensures that messages can only be read by the phones that send and receive them. These scam apps encourage people to download something that isn’t actually real and force people to pay money for malware, or actually read your chats once they’ve got onto your phone.

Lastly – 

Hopefully, you have  already blocked sharing your WhatsApp details with Facebook (telephone number, name etc. and allowing Facebook to suggest phone contacts as friends) and Facebook will not be able to  make your WhatsApp account accessible to the 13 million South African Facebook users.

There are some details about this controversial policy change by WhatsApp on the following page: http://www.mirror.co.uk/tech/you-can-stop-whatsapp-sharing-8893949

 

[ARTICLE BY DAVID WILES]

 

 

Email

Tags: , , , ,
Posted in Apps, Communication | Comments Off on Whatsapp scams

Lose your cellphone, lose your info

Friday, October 24th, 2014

If you lost your cellphone today, what would a criminal have access to? Your smses? Your banking details? Your private documents saved in your e-mail? Or sensitive work documents even?

And yet, we carry this invaluable information with us every day. We absentmindedly wander around talking in public while we’re within reaching distance of any opportunistic criminal. But there are also other ways to access information on your phone by means of spyware and other suspicious software.

We use our cellphones more and more to organise and plan our lives and at the same time, make ourselves more vulnerable.

However, there are a few measures you can take to ensure you don’t become a victim.

1. PASSWORD OR PIN

This is your most important first line of defense. Without a PIN or password, anyone can get hold of your cellphone, access your e-mail, bank details, sms and personal information.

smartphone-icon-1340911-mAnd Microsoft’s head of online security agrees.”Using a PIN or unique password is the single most important thing to do as a user of a smartphone to protect the device, the data and your reputation.” According to Beauchere the data on your phone is also more recent than the data on your desktop or laptop. This increases the risk even more.

Last year Microsoft conducted a worldwide online survey regarding the usage of PINs. 10 000 desktop and mobile device users from 20 countries took part. Only 28% of these used a PIN on a device.

2.CELLPHONE APPS

Be very careful which apps you download and where you download them from. It’s great having an app to streamline your life or one to entertain you, but weigh the pros and cons against each other.

Even if an app looks nifty, rather download a similar one from renowned app shops like iTunes, Google Play and Amazon. So some research. Read other readers’ comments, how they rate the app and if they experienced any problems with it.

3. DUBIOUS LINKS

According to research people are 3 times more likely to click on a link on their phone than one on their PCs. The fact that the screen is smaller and dubious links not as easily recognised could be the reason. Be suspicious of request for personal information you receive via links in sms, e-mail or social networks. By clicking on them, you run the risk of identity theft.

4. UNPROTECTED WI-FI

When you use an open WI-FI network in coffee shops, malls and other public places you information isn’t securely sent through the air. Any other person can intercept it during transmission. If you have to do banking on your phone or work with sensitive information, rather wait till your at work or home and have access to a secure WI-FI network.

5. SPYWARE

Without a password cyber criminals can load spyware on your phone and track your sms records, e-mails, banking transactions and location. To prevent this from happening, activate a password or PIN on your phone or download an app from a reputable store to scan for and remove spyware and viruses.

If you’d like to read more on cellphone security, wikipedia has extensive information.

[SOURCES: www.rd.com, www.computerworld.com]

Email

Tags: ,
Posted in E-mail, Security | Comments Off on Lose your cellphone, lose your info

Hackers and crackers

Friday, October 18th, 2013

We all remember Lisbeth Salander from the The Girl with the Dragon tattoo movie or Neo in The Matrix – both hackers.

Earlier this week even SU websites were targeted by the 747crew, who used it to proclaim their political and religious convictions. 

But apparently there’s a difference between hackers and crackers. In the context of computer security a hacker is seen as someone who pinpoints the weaknesses in a computer system or network and exploits them. His motivation can be financial gain, a platform for protest or purely because it’s a challenge.

Over time, and partly thanks to the media, the association with the word “hacker” predominantly became a negative one. Eric S. Raymond (author of The New Hacker’s Dictionary) believes that members of the computer underground should be called crackers.  According to R.D. Clifford (2006) a cracker is someone who illegally gained access to a computer with the intent of committing a crime, for example destroying data on a particular system.

 More recently the word hacker has been reclaimed by computer programmers who agree with Raymond that those who hack with criminal intent, should be called a cracker. Several subgroups of this subculture have different approaches and also use different terms to distinguish themselves from others.

A white hat won’t break into a system with malicious intent, but rather to test their own security or for a company manufacturing security software. The term white hat in internet slang refers to an ethical hacker.

A black hat hacker violates computer security for his own benefit. These are the stereotypical characters we see depicted in popular culture, like movies. Black hats break into secure networks to destroy data or to render the network unusable for those who need to access it.

A grey hat surfs the internet and breaks into a system only to notify it’s administrator that it has a security defect and then offer to fix it at a price.

A blue hat assists with the testing of a system before it’s launched to establish it’s weaknesses. Usually he’s not part of a computer security company.

Other terms include a script kiddie (someone who’s not an expert and uses other people’s software to hack) and a neophyte, “n00b”, or “newbie” is a novice who’s still in training.  

Hacktivist is a hacker who misuses technology to convey his social, ideological and political message. The defacement of the SU webpages earlier this week is an example of hactivism.

[SOURCE: www.wikipedia.org]

 

Email

Tags:
Posted in Security | Comments Off on Hackers and crackers

Beware of SIM card swap fraud

Friday, February 22nd, 2013

 

Although it is a known scam, when it hits one of your colleagues, it makes you aware that there are very real dangers out there. A SIM card swap fraud occurs when criminals obtain and utilise a replacement SIM card to acquire security messages and one-time passwords (OTP) sent to you by the bank. Using the OTP, criminals are able to change, add beneficiaries and transfer money out of your account using your personal information that they would have obtained through phishing. One of our colleagues lost R20 000 over the holidays and asked us to warn other staff as well:

How does a SIM swap scam work?

  • The SIM swap takes place after the fraudsters have received a your bank logon details as a result of the you responding to, for example, a Phishing e-mail. (this is why phishing e-mails are so dangerous and you should never ever respond or click on links contained in these phishing e-mails.)
  • Once the fraudsters have the your cell phone number and other personal information, the fraudster can pose as you, requesting a new SIM card from a cellular service provider.
  • The cellular service provider transfers the your SIM card identity to the new SIM card, cancelling your old SIM card in the process.
  • The result is that there is no signal on the old SIM card, which means the you cannot receive / make phone calls or send SMS messages. (This ought to be the first sign of something wrong, so if you get  “SIMCARD INVALID” error on your cell phone)
  • The SMS authorisation reference number, which is normally sent to the client, reaches the fraudster instead of you, the legitimate owner, and the fraudster is able to make once-off payments and create beneficiaries fraudulently

What should I do if I suspect an unlawful SIM swap?

  • If you fall prey to an unlawful SIM swap, or suspect that you have, contact your cellular service provider for assistance.
  • Also contact the internet banking helpdesk to request that your internet banking access be suspended with immediate effect. This will prevent fraudsters from gaining access and transacting on your accounts.

What can I do to prevent SIM swap fraud?

  • Protect your information – all your information.
  • Do not disclose your ID number on websites unless you have verified the legitimacy of the site. The bank already knows your ID number and will not require you to give it to us again.
  • Do not disclose your cell number on websites unless you have verified the legitimacy of the site. Phishing sites often request for information such as ID Number, email address and email address password, physical address, etc.
  • Always make sure that your contact details on Internet banking are valid and correct. You know when your details have changed, so when you are ready, you can update the information on Internet banking or at a local bank branch.

[INFORMATION SUPPLIED BY DAVID WILES]

 

Email

Tags: , ,
Posted in Communication, Security | Comments Off on Beware of SIM card swap fraud

« Older Entries
Newer Entries »
 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.