%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250718121320+00'00') /ModDate (D:20250718121320+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Length 2545 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 355.187 521.469 391.547 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 355.562 520.719 390.797 re S 0.773 0.773 0.773 rg 61.016 370.937 m 550.984 370.937 l 550.984 371.687 l 61.016 371.687 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(OFFICE365 PHISHING E-MAIL)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(March 03,2017)] TJ ET BT 165.578 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 180.086 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(Please take note of a phishing e-mail circulating on campus which looks like an Office365 e-mail notification. )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(Unfortunately, a few students have been caught out by this trap. )] TJ ET BT 61.016 606.442 Td /F4 9.0 Tf [(We will not send you an e-mail resembling the one below. If in doubt, rather contact us to confirm whether it's a legitimate )] TJ ET BT 61.016 595.453 Td /F4 9.0 Tf [(request.)] TJ ET BT 61.016 575.464 Td /F4 9.0 Tf [( )] TJ ET 0.592 0.592 0.592 rg 0.592 0.592 0.592 RG 305.016 565.766 m 306.516 565.766 l 305.766 565.016 l 305.766 565.016 l f 1.000 1.000 1.000 rg 1.000 1.000 1.000 RG 305.016 563.516 m 306.516 563.516 l 305.766 564.266 l 305.766 564.266 l f 306.516 565.766 m 306.516 563.516 l 305.766 564.266 l 305.766 565.016 l f 0.592 0.592 0.592 rg 0.592 0.592 0.592 RG 305.016 565.766 m 305.016 563.516 l 305.766 564.266 l 305.766 565.016 l f 0.153 0.153 0.153 rg BT 61.016 545.725 Td /F2 9.0 Tf [(From: SU Student )] TJ ET BT 61.016 534.736 Td /F2 9.0 Tf [(   Sent: 03 March 2017 12:07 PM)] TJ ET BT 61.016 523.747 Td /F2 9.0 Tf [(   Subject: Missing Mails)] TJ ET BT 61.016 501.958 Td /F2 9.0 Tf [(   You have two\(2\) unread messages but cannot because your mailbox has)] TJ ET BT 61.016 490.969 Td /F2 9.0 Tf [(   exceeds its quota/limit.)] TJ ET BT 61.016 479.980 Td /F2 9.0 Tf [(   Click here to use the message retriever page and enter login again to)] TJ ET BT 61.016 468.991 Td /F2 9.0 Tf [(   access missing message.)] TJ ET BT 61.016 447.202 Td /F2 9.0 Tf [(   Secretary)] TJ ET BT 61.016 425.413 Td /F2 9.0 Tf [(   Office 365)] TJ ET BT 61.016 403.624 Td /F2 9.0 Tf [(   System Administrator)] TJ ET 0.400 0.400 0.400 rg BT 61.016 385.135 Td /F2 9.0 Tf [(Posted in:E-mail,Security,Students | Tagged:Phishing,Security | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj xref 0 12 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000305 00000 n 0000000334 00000 n 0000000472 00000 n 0000000535 00000 n 0000003132 00000 n 0000003244 00000 n 0000003359 00000 n 0000003479 00000 n trailer << /Size 12 /Root 1 0 R /Info 5 0 R >> startxref 3587 %%EOF security « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

security

Newer Entries »

Scam: Cancellation Of Debit Order (Absa)

Monday, October 29th, 2012

Please note the following phishing scam: These scams are becoming far more fine-tuned to South African victims and especially university accounts. Earlier this month there was a specific scam using Alexander-Forbes as a means to attack, Alexander-Forbes being the university’s preferred consultant for insurance, medical aid consultancy etc. Barely a week later Virgin Active’s name was used to attempt to scam university personnel. This week it is the turn of Outsurance. The e-mails are virtually identical, only the names and the servers in the background change, but you should be able to see that they are homing more and more to South African users, which tells me one thing that either they are getting this information from South African victims or these scamming operations are South-African based.   Here is an expurgated version of the scam. Please take note and be very careful!  From: Absa [mailto:ibt@onlinedata.co.za] Sent: 29 October 2012 01:46 PM To: Name <university_email@address.goes.here> Subject: Cancellation Of Debit Order(Absa) Dear Customer, We received a Debit Order alert on your account this morning from Outsurance Insurance Company to deduct the sum of R3150.00 from your account. If you don’t want to authorized this Debit Order you can cancel by following the instruction below. Click below to Cancel the Debit Order on your profile. You will receive a message on your cellphone with a link, type in the last Eight digit RVN on the SMS message to complete the cancellation. click here to Cancel. . Regards, Security Department

(INFORMATION SUPPLIED BY DAVID WILES)

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on Scam: Cancellation Of Debit Order (Absa)

What is ransomware?

Friday, October 12th, 2012

The term ransomware will leave most people flabbergasted. How can software hold something ransom or is technology becoming so clever it can take over anything?

However, this description isn’t as far-fetched as it seems. Ransomware forms part of a group of malicious computer software called malware,  which cunningly installs itself on your pc and then has t he audacity to demand data or money from you. This type of programme can be installed by means of an e-mail attachment, an infected programme or unsafe website with malware installed on it. Ransomware” is also known as a a cryptovirus, cryptotrojan or cryptoworm.

The software indeed “kidnaps” your data by encrypting or limiting your access to it and then sending you a message demanding money to regain your access.  The only way access is possible again, is by acquiring an encryption key from the creator of the ransomware at a fee.

A more recent version of the software will not notify the user that ransomware has been installed, but will merely block all access to the data and depend on the victim to search the internet for information on their “problem”. This search will then lead them to legit websites selling software to remove the ransomware, which of course is sold by the creator of the original culprit.

Ransomware is nothing new. In 1996 security experts at Columbia University and IBM wrote an essay called “Cryptovirology: Extortion-Based Security Threats and Countermeasures” to describe the software. At that time businesses were the main targets of ransomware and not individuals.

In March 2006 ransomware called Crypzip of Zippo was sent to a group of internet users. Those who received the programme also received an e-mail demanding a ransom of $300 if they wanted to access their data again.

Most antivirus vendors have ways of detecting and blocking the most known ransomware. However, no data is 100% safe. To ensure you don’t find yourself in this tricky situation, try to back up data regularly, be cautious when browsing the internet and under no circumstances open e-mail attachments from unknown sources.

More info on the latest ransomware targeting Skype users.

SOURCE: Wikipedia, Microsoft en Techtarget.

Email

Tags: , , ,
Posted in General, Security | Comments Off on What is ransomware?

Watch out for fraudulent emails regarding banking

Tuesday, February 28th, 2012

We’re still receiving complaints from users who fall victim to cyber criminals by blindly submitting their banking details via email. (see example below) Staff are once again warned under NO circumstances to do any activation of your bank details by clicking on a link in an email. Pay attention to the following: –  Your bank will never send you an email requesting personal and confidential information. – The address where the email is sent from is not an official bank email address. It might seem similar, but if you look closely you’ll notice small differences. – Take note of the address where the link diverts you to when you click on it. You will immediately notice it’s not a typical bank web address, but something completely unrelated. – You will also see that your name is never mentioned in the email. It’s a generic email sent to random people to harvest their information. If any irregularities occur on your account, your bank will call you. You also won’t receive an email from them if a large amount is deposited into your bank account. Remember, a cyber criminal knows what will grab your attention. If you have any doubts, rather contact your bank directly and make sure.

Begin forwarded message: From: “NOTIFICATIONS@notify.com” Subject: ABSA:Security Centre Date: 28 February 2012 7:32:07 AM SAST To: Recipients We noticed illegal activities on your account, due to this, we have temporarily suspended your account. We need you to update your account information for your online banking to be re-activated click below or visit your nearest branch Re-activate now Terms Of Use | Banking Regulations | Privacy Policy | Security Centre | Site Map Authorised Financial Services Provider and a registered credit provider (NCRCP7) a

Email

Tags: , , , , ,
Posted in E-mail, Security | Comments Off on Watch out for fraudulent emails regarding banking

Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.