%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R 12 0 R ] /Count 2 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20221201125112+00'00') /ModDate (D:20221201125112+00'00') /Title (IT-artikels) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Length 6853 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 62.209 521.469 684.525 re f 0.773 0.773 0.773 rg 0.773 0.773 0.773 RG 45.266 746.734 m 566.734 746.734 l 565.984 745.984 l 46.016 745.984 l f 566.734 746.734 m 566.734 62.209 l 565.984 62.209 l 565.984 745.984 l f 45.266 746.734 m 45.266 62.209 l 46.016 62.209 l 46.016 745.984 l f 61.016 617.359 m 550.984 617.359 l 550.984 618.109 l 61.016 618.109 l f 1.000 1.000 1.000 rg BT 278.868 698.693 Td /F1 10.5 Tf [(POST LIST)] TJ ET 0.200 0.200 0.200 rg BT 212.789 670.111 Td /F1 14.4 Tf [(INFORMASIETEGNOLOGIE)] TJ ET BT 221.824 643.466 Td /F1 11.7 Tf [(INFORMATION TECHNOLOGY)] TJ ET BT 61.016 583.841 Td /F1 14.4 Tf [(NIGERIAN 419 ADVANCE FEE SCAM)] TJ ET 0.400 0.400 0.400 rg BT 61.016 564.033 Td /F3 9.0 Tf [(A scam in the form of a well-known “Nigerian 419 Advance Fee” mail is appearing in some of our colleagues and students )] TJ ET BT 61.016 553.044 Td /F3 9.0 Tf [(mailboxes this morning.)] TJ ET BT 61.016 533.055 Td /F3 9.0 Tf [(The mail is rather simple:)] TJ ET BT 61.016 513.066 Td /F3 9.0 Tf [(Subject is: “Kindly view attach and forward your reply to ”)] TJ ET BT 61.016 493.077 Td /F3 9.0 Tf [(The mail’s content simply states the same and the attachment is an image of a letter and states that the sender has a )] TJ ET BT 61.016 482.088 Td /F3 9.0 Tf [(large amount of money that they would like to send you.)] TJ ET BT 61.016 462.099 Td /F3 9.0 Tf [(This is a typical “Nigerian 411 Advance Fee” scam.)] TJ ET BT 61.016 442.110 Td /F3 9.0 Tf [(Here is how it works:)] TJ ET BT 61.016 422.121 Td /F3 9.0 Tf [(You receive an unsolicited message that masquerades as some manner of business proposition, request for assistance, )] TJ ET BT 61.016 411.132 Td /F3 9.0 Tf [(notice of a potential inheritance, or opportunity to help a charity but all of the scam messages share a common theme.)] TJ ET BT 61.016 391.143 Td /F3 9.0 Tf [(The messages all claim that your help is needed to access a very large sum of money and promise that you will receive a )] TJ ET BT 61.016 380.154 Td /F3 9.0 Tf [(significant portion of this money in exchange for your help.)] TJ ET BT 61.016 360.165 Td /F3 9.0 Tf [(The scammers use a variety of stories to explain why they need your help to access the funds.)] TJ ET 0.400 0.400 0.400 RG 85.866 342.992 m 85.866 343.405 85.696 343.814 85.404 344.106 c 85.113 344.398 84.703 344.567 84.291 344.567 c 83.878 344.567 83.469 344.398 83.177 344.106 c 82.885 343.814 82.716 343.405 82.716 342.992 c 82.716 342.580 82.885 342.170 83.177 341.879 c 83.469 341.587 83.878 341.417 84.291 341.417 c 84.703 341.417 85.113 341.587 85.404 341.879 c 85.696 342.170 85.866 342.580 85.866 342.992 c f BT 91.016 340.176 Td /F3 9.0 Tf [(They may claim that political climate or legal issues preclude them from accessing funds in a foreign bank account )] TJ ET BT 91.016 329.187 Td /F3 9.0 Tf [(and request your help to gain such access.)] TJ ET 85.866 321.014 m 85.866 321.427 85.696 321.836 85.404 322.128 c 85.113 322.420 84.703 322.589 84.291 322.589 c 83.878 322.589 83.469 322.420 83.177 322.128 c 82.885 321.836 82.716 321.427 82.716 321.014 c 82.716 320.602 82.885 320.192 83.177 319.901 c 83.469 319.609 83.878 319.439 84.291 319.439 c 84.703 319.439 85.113 319.609 85.404 319.901 c 85.696 320.192 85.866 320.602 85.866 321.014 c f BT 91.016 318.198 Td /F3 9.0 Tf [(They may claim that your last name is the same as that of the deceased person who owned an account and )] TJ ET BT 91.016 307.209 Td /F3 9.0 Tf [(suggests that you act as the next of kin of this person in order to gain access to the account’s funds.)] TJ ET 85.866 299.036 m 85.866 299.449 85.696 299.858 85.404 300.150 c 85.113 300.442 84.703 300.611 84.291 300.611 c 83.878 300.611 83.469 300.442 83.177 300.150 c 82.885 299.858 82.716 299.449 82.716 299.036 c 82.716 298.624 82.885 298.214 83.177 297.923 c 83.469 297.631 83.878 297.461 84.291 297.461 c 84.703 297.461 85.113 297.631 85.404 297.923 c 85.696 298.214 85.866 298.624 85.866 299.036 c f BT 91.016 296.220 Td /F3 9.0 Tf [(They may claim that a rich businessman, who has a terminal illness, needs your help to distribute his wealth to )] TJ ET BT 91.016 285.231 Td /F3 9.0 Tf [(charity.)] TJ ET 85.866 277.058 m 85.866 277.471 85.696 277.880 85.404 278.172 c 85.113 278.464 84.703 278.633 84.291 278.633 c 83.878 278.633 83.469 278.464 83.177 278.172 c 82.885 277.880 82.716 277.471 82.716 277.058 c 82.716 276.646 82.885 276.236 83.177 275.945 c 83.469 275.653 83.878 275.483 84.291 275.483 c 84.703 275.483 85.113 275.653 85.404 275.945 c 85.696 276.236 85.866 276.646 85.866 277.058 c f BT 91.016 274.242 Td /F3 9.0 Tf [(They may claim that a soldier stationed overseas has discovered a cache of hidden cash left by a fleeing dictator )] TJ ET BT 91.016 263.253 Td /F3 9.0 Tf [(and needs your help to get the money out of the country.)] TJ ET BT 61.016 243.264 Td /F3 9.0 Tf [(All these scams promise to let you keep a significant percentage of the funds in exchange for your assistance. This is the )] TJ ET BT 61.016 232.275 Td /F3 9.0 Tf [(bait that is used to pull potential victims deeper into the scam. Once a recipient has taken the bait, and initiated a dialogue )] TJ ET BT 61.016 221.286 Td /F3 9.0 Tf [(with the scammers, he or she will soon receive requests for “fees” that the scammer claims are necessary for processing )] TJ ET BT 61.016 210.297 Td /F3 9.0 Tf [(costs, tax and legal fees, bribes to local officials, or other – totally imaginary – fees.)] TJ ET BT 61.016 190.308 Td /F3 9.0 Tf [(In reality, the supposed funds do not exist and the main purpose of these scam messages is to trick recipients into parting )] TJ ET BT 61.016 179.319 Td /F3 9.0 Tf [(with their money in the form of these advance fees. Fraudulent requests for fees will usually continue until the victim )] TJ ET BT 61.016 168.330 Td /F3 9.0 Tf [(realises he or she is being conned and stops sending money. In some cases, the scammers may gather enough )] TJ ET BT 61.016 157.341 Td /F3 9.0 Tf [(information to access the victim’s bank account directly or steal the victim’s identity.)] TJ ET BT 61.016 137.352 Td /F3 9.0 Tf [(Typically, advance fee scammers will send many thousands of identical scam messages to recipients all around the world. )] TJ ET BT 61.016 126.363 Td /F3 9.0 Tf [(\(as is today’s example\) It only takes a few recipients to fall for the claims in the messages to make the operation pay off )] TJ ET BT 61.016 115.374 Td /F3 9.0 Tf [(for the criminals.)] TJ ET BT 61.016 95.385 Td /F4 9.0 Tf [(What to do if you receive such an Advance Fee email:)] TJ ET BT 61.016 75.396 Td /F3 9.0 Tf [(It is important that you do not respond to it in any way. The scammers are likely to act upon any response from those they )] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Page /Parent 3 0 R /Annots [ 14 0 R 16 0 R 18 0 R 20 0 R 22 0 R 24 0 R 26 0 R ] /Contents 13 0 R >> endobj 13 0 obj << /Length 4619 >> stream 0.400 0.400 0.400 rg 0.400 0.400 0.400 RG 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 362.998 521.469 394.986 re f 0.773 0.773 0.773 rg 0.773 0.773 0.773 RG 45.266 362.998 m 566.734 362.998 l 565.984 363.748 l 46.016 363.748 l f 566.734 757.984 m 566.734 362.998 l 565.984 363.748 l 565.984 757.984 l f 45.266 757.984 m 45.266 362.998 l 46.016 363.748 l 46.016 757.984 l f 0.400 0.400 0.400 rg BT 61.016 749.193 Td /F3 9.0 Tf [(see as potential victims. The best thing to do with these scam messages is to simply delete them.)] TJ ET BT 61.016 729.204 Td /F3 9.0 Tf [(Send the spam/phishing mail to the following addresses)] TJ ET 0.373 0.169 0.255 rg BT 61.016 709.215 Td /F3 9.0 Tf [(help@sun.ac.za )] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 61.016 708.064 m 128.183 708.064 l S 0.400 0.400 0.400 rg BT 128.183 709.215 Td /F3 9.0 Tf [(and )] TJ ET 0.373 0.169 0.255 rg BT 145.697 709.215 Td /F3 9.0 Tf [(sysadm@sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 145.697 708.064 m 224.357 708.064 l S 0.400 0.400 0.400 rg BT 224.357 709.215 Td /F3 9.0 Tf [(.)] TJ ET BT 61.016 689.226 Td /F3 9.0 Tf [( Attach the phishing or suspicious mail on to the message if possible. There is a good tutorial on how to do this at the )] TJ ET BT 61.016 678.237 Td /F3 9.0 Tf [(following link \(Which is safe\) : )] TJ ET 0.373 0.169 0.255 rg BT 181.544 678.237 Td /F3 9.0 Tf [(http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Spam%20sysadmin%20Eng.aspx)] TJ ET 0.18 w 0 J [ ] 0 d 181.544 677.086 m 549.707 677.086 l S 0.400 0.400 0.400 rg BT 78.360 658.264 Td /F3 9.0 Tf [(1.)] TJ ET BT 91.016 658.248 Td /F3 9.0 Tf [(Start up a new mail addressed to )] TJ ET 0.373 0.169 0.255 rg BT 225.080 658.248 Td /F3 9.0 Tf [(sysadm@sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 225.080 657.097 m 303.740 657.097 l S 0.400 0.400 0.400 rg BT 303.740 658.248 Td /F3 9.0 Tf [( \(CC: )] TJ ET 0.373 0.169 0.255 rg BT 327.239 658.248 Td /F3 9.0 Tf [(help@sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 327.239 657.097 m 391.904 657.097 l S 0.400 0.400 0.400 rg BT 391.904 658.248 Td /F3 9.0 Tf [(\))] TJ ET BT 78.360 647.275 Td /F3 9.0 Tf [(2.)] TJ ET BT 91.016 647.259 Td /F3 9.0 Tf [(Use the Title “SPAM” \(without quotes\) in the Subject.)] TJ ET BT 78.360 636.286 Td /F3 9.0 Tf [(3.)] TJ ET BT 91.016 636.270 Td /F3 9.0 Tf [(With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail )] TJ ET BT 91.016 625.281 Td /F3 9.0 Tf [(Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the )] TJ ET BT 91.016 614.292 Td /F3 9.0 Tf [(attachments section of the New Mail.)] TJ ET BT 78.360 603.319 Td /F3 9.0 Tf [(4.)] TJ ET BT 91.016 603.303 Td /F3 9.0 Tf [(Send the mail.)] TJ ET BT 61.016 583.314 Td /F4 9.0 Tf [(If you have fallen for the scam:)] TJ ET BT 61.016 563.325 Td /F3 9.0 Tf [(If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and )] TJ ET BT 61.016 552.336 Td /F3 9.0 Tf [(password you should immediately go to )] TJ ET 0.373 0.169 0.255 rg BT 221.081 552.336 Td /F3 9.0 Tf [(http://www.sun.ac.za/useradm)] TJ ET 0.18 w 0 J [ ] 0 d 221.081 551.185 m 341.627 551.185 l S 0.400 0.400 0.400 rg BT 341.627 552.336 Td /F3 9.0 Tf [( and change the passwords on ALL your university )] TJ ET BT 61.016 541.347 Td /F3 9.0 Tf [(accounts \(making sure the new password is completely different, and is a strong password that will not be easily )] TJ ET BT 61.016 530.358 Td /F3 9.0 Tf [(guessed.\) as well as changing the passwords on your social media and private e-mail accounts \(especially if you use the )] TJ ET BT 61.016 519.369 Td /F3 9.0 Tf [(same passwords on these accounts.\))] TJ ET BT 61.016 499.380 Td /F3 9.0 Tf [(IT have set up a website page with useful information on how to report and combat phishing and spam. The address is:)] TJ ET 0.373 0.169 0.255 rg BT 61.016 479.391 Td /F3 9.0 Tf [(http://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 478.240 m 357.647 478.240 l S 0.400 0.400 0.400 rg BT 61.016 459.402 Td /F3 9.0 Tf [(As you can see the address has a sun.ac.za at the end of the domain name, so it is legitimate. I suggest bookmarking this.)] TJ ET BT 432.949 439.413 Td /F3 9.0 Tf [([ARTICLE BY DAVID WILES])] TJ ET BT 61.016 419.424 Td /F3 9.0 Tf [( )] TJ ET BT 61.016 399.435 Td /F3 9.0 Tf [( )] TJ ET BT 61.016 380.946 Td /F3 9.0 Tf [(Posted in:E-mail,Phishing,Security | Tagged:Phishing,Spam | With 0 comments)] TJ ET endstream endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 708.3826 128.1827 717.5401 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (mailto:help@sun.ac.za) >> endobj 16 0 obj << /Type /Annot /Subtype /Link /A 17 0 R /Border [0 0 0] /H /I /Rect [ 145.6967 708.3826 224.3567 717.5401 ] >> endobj 17 0 obj << /Type /Action /S /URI /URI (mailto:sysadm@sun.ac.za) >> endobj 18 0 obj << /Type /Annot /Subtype /Link /A 19 0 R /Border [0 0 0] /H /I /Rect [ 181.5437 677.4046 549.7067 686.5621 ] >> endobj 19 0 obj << /Type /Action /S /URI /URI (http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki Pages/Spam sysadmin Eng.aspx) >> endobj 20 0 obj << /Type /Annot /Subtype /Link /A 21 0 R /Border [0 0 0] /H /I /Rect [ 225.0797 657.4156 303.7397 666.5731 ] >> endobj 21 0 obj << /Type /Action /S /URI /URI (mailto:sysadm@sun.ac.za) >> endobj 22 0 obj << /Type /Annot /Subtype /Link /A 23 0 R /Border [0 0 0] /H /I /Rect [ 327.2387 657.4156 391.9037 666.5731 ] >> endobj 23 0 obj << /Type /Action /S /URI /URI (mailto:help@sun.ac.za) >> endobj 24 0 obj << /Type /Annot /Subtype /Link /A 25 0 R /Border [0 0 0] /H /I /Rect [ 221.0807 551.5036 341.6267 560.6611 ] >> endobj 25 0 obj << /Type /Action /S /URI /URI (http://www.sun.ac.za/useradm) >> endobj 26 0 obj << /Type /Annot /Subtype /Link /A 27 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 478.5586 357.6467 487.7161 ] >> endobj 27 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/) >> endobj xref 0 28 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000312 00000 n 0000000341 00000 n 0000000476 00000 n 0000000539 00000 n 0000007444 00000 n 0000007556 00000 n 0000007663 00000 n 0000007779 00000 n 0000007899 00000 n 0000008025 00000 n 0000012697 00000 n 0000012824 00000 n 0000012897 00000 n 0000013025 00000 n 0000013100 00000 n 0000013228 00000 n 0000013359 00000 n 0000013487 00000 n 0000013562 00000 n 0000013690 00000 n 0000013763 00000 n 0000013891 00000 n 0000013971 00000 n 0000014098 00000 n trailer << /Size 28 /Root 1 0 R /Info 5 0 R >> startxref 14223 %%EOF spam « Informasietegnologie
SEARCH
  • Recent Posts

  • Categories

  • Archives

spam

How to recognise a phishing e-mail

Tuesday, October 5th, 2021

We can’t warn you against every phishing e-mail– there’s a new variation every day. You are the only person who can protect yourself from phishing scams and identity theft. The only way to do this is to learn to recognise a harmful e-mail by paying attention and keeping an eye out for a few tell-tale signs.

phishme_how_to_spot_a_phishTypical characteristics

1. Well-known companies used as bait
These e-mails are sent out to thousands of different e-mail addresses and often the person sending them has no idea who you are. If you have no affiliation with the company the e-mail address is supposedly coming from, it’s fake. For example, if the e-mail is sent by ABSA, but you are a Standard Bank client. Also, see a list of types of companies generally used in phishing e-mails below.

2. Spelling and grammar
Improper spelling and grammar is a dead giveaway. Look for obvious errors. 

3. Lack of client information
Phishers use a generic greeting. For example, the e-mail greets you as “ABSA customer” or “Dear user”, etc. If the company was sending you information regarding your faulty account, they would mention your account details or name in the e-mail.  A company would go through the trouble to address a client by name and won’t ask you for your information. Banks have your information on their system.

4. Deadlines/Sense of urgency
Phishing e-mails demand an immediate response or stipulate a specific deadline, creating a sense of urgency and prompting you to respond before you’ve looked at the e-mail properly. For example,  demanding that you log in and change your account information within 24 hours or your account will be closed.

5. Malicious links
Although many phishing e-mails are getting better at hiding the true URL you are visiting, often these e-mails will show a URL that is unrelated to the company. Move your mouse over the link and look at the display address. Is this the website address of the company who seems to be sending the e-mail? If not, it’s clearly a phishing e-mail.

6. Attachments
Phishing e-mails occasionally include an attachment which contains malware. When opened, it will run and install a small programme on your PC, which hackers use to gain access to your PC and information. 

Typical phishing topics

• Account issues, such as accounts or passwords expiring, accounts being hacked, out-of-date accounts, or account information has to be changed.
• Credit cards expiring or being stolen, a duplicate credit card, credit card transactions, etc. 
• Confirming orders, requesting that you log in to confirm recent orders or transactions before a delivery can be made.
• Winning a prize or getting something for free. Both Woolworths and Pick ‘n Pay’s have been used in fake campaigns to lure people into providing personal details.

Company names phishers generally use

• Any major bank. ABSA and Standard Bank are both popular choices in South Africa.
• Insurance companies, for example, Outsurance.
• Internet service providers
• Apple or Microsoft claiming your account has been suspended.
• E-mail providers, e.g. Gmail or Yahoo
• SARS. Especially at this time of year. (We’ve had a few of these.)
• DHL or any delivery company claiming they have a package for you.
• Your company’s medical aid, for example, Discovery
• Your company’s IT department
• Casinos and lotteries
• Online dating websites
• Popular websites such as Amazon, Facebook, MySpace, PayPal, eBay, Microsoft, Apple, Hotmail, YouTube, etc.

A few tips to keep you safe

• Never follow links in an e-mail you’re uncertain of. Rather visit the page by typing the address of the company in your browser. For example,  instead of clicking on the “ABSA URL” in the e-mail, type http://www.absa.co.za in your web browser and log in at their official website.
• Never send personal information by e-mail. If a company is asking for your personal account information or claiming your account is invalid, visit the website and log in to the account as you normally would. If everything seems in order and there aren’t any urgent notifications from your bank, you should be fine.
• If you are still not sure about the status of your account or are concerned about your personal information, contact the company directly, either through an e-mail address provided on their website, over the phone or visit your local branch.
• Delete the e-mail and don’t click on links or fill in any information.
• If you’ve already divulged your information, immediately change your password or PIN and contact the institution to inform them of the breach.
• To report spam or phishing e-mails send an e-mail to sysadm@sun.ac.za with the subject SPAM with the suspect e-mail attached. IT system administrators will then be able to block the e-mail to protect other users.

[SOURCE: www.computerhope.com]

 

How do I report phishing?

Tuesday, October 5th, 2021

You’ve received a suspicious email, what should you do with it? Firstly, don’t click on any links. But just as important, send it to us so we can prevent more staff and students falling prey to the scam. We encourage our customers to submit potential phishing examples for review. Using these submissions, the Cyber Security Incident Response Team (CSIRT) can learn from the analysis of these messages. This collectively helps to improve the level of virus and spam detection.

What is phishing?

Phishing attacks are designed to steal a person’s login and password details so that the cyber criminal can assume control of the victim’s social network, email, and online bank accounts. Seventy percent of internet users choose the same password for almost every web service they use. This is why phishing is so effective, as the criminal, by using the same login details, can access multiple private accounts and manipulate them for their own good. 

More on how to recognise a phishing email. 

Report phishing

On the ICT Partner Portal:

*Spam or phishing examples must be sent in either.EML or .MSG format as an attachment and must not be forwarded. This ensures the original email can be analysed with its full Internet message headers intact. Alternatively, use the mail application to save the email (usually located under File | Save As) as an .EML or .MSG format to a folder location, and attach the saved file to a new email.

“Cryptocurrency” scam email

Wednesday, March 28th, 2018

Please be aware of a  scam making the rounds since yesterday.

It is a “Crypto-currency” (bitcoin) scam that comes in the form of an e-mail from an unknown sender (currently an address from name@dacfinance.online). It will look like this:

 


 

Hi, how are you?
I hope you are okay

 I’ve been trying to reach you for the past couple of days.

Something MAJOR is happening in the trading world and I want you to know about it.

>> Check this with your email somebody@sun.ac.za

 Are you ready for that kind of spending power?

Many people already started to trade cryptocurrencies, BitCoin and LiteCoin.

Join now to our Group!

 To your success,
Some Name
 DAC Finance

cryptocurrency.website address

 


 

This is a sneaky attempt to defraud users seeking an opportunity to invest in Bitcoins (crypto-currency). The website you are taken to is filled with fake testimonials, inflated bank account numbers, exaggerated claims of easy money and various other lies and fabrications. The software that you would be asked to install is fake and will compromise security on your computer and be used to send spam. Furthermore, victims will have to pay anything up to $250 to join the “investment” scheme and the only thing that will happen is that you will be $250 poorer. Here is an example of the website page:

Do not respond to this mail or be tempted to join this scheme. The fact that university e-mail addresses reused and the claims look legitimate should rather be a warning.

As always if you have received mail that looks like this, please immediately report it to the Information Technology Security Team using the following method:

Send the spam/phishing mail to help@sun.ac.za and sysadm@sun.ac.za.
Attach the phishing or suspicious mail on to the message if possible.
1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
2. Use the Title “SPAM” (without quotes) in the Subject.
3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
4. Send the mail.

[Article by David Wiles]

E-mail scam with subject: “morning”

Wednesday, December 13th, 2017

It seems that scammers are now attempting to use student e-mail addresses to send out spam. 

If you get mail with the subject of “morning”, supposedly coming from a student account (studentnumber@sun.ac.za) with the following content, please ignore and delete it.

“We are conducting a  standard process investigation involving a late client who  shares the same surname with you and also the circumstances surrounding investments made by this client.Are you aware of  any relative/relation having the same surname? Send email to: scammer@scam.com”

This is a typical Nigerian 419 Advance Fee scam. Do not respond to this mail. The scammers just want to see who will respond so they can con you out of some money.

A reminder again of how to correctly report spam and phishing scams:

Send the spam/phishing mail to the following addresses: 

help@sun.ac.za and sysadm@sun.ac.za.

 Attach the phishing or suspicious mail on to the message if possible. There is a good tutorial on how to do this at the following link (which is safe): http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Spam%20sysadmin%20Eng.aspx

  1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
  2. Use the Title “SPAM” (without quotes) in the Subject.
  3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
  4. Send the mail.

IF YOU HAVE FALLEN FOR THE SCAM:

If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and password you should immediately go to http://www.sun.ac.za/useradm and change the passwords on ALL your university accounts (making sure the new password is completely different, and is a strong password that will not be easily guessed.) as well as changing the passwords on your social media and private e-mail accounts (especially if you use the same passwords on these accounts.)

IT has set up a website page with useful information on how to report and combat phishing and spam. The address is: https://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/

As you can see the address has a sun.ac.za at the end of the domain name, so it is legitimate. We suggest bookmarking this.

[Article by David Wiles]

Nigerian 419 Advance Fee scam

Wednesday, November 29th, 2017

A scam in the form of a well-known “Nigerian 419 Advance Fee” mail is appearing in some of our colleagues and students mailboxes this morning.

The mail is rather simple:

Subject is: “Kindly view attach and forward your reply to <a gmail address>”

The mail’s content simply states the same and the attachment is an image of a letter and states that the sender has a large amount of money that they would like to send you.

This is a typical “Nigerian 411 Advance Fee” scam.

Here is how it works:

You receive an unsolicited message that masquerades as some manner of business proposition, request for assistance, notice of a potential inheritance, or opportunity to help a charity but all of the scam messages share a common theme.

The messages all claim that your help is needed to access a very large sum of money and promise that you will receive a significant portion of this money in exchange for your help.

The scammers use a variety of stories to explain why they need your help to access the funds.

  • They may claim that political climate or legal issues preclude them from accessing funds in a foreign bank account and request your help to gain such access.
  • They may claim that your last name is the same as that of the deceased person who owned an account and suggests that you act as the next of kin of this person in order to gain access to the account’s funds.
  • They may claim that a rich businessman, who has a terminal illness, needs your help to distribute his wealth to charity.
  • They may claim that a soldier stationed overseas has discovered a cache of hidden cash left by a fleeing dictator and needs your help to get the money out of the country.

All these scams promise to let you keep a significant percentage of the funds in exchange for your assistance. This is the bait that is used to pull potential victims deeper into the scam. Once a recipient has taken the bait, and initiated a dialogue with the scammers, he or she will soon receive requests for “fees” that the scammer claims are necessary for processing costs, tax and legal fees, bribes to local officials, or other – totally imaginary – fees.

In reality, the supposed funds do not exist and the main purpose of these scam messages is to trick recipients into parting with their money in the form of these advance fees. Fraudulent requests for fees will usually continue until the victim realises he or she is being conned and stops sending money. In some cases, the scammers may gather enough information to access the victim’s bank account directly or steal the victim’s identity.

Typically, advance fee scammers will send many thousands of identical scam messages to recipients all around the world. (as is today’s example) It only takes a few recipients to fall for the claims in the messages to make the operation pay off for the criminals.

What to do if you receive such an Advance Fee email:

It is important that you do not respond to it in any way. The scammers are likely to act upon any response from those they see as potential victims. The best thing to do with these scam messages is to simply delete them.

Send the spam/phishing mail to the following addresses

help@sun.ac.za and sysadm@sun.ac.za.

 Attach the phishing or suspicious mail on to the message if possible. There is a good tutorial on how to do this at the following link (Which is safe) : http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Spam%20sysadmin%20Eng.aspx

  1. Start up a new mail addressed to sysadm@sun.ac.za (CC: help@sun.ac.za)
  2. Use the Title “SPAM” (without quotes) in the Subject.
  3. With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the attachments section of the New Mail.
  4. Send the mail.

If you have fallen for the scam:

If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and password you should immediately go to http://www.sun.ac.za/useradm and change the passwords on ALL your university accounts (making sure the new password is completely different, and is a strong password that will not be easily guessed.) as well as changing the passwords on your social media and private e-mail accounts (especially if you use the same passwords on these accounts.)

IT have set up a website page with useful information on how to report and combat phishing and spam. The address is:

https://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/

As you can see the address has a sun.ac.za at the end of the domain name, so it is legitimate. I suggest bookmarking this.

[ARTICLE BY DAVID WILES]

 

 

 

© 2013-2022 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.