Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

spam

« Older Entries
Newer Entries »

Fake FNB e-mail being circulated

Monday, June 19th, 2017

Our week starts off with the latest spam e-mail, one from FNB requesting that you activate your card. Of course this isn’t legitimate, even if it looks fairly convincing. Note the :-) in the subject line. This alone should be a dead giveaway. No bank will (we hope) communicate with emoticons.

The link in the e-mail will lead you to a temporary file in your browser where you have to fill in your details.  Please ignore and delete this e-mail if you receive it. If you are a FNB customer and at any time, receive any e-mails you are not sure about, rather phone your bank directly and confirm.

If you receive any similar phishing e-mails, please forward then to sysadm@sun.ac.za as an attachment. This way we can add it to our spam filter and ensure no-one else receives them. 

See the example of the FNB e-mail below. (Malicious links were deactivated)

…………………………………………………………………………………………………………………………
Date: Thu, 15 Jun 2017 23:41:08 +0000
From: inContact <fakeaddress@fnb.co.za>
To: Recipients <fakeaddress@fnb.co.za>
Subject: FNB :-) Account Card Activation Request   16Jun 00:00
x-spam-score: -89.7 (—————————————————)

[– Attachment #1 –]
[– Type: text/plain, Encoding: base64, Size: 0.7K –]

Dear  Valued Card Holder,

As Directed by South African Credit Card Authorities, All card holders as advised to register their FNB cards on the new security platform to avoid your account from being compromised and also
+deactivated.

To reactivate your Credit / debit Card Kindly click on the below ATTACHED and follow instructions.

SEE ATTACHED TO REACTIVATE / REGISTER YOUR FNB CARD

*NOTE: Failure to do this will lead to suspension of your ATM Card.*

Copyright c 2017 Inter-Switch Limited

Thank you.
Administrator

………………………………………………………………………………………………………………………..

 

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on Fake FNB e-mail being circulated

Compromised student account used for phishing

Tuesday, April 18th, 2017

Just because mail seems to come from a university address, doesn’t mean to say that it is legitimate.

The latest phishing scam making its rounds at the university is being sent from a compromised student account. The subject line is all in capital letters and is meant to frighten you into clicking on a link and filling in your details. This is probably how the student account that is now sending it was originally compromised.

This is a typical phishing scam. Do not respond or click on any of the links. Many thanks to all the observant students who picked it up and pointed it out to us.

Below is an example of the mail (with the dangerous bits removed)

 

From: Compromised, Student account <12345678@sun.ac.za>
Sent: Monday, 17 April 2017 12:19 PM
To: fake@email.address
Subject: YOUR EMAIL ACCOUNT HAS BEEN COMPROMISED

 

Certify Your email HERE

[ARTICLE BY DAVID WILES]

Email

Tags: , ,
Posted in Security | Comments Off on Compromised student account used for phishing

Don’t Be Fooled. Protect Yourself and Your Identity

Wednesday, April 5th, 2017

According to the US Department of Justice, more than 17 million Americans were victims of identity theft in 2014. EDUCAUSE research shows that 21 percent of respondents to the annual ECAR student study have had an online account hacked, and 14 percent have had a computer, tablet, or smartphone stolen. Online fraud is an ongoing risk. The following tips can help you prevent identity theft.

  • Read your credit card, bank, and pay statements carefully each month. Look for unusual or unexpected transactions. Remember also to review recurring bill charges and other important personal account information.
  • Review your health insurance plan statements and claims. Look for unusual or unexpected transactions.
  • Shred it! Shred any documents with personal, financial, or medical information before you throw them away.
  • Take advantage of free annual credit reports. In South Africa TransUnion, Experian and CompuShare can provide these reports.
  • If a request for your personal info doesn’t feel right, do not feel obligated to respond! Legitimate companies won’t ask for personal information such as your ID number, password, or account number in a pop-up ad, e-mail, SMS, or unsolicited phone call.
  • Limit the personal information you share on social media. Also, check your privacy settings every time you update an application or operating system (or at least every few months).
  • Put a password on it. Protect your online accounts and mobile devices with strong, unique passwords or passphrases.
  • Limit use of public Wi-Fi. Be careful when using free Wi-Fi, which may not be secure. Do not access online banking information or other sensitive accounts from public Wi-Fi.
  • Secure your devices. Encrypt your hard drive, use a VPN, and ensure that your systems, apps, antivirus software, and plug-ins are up-to-date.

 

Email

Tags: , ,
Posted in Security | Comments Off on Don’t Be Fooled. Protect Yourself and Your Identity

What is the junk e-mail folder?

Tuesday, February 28th, 2017

Just before the weekend, we became aware of a particularly intrusive and persistent phishing attack. An e-mail, seemingly from Standard Bank, was distributed from a staff member’s e-mail account after being hacked.

In order to prevent the attack from causing more damage to other e-mail users, stricter spam filter measures had to be implemented over the weekend. After this time period, the filter was reset to its default.

These measures caused some e-mails that weren’t spam, to divert to Outlook’s Junk Mail folder. They were not deleted, but they weren’t visible in inboxes.

Even though it is advisable that you occasionally check your Junk mail folder, it seems some staff aren’t familiar with the folder or it’s function.

The Microsoft Outlook Junk E-mail Filter helps reduce unwanted email messages in your Inbox. Junk e-mail, also known as spam, is moved by the filter away to the Junk E-mail folder.

How the Junk E-mail filter works

The Junk E-mail Filter evaluates each incoming message to assess whether it might be spam, based on several factors. These can include the time when the message was sent and the content of the message. By default, the Junk E-mail Filter is turned on and the protection level is set to Low. This level catches only the most obvious spam. You can make the filter more aggressive by changing the level of protection that it provides.

You can adjust the Junk E-mail Filter settings in the Junk E-mail Options dialogue box.

  • On the Home tab, in the Delete group, click Junk, and then click Junk E-mail Options.

Any message that is suspected to be junk is moved to the Junk E-mail folder. We recommend that you periodically review the messages in the Junk E-mail folder to check for legitimate messages that were incorrectly classified as junk. If you find a message that isn’t junk, drag them back to the Inbox or to any folder. You can also mark the item as not junk by doing the following:

  • On the Home tab, in the Delete group, click Junk, and then click Not Junk.

More detailed instructions can be found on the Office365 Knowledgebase and on Microsoft’s website.

We apologise for the inconvenience and confusion caused by these emergency measures. If you have any questions, please contact the IT Service Desk at 021 808 4367 or help@sun.ac.za.

 

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on What is the junk e-mail folder?

Latest WhatsApp hoax

Monday, January 9th, 2017

If you are a user of the popular chat app WhatsApp, you should be aware of the latest hoax that states that the chat service will soon start charging a fee.

Here is an example of the current hoax:

Tomorrow at 6 pm they are ending WhatsApp and you have to pay to open it, this is by law. 

This message is to inform all of our users, our servers have recently been very congested, so we are asking you to help us solve this problem. We require our active users to forward this message to each of the people in their contact list to confirm our active users using WhatsApp. 

If you do not send this message to all your contacts WhatsApp will start to charge you. 

The message is allegedly sent from Whatsapp’s chief executive officer – Jim Balsamic.

  1. The real CEO of WhatsApp is Jan Koum.
  2. WhatsApp publically declared that they’ll never charge users for the service. [ https://blog.whatsapp.com/615/Making-WhatsApp-free-and-more-useful ]

This isn’t the first time this sort of hoax has plagued the web – a similar message was sent around in 2013.

In some cases, it was reported that victims of this hoax were “tricked” into opening a legitimate-looking Word, Excel or PDF document attached to a WhatsApp message. The PDF attachment then downloaded malware to devices to steal personal information.

Another student reported that one message they received tried to persuade them to download a R200 Edgars voucher. In reality, the link simply installed cookies and a browser extension on their phone that flooded the phone with adverts.

Always be wary of messages with the following characteristics:

  1. The person sending the message claims to be associated with WhatsApp.
  2. The message contains instructions telling you to forward the message. (Use a bit of common sense here. According to this hoax message, WhatsApp servers are “very congested” and Jim Balsamic want you to add to the congestion by forwarding the message to all your WhatsApp contacts?)
  3. The message says you will suffer some sort of punishment, like account suspension, if you don’t follow the instructions.
  4. The message promises a reward or gift from Whatsapp or another party.
  5. Just because a message was forwarded to you by a friend or family member, doesn’t make it legitimate. (friends and family can be just as gullible as any other person)

[ARTICLE BY DAVID WILES]

Email

Tags: , ,
Posted in Security | Comments Off on Latest WhatsApp hoax

« Older Entries
Newer Entries »
 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.