%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250706072508+00'00') /ModDate (D:20250706072508+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R 16 0 R 18 0 R 20 0 R 22 0 R 24 0 R 26 0 R 28 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 6543 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 153.302 521.469 593.432 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 153.677 520.719 592.682 re S 0.773 0.773 0.773 rg 61.016 169.052 m 550.984 169.052 l 550.984 169.802 l 61.016 169.802 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(E-MAIL SCAM WITH SUBJECT: “MORNING”)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(January 01,1970)] TJ ET BT 173.588 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 188.096 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(It seems that scammers are now attempting to use student e-mail addresses to send out spam. )] TJ ET BT 61.016 617.431 Td /F4 9.0 Tf [(If you get mail with the subject of )] TJ ET BT 194.081 617.431 Td /F1 9.0 Tf [(“morning”)] TJ ET BT 239.081 617.431 Td /F4 9.0 Tf [(, supposedly coming from a student account \()] TJ ET 0.373 0.169 0.255 rg BT 420.665 617.431 Td /F4 9.0 Tf [(studentnumber@sun.ac.za)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 420.665 616.280 m 528.350 616.280 l S 0.153 0.153 0.153 rg BT 528.350 617.431 Td /F4 9.0 Tf [(\) )] TJ ET BT 61.016 606.442 Td /F4 9.0 Tf [(with the following content, please ignore and delete it.)] TJ ET BT 61.016 586.453 Td /F3 9.0 Tf [(“)] TJ ET BT 65.516 586.453 Td /F3 9.0 Tf [(We are conducting a  standard process investigation involving a late client who  shares the same surname with )] TJ ET BT 61.016 575.464 Td /F3 9.0 Tf [(you and also the circumstances surrounding investments made by this client.Are you aware of  any )] TJ ET BT 61.016 564.475 Td /F3 9.0 Tf [(relative/relation having the same surname? Send email to:)] TJ ET 0.373 0.169 0.255 rg BT 310.100 564.475 Td /F3 9.0 Tf [(scammer@scam.com)] TJ ET 0.18 w 0 J [ ] 0 d 310.100 563.045 m 402.413 563.045 l S 0.153 0.153 0.153 rg BT 402.413 564.475 Td /F3 9.0 Tf [(”)] TJ ET BT 61.016 544.486 Td /F4 9.0 Tf [(This is a typical Nigerian 419 Advance Fee scam. Do not respond to this mail. The scammers just want to see who will )] TJ ET BT 61.016 533.497 Td /F4 9.0 Tf [(respond so they can con you out of some money.)] TJ ET BT 61.016 513.508 Td /F4 9.0 Tf [(A reminder again of how to correctly report spam and phishing scams:)] TJ ET BT 61.016 493.519 Td /F4 9.0 Tf [(Send the spam/phishing mail to the following addresses: )] TJ ET 0.373 0.169 0.255 rg BT 61.016 473.530 Td /F4 9.0 Tf [(help@sun.ac.za )] TJ ET 0.18 w 0 J [ ] 0 d 61.016 472.379 m 128.183 472.379 l S 0.153 0.153 0.153 rg BT 128.183 473.530 Td /F4 9.0 Tf [(and )] TJ ET 0.373 0.169 0.255 rg BT 145.697 473.530 Td /F4 9.0 Tf [(sysadm@sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 145.697 472.379 m 224.357 472.379 l S 0.153 0.153 0.153 rg BT 224.357 473.530 Td /F4 9.0 Tf [(.)] TJ ET BT 61.016 453.541 Td /F4 9.0 Tf [( Attach the phishing or suspicious mail on to the message if possible. There is a good tutorial on how to do this at the )] TJ ET BT 61.016 442.552 Td /F4 9.0 Tf [(following link \(which is safe\): )] TJ ET 0.373 0.169 0.255 rg BT 177.044 442.552 Td /F4 9.0 Tf [(http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Spam%20sysadmin%20Eng.aspx)] TJ ET 0.18 w 0 J [ ] 0 d 177.044 441.401 m 545.207 441.401 l S 0.153 0.153 0.153 rg BT 78.360 422.579 Td /F4 9.0 Tf [(1.)] TJ ET BT 91.016 422.563 Td /F4 9.0 Tf [(Start up a new mail addressed to )] TJ ET 0.373 0.169 0.255 rg BT 225.080 422.563 Td /F4 9.0 Tf [(sysadm@sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 225.080 421.412 m 303.740 421.412 l S 0.153 0.153 0.153 rg BT 303.740 422.563 Td /F4 9.0 Tf [( \(CC: )] TJ ET 0.373 0.169 0.255 rg BT 327.239 422.563 Td /F4 9.0 Tf [(help@sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 327.239 421.412 m 391.904 421.412 l S 0.153 0.153 0.153 rg BT 391.904 422.563 Td /F4 9.0 Tf [(\))] TJ ET BT 78.360 411.590 Td /F4 9.0 Tf [(2.)] TJ ET BT 91.016 411.574 Td /F4 9.0 Tf [(Use the Title “SPAM” )] TJ ET BT 178.037 411.574 Td /F2 9.0 Tf [(\(without quotes\))] TJ ET BT 242.063 411.574 Td /F4 9.0 Tf [( in the Subject.)] TJ ET BT 78.360 400.601 Td /F4 9.0 Tf [(3.)] TJ ET BT 91.016 400.585 Td /F4 9.0 Tf [(With this New Mail window open, drag the suspicious spam/phishing mail from your Inbox into the New Mail )] TJ ET BT 91.016 389.596 Td /F4 9.0 Tf [(Window. It will attach the mail as an enclosure and a small icon with a light yellow envelope will appear in the )] TJ ET BT 91.016 378.607 Td /F4 9.0 Tf [(attachments section of the New Mail.)] TJ ET BT 78.360 367.634 Td /F4 9.0 Tf [(4.)] TJ ET BT 91.016 367.618 Td /F4 9.0 Tf [(Send the mail.)] TJ ET BT 61.016 347.629 Td /F4 9.0 Tf [(IF YOU HAVE FALLEN FOR THE SCAM:)] TJ ET 0.153 0.153 0.153 RG 0.18 w 0 J [ ] 0 d 61.016 346.478 m 227.552 346.478 l S BT 61.016 327.640 Td /F4 9.0 Tf [(If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and )] TJ ET BT 61.016 316.651 Td /F4 9.0 Tf [(password you should immediately go to )] TJ ET 0.373 0.169 0.255 rg BT 221.081 316.651 Td /F4 9.0 Tf [(http://www.sun.ac.za/useradm)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 221.081 315.500 m 341.627 315.500 l S 0.153 0.153 0.153 rg BT 341.627 316.651 Td /F4 9.0 Tf [( and change the passwords on ALL your university )] TJ ET BT 61.016 305.662 Td /F4 9.0 Tf [(accounts \(making sure the new password is completely different, and is a strong password that will not be easily )] TJ ET BT 61.016 294.673 Td /F4 9.0 Tf [(guessed.\) as well as changing the passwords on your social media and private e-mail accounts \(especially if you use the )] TJ ET BT 61.016 283.684 Td /F4 9.0 Tf [(same passwords on these accounts.\))] TJ ET BT 61.016 263.695 Td /F4 9.0 Tf [(IT has set up a website page with useful information on how to report and combat phishing and spam. The address is: )] TJ ET 0.373 0.169 0.255 rg BT 61.016 252.706 Td /F4 9.0 Tf [(http://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 251.555 m 357.647 251.555 l S 0.153 0.153 0.153 rg BT 61.016 232.717 Td /F4 9.0 Tf [(As you can see the address has a sun.ac.za at the end of the domain name, so it is legitimate. We suggest bookmarking )] TJ ET BT 61.016 221.728 Td /F4 9.0 Tf [(this.)] TJ ET BT 458.968 201.739 Td /F4 9.0 Tf [([Article by David Wiles])] TJ ET 0.400 0.400 0.400 rg BT 61.016 183.250 Td /F2 9.0 Tf [(Posted in:E-mail,Security | Tagged:Cyber Security,Spam | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 420.6647 616.5982 528.3497 625.7557 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (mailto:studentnumber@sun.ac.za) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 310.0997 563.6422 402.4127 572.7997 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (mailto:phishing@e-mail.address) >> endobj 16 0 obj << /Type /Annot /Subtype /Link /A 17 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 472.6972 128.1827 481.8547 ] >> endobj 17 0 obj << /Type /Action /S /URI /URI (mailto:help@sun.ac.za) >> endobj 18 0 obj << /Type /Annot /Subtype /Link /A 19 0 R /Border [0 0 0] /H /I /Rect [ 145.6967 472.6972 224.3567 481.8547 ] >> endobj 19 0 obj << /Type /Action /S /URI /URI (mailto:sysadm@sun.ac.za) >> endobj 20 0 obj << /Type /Annot /Subtype /Link /A 21 0 R /Border [0 0 0] /H /I /Rect [ 177.0437 441.7192 545.2067 450.8767 ] >> endobj 21 0 obj << /Type /Action /S /URI /URI (http://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki Pages/Spam sysadmin Eng.aspx) >> endobj 22 0 obj << /Type /Annot /Subtype /Link /A 23 0 R /Border [0 0 0] /H /I /Rect [ 225.0797 421.7302 303.7397 430.8877 ] >> endobj 23 0 obj << /Type /Action /S /URI /URI (mailto:sysadm@sun.ac.za) >> endobj 24 0 obj << /Type /Annot /Subtype /Link /A 25 0 R /Border [0 0 0] /H /I /Rect [ 327.2387 421.7302 391.9037 430.8877 ] >> endobj 25 0 obj << /Type /Action /S /URI /URI (mailto:help@sun.ac.za) >> endobj 26 0 obj << /Type /Annot /Subtype /Link /A 27 0 R /Border [0 0 0] /H /I /Rect [ 221.0807 315.8182 341.6267 324.9757 ] >> endobj 27 0 obj << /Type /Action /S /URI /URI (http://www.sun.ac.za/useradm) >> endobj 28 0 obj << /Type /Annot /Subtype /Link /A 29 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 251.8732 357.6467 261.0307 ] >> endobj 29 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/en/2017/11/reporting-spam-malware-and-phishing/) >> endobj xref 0 30 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000305 00000 n 0000000334 00000 n 0000000472 00000 n 0000000610 00000 n 0000007205 00000 n 0000007317 00000 n 0000007432 00000 n 0000007552 00000 n 0000007660 00000 n 0000007788 00000 n 0000007870 00000 n 0000007998 00000 n 0000008080 00000 n 0000008207 00000 n 0000008280 00000 n 0000008408 00000 n 0000008483 00000 n 0000008611 00000 n 0000008742 00000 n 0000008870 00000 n 0000008945 00000 n 0000009073 00000 n 0000009146 00000 n 0000009274 00000 n 0000009354 00000 n 0000009481 00000 n trailer << /Size 30 /Root 1 0 R /Info 5 0 R >> startxref 9606 %%EOF spam « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

spam

« Older Entries
Newer Entries »

Fake FNB e-mail being circulated

Monday, June 19th, 2017

Our week starts off with the latest spam e-mail, one from FNB requesting that you activate your card. Of course this isn’t legitimate, even if it looks fairly convincing. Note the :-) in the subject line. This alone should be a dead giveaway. No bank will (we hope) communicate with emoticons.

The link in the e-mail will lead you to a temporary file in your browser where you have to fill in your details.  Please ignore and delete this e-mail if you receive it. If you are a FNB customer and at any time, receive any e-mails you are not sure about, rather phone your bank directly and confirm.

If you receive any similar phishing e-mails, please forward then to sysadm@sun.ac.za as an attachment. This way we can add it to our spam filter and ensure no-one else receives them. 

See the example of the FNB e-mail below. (Malicious links were deactivated)

…………………………………………………………………………………………………………………………
Date: Thu, 15 Jun 2017 23:41:08 +0000
From: inContact <fakeaddress@fnb.co.za>
To: Recipients <fakeaddress@fnb.co.za>
Subject: FNB :-) Account Card Activation Request   16Jun 00:00
x-spam-score: -89.7 (—————————————————)

[– Attachment #1 –]
[– Type: text/plain, Encoding: base64, Size: 0.7K –]

Dear  Valued Card Holder,

As Directed by South African Credit Card Authorities, All card holders as advised to register their FNB cards on the new security platform to avoid your account from being compromised and also
+deactivated.

To reactivate your Credit / debit Card Kindly click on the below ATTACHED and follow instructions.

SEE ATTACHED TO REACTIVATE / REGISTER YOUR FNB CARD

*NOTE: Failure to do this will lead to suspension of your ATM Card.*

Copyright c 2017 Inter-Switch Limited

Thank you.
Administrator

………………………………………………………………………………………………………………………..

 

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on Fake FNB e-mail being circulated

Compromised student account used for phishing

Tuesday, April 18th, 2017

Just because mail seems to come from a university address, doesn’t mean to say that it is legitimate.

The latest phishing scam making its rounds at the university is being sent from a compromised student account. The subject line is all in capital letters and is meant to frighten you into clicking on a link and filling in your details. This is probably how the student account that is now sending it was originally compromised.

This is a typical phishing scam. Do not respond or click on any of the links. Many thanks to all the observant students who picked it up and pointed it out to us.

Below is an example of the mail (with the dangerous bits removed)

 

From: Compromised, Student account <12345678@sun.ac.za>
Sent: Monday, 17 April 2017 12:19 PM
To: fake@email.address
Subject: YOUR EMAIL ACCOUNT HAS BEEN COMPROMISED

 

Certify Your email HERE

[ARTICLE BY DAVID WILES]

Email

Tags: , ,
Posted in Security | Comments Off on Compromised student account used for phishing

Don’t Be Fooled. Protect Yourself and Your Identity

Wednesday, April 5th, 2017

According to the US Department of Justice, more than 17 million Americans were victims of identity theft in 2014. EDUCAUSE research shows that 21 percent of respondents to the annual ECAR student study have had an online account hacked, and 14 percent have had a computer, tablet, or smartphone stolen. Online fraud is an ongoing risk. The following tips can help you prevent identity theft.

  • Read your credit card, bank, and pay statements carefully each month. Look for unusual or unexpected transactions. Remember also to review recurring bill charges and other important personal account information.
  • Review your health insurance plan statements and claims. Look for unusual or unexpected transactions.
  • Shred it! Shred any documents with personal, financial, or medical information before you throw them away.
  • Take advantage of free annual credit reports. In South Africa TransUnion, Experian and CompuShare can provide these reports.
  • If a request for your personal info doesn’t feel right, do not feel obligated to respond! Legitimate companies won’t ask for personal information such as your ID number, password, or account number in a pop-up ad, e-mail, SMS, or unsolicited phone call.
  • Limit the personal information you share on social media. Also, check your privacy settings every time you update an application or operating system (or at least every few months).
  • Put a password on it. Protect your online accounts and mobile devices with strong, unique passwords or passphrases.
  • Limit use of public Wi-Fi. Be careful when using free Wi-Fi, which may not be secure. Do not access online banking information or other sensitive accounts from public Wi-Fi.
  • Secure your devices. Encrypt your hard drive, use a VPN, and ensure that your systems, apps, antivirus software, and plug-ins are up-to-date.

 

Email

Tags: , ,
Posted in Security | Comments Off on Don’t Be Fooled. Protect Yourself and Your Identity

What is the junk e-mail folder?

Tuesday, February 28th, 2017

Just before the weekend, we became aware of a particularly intrusive and persistent phishing attack. An e-mail, seemingly from Standard Bank, was distributed from a staff member’s e-mail account after being hacked.

In order to prevent the attack from causing more damage to other e-mail users, stricter spam filter measures had to be implemented over the weekend. After this time period, the filter was reset to its default.

These measures caused some e-mails that weren’t spam, to divert to Outlook’s Junk Mail folder. They were not deleted, but they weren’t visible in inboxes.

Even though it is advisable that you occasionally check your Junk mail folder, it seems some staff aren’t familiar with the folder or it’s function.

The Microsoft Outlook Junk E-mail Filter helps reduce unwanted email messages in your Inbox. Junk e-mail, also known as spam, is moved by the filter away to the Junk E-mail folder.

How the Junk E-mail filter works

The Junk E-mail Filter evaluates each incoming message to assess whether it might be spam, based on several factors. These can include the time when the message was sent and the content of the message. By default, the Junk E-mail Filter is turned on and the protection level is set to Low. This level catches only the most obvious spam. You can make the filter more aggressive by changing the level of protection that it provides.

You can adjust the Junk E-mail Filter settings in the Junk E-mail Options dialogue box.

  • On the Home tab, in the Delete group, click Junk, and then click Junk E-mail Options.

Any message that is suspected to be junk is moved to the Junk E-mail folder. We recommend that you periodically review the messages in the Junk E-mail folder to check for legitimate messages that were incorrectly classified as junk. If you find a message that isn’t junk, drag them back to the Inbox or to any folder. You can also mark the item as not junk by doing the following:

  • On the Home tab, in the Delete group, click Junk, and then click Not Junk.

More detailed instructions can be found on the Office365 Knowledgebase and on Microsoft’s website.

We apologise for the inconvenience and confusion caused by these emergency measures. If you have any questions, please contact the IT Service Desk at 021 808 4367 or help@sun.ac.za.

 

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on What is the junk e-mail folder?

Latest WhatsApp hoax

Monday, January 9th, 2017

If you are a user of the popular chat app WhatsApp, you should be aware of the latest hoax that states that the chat service will soon start charging a fee.

Here is an example of the current hoax:

Tomorrow at 6 pm they are ending WhatsApp and you have to pay to open it, this is by law. 

This message is to inform all of our users, our servers have recently been very congested, so we are asking you to help us solve this problem. We require our active users to forward this message to each of the people in their contact list to confirm our active users using WhatsApp. 

If you do not send this message to all your contacts WhatsApp will start to charge you. 

The message is allegedly sent from Whatsapp’s chief executive officer – Jim Balsamic.

  1. The real CEO of WhatsApp is Jan Koum.
  2. WhatsApp publically declared that they’ll never charge users for the service. [ https://blog.whatsapp.com/615/Making-WhatsApp-free-and-more-useful ]

This isn’t the first time this sort of hoax has plagued the web – a similar message was sent around in 2013.

In some cases, it was reported that victims of this hoax were “tricked” into opening a legitimate-looking Word, Excel or PDF document attached to a WhatsApp message. The PDF attachment then downloaded malware to devices to steal personal information.

Another student reported that one message they received tried to persuade them to download a R200 Edgars voucher. In reality, the link simply installed cookies and a browser extension on their phone that flooded the phone with adverts.

Always be wary of messages with the following characteristics:

  1. The person sending the message claims to be associated with WhatsApp.
  2. The message contains instructions telling you to forward the message. (Use a bit of common sense here. According to this hoax message, WhatsApp servers are “very congested” and Jim Balsamic want you to add to the congestion by forwarding the message to all your WhatsApp contacts?)
  3. The message says you will suffer some sort of punishment, like account suspension, if you don’t follow the instructions.
  4. The message promises a reward or gift from Whatsapp or another party.
  5. Just because a message was forwarded to you by a friend or family member, doesn’t make it legitimate. (friends and family can be just as gullible as any other person)

[ARTICLE BY DAVID WILES]

Email

Tags: , ,
Posted in Security | Comments Off on Latest WhatsApp hoax

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.