%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> /XObject << /I1 12 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250619080224+00'00') /ModDate (D:20250619080224+00'00') /Title (Report 06-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Length 3910 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 233.675 521.469 513.059 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 234.050 520.719 512.309 re S 0.773 0.773 0.773 rg 61.016 249.425 m 550.984 249.425 l 550.984 250.175 l 61.016 250.175 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(NO, SARS DOESNT REALLY WANT TO GIVE YOU A REFUND AND )] TJ ET BT 61.016 676.134 Td /F1 14.4 Tf [(OTHER PHISHING TALES)] TJ ET 0.400 0.400 0.400 rg BT 61.016 647.326 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 647.326 Td /F3 9.0 Tf [(June 02,2013)] TJ ET BT 160.079 647.326 Td /F2 9.0 Tf [( by )] TJ ET BT 174.587 647.326 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 619.837 Td /F4 9.0 Tf [(Every year we send out literally dozens of warninge-mails, and continue to do so, )] TJ ET BT 61.016 608.848 Td /F4 9.0 Tf [(because despite the frequent warnings, people still get caught falling for these )] TJ ET BT 61.016 597.859 Td /F4 9.0 Tf [(tricks.)] TJ ET BT 61.016 577.870 Td /F4 9.0 Tf [(Take noteof the following scam from fraudsters claiming to be from SARS.)] TJ ET BT 61.016 566.881 Td /F4 9.0 Tf [()] TJ ET BT 61.016 555.892 Td /F4 9.0 Tf [(Emails are going out touniversity \(and private addresses\)seeminglycoming from )] TJ ET BT 61.016 544.903 Td /F4 9.0 Tf [(SARS informing them that they have a refund waiting for them. \(Wow! a tax )] TJ ET BT 61.016 533.914 Td /F4 9.0 Tf [(refund\) Clicking on the hyperlink in the email takes you to a fake e-filing site that )] TJ ET BT 61.016 522.925 Td /F4 9.0 Tf [(has hyperlinks for the four big South African banks and instructions to log on to your )] TJ ET BT 61.016 511.936 Td /F4 9.0 Tf [(Internet banking site for confirmation of your details. When you follow the Nedbank )] TJ ET BT 61.016 500.947 Td /F4 9.0 Tf [(link \(as an example\), you are taken to a copy of the Nedbank internet banking site )] TJ ET BT 61.016 489.958 Td /F4 9.0 Tf [(that asks for profile, pin and password. Supplying these takes you to a second page )] TJ ET BT 61.016 478.969 Td /F4 9.0 Tf [(that asks you for your mobile number. Submitting information on this page takes you )] TJ ET BT 61.016 467.980 Td /F4 9.0 Tf [(to a page that requests the reference number sent to your cellphone.)] TJ ET BT 61.016 456.991 Td /F4 9.0 Tf [()] TJ ET BT 61.016 446.002 Td /F4 9.0 Tf [(Do not authorise anycellphone message that comes through if you end up in the )] TJ ET BT 61.016 435.013 Td /F4 9.0 Tf [(above situation. Furthermore, do not click on any hyperlinks in emails or divulge )] TJ ET BT 61.016 424.024 Td /F4 9.0 Tf [(your account or mobile number details to anyone over the phone or via email.Banks )] TJ ET BT 61.016 413.035 Td /F4 9.0 Tf [(will never ask you to access internet banking through a link in an email, neither will )] TJ ET BT 61.016 402.046 Td /F4 9.0 Tf [(banks ever ask for your mobile number when you access internet banking.)] TJ ET BT 61.016 382.057 Td /F4 9.0 Tf [(Another particulary sneaky phishing attack surfaced today.)] TJ ET BT 61.016 362.068 Td /F4 9.0 Tf [(It comes from Linda Perez and has a subject line of Administrator \(Sorry for the inconvenience\))] TJ ET BT 61.016 342.079 Td /F4 9.0 Tf [(It asks you to contact the sender with your username and password so they can expand your mailbox manually)] TJ ET BT 61.016 322.090 Td /F4 9.0 Tf [(Of course this is a phishing attack, and you should never respond to such mails.)] TJ ET BT 61.016 302.101 Td /F4 9.0 Tf [(Do not respond, flag the sender as Junk Mail and delete the message.)] TJ ET BT 437.953 282.112 Td /F4 9.0 Tf [(ARTICLE BY DAVID WILES)] TJ ET 0.400 0.400 0.400 rg BT 61.016 263.623 Td /F2 9.0 Tf [(Posted in:E-mail,General,Security | Tagged:Phishing,Spam | With 0 comments)] TJ ET q 149.250 0 0 225.000 401.734 403.628 cm /I1 Do Q endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /XObject /Subtype /Image /Width 199 /Height 300 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 3351>> stream JFIF;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80 C   %# , #&')*)-0-(0%()(C   (((((((((((((((((((((((((((((((((((((((((((((((((((," }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?)(h((((JZ((((((J(h(JZ(((((JZ((J(h((((((((bIbIY]C) EQEQEQEQEQEQERR@Q@Q@Q@Q@Ck`+sƧ9z8ǧ~(s;;: ǘzp;߆k_l//r${aZQV ((()h 1EQEQEQEQERR@Q@_ĻtM=o,Ck1w?"9bOξ@>":fd%66CRƏhQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@UHg@3^S)ޣg&Wwx;S'c"d?'x4{QQ@Q@Q@Q@Q@Q@%-QEQEQEQE0n_?g8oPciSn?|\3b5 eU.ݧALhJ(QEQEQERR@ E-RR@ E-QEQ@ KER@%]-_7|;BHo-^#_ξݡ_o_6|6ٸ,LhBQKE%-PQKERQ@ F(J\QIM)2P \?PQ@()k:-V=(dzWΑ|?&f@h$!$:je.(b)(qF( ( ( ( ( tK5[Eo+D%qAB?Zͼ=pަim]aЏI4QE0 ( ( ()S▊vfXށWZ]?_/xh1 AS->*QEQEQE%PQKE%PWizȃ %i|$ʾ'kCzUמ$K8.a9hE>fQ@ E-R@_M|?t<5׭}AhIA*4nH@ nabDCG|ӜIrp WW>|7 ^0M~So4o" mcqtHAES((vX~b`i~*h)"X _Lƾg <ufcL-NФg*d4}7EfAEf ( (QIE-PIEdxgQbp<^2#$"{׈- jZX]@|H>3#v?rܤ}mE27YcY#`2AN J(hJ([3G̕FO{cZ< ;97~U^[o]&GR*~ x y\VϦ8݌褢BIE-RPIE-Q@hPEP_/nмO5ʗ[K=xnJo. Bj+x꺅A}?++ԏX_|KkVہ@cھy?M$1Z( )S(4z%QT ,l(f8W3C<eI YHSA>|NҢ{})ķ' Tiޥs,lԒ{64?prG$zEV9';t$XHP*X^ ѢkKy>s5B@4QE13EP(Z((Z((9/xMu-ˆo~G=3_4.ɻkU?%C+|OҾæMsF̉$l0U .=P>I!Լy{d+㶫TҬdlr?J{g b1%W5/o7{\+gge@#WZLj5^;)<&v-{ J^kNp~?v|9m7IU+.l5b/4|Oyi$R_EN |'}7?gbd>=E4 E-%PQKE%PQK( )( )(PE%.(((JZ((J(h(((((((((((((((((((8((((((b((Q@((1EPEPEPF( 1EQEb( endstream endobj xref 0 13 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000332 00000 n 0000000369 00000 n 0000000507 00000 n 0000000570 00000 n 0000004532 00000 n 0000004644 00000 n 0000004759 00000 n 0000004879 00000 n 0000004987 00000 n trailer << /Size 13 /Root 1 0 R /Info 5 0 R >> startxref 8506 %%EOF spam « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

spam

« Older Entries
Newer Entries »

Fake FNB e-mail being circulated

Monday, June 19th, 2017

Our week starts off with the latest spam e-mail, one from FNB requesting that you activate your card. Of course this isn’t legitimate, even if it looks fairly convincing. Note the :-) in the subject line. This alone should be a dead giveaway. No bank will (we hope) communicate with emoticons.

The link in the e-mail will lead you to a temporary file in your browser where you have to fill in your details.  Please ignore and delete this e-mail if you receive it. If you are a FNB customer and at any time, receive any e-mails you are not sure about, rather phone your bank directly and confirm.

If you receive any similar phishing e-mails, please forward then to sysadm@sun.ac.za as an attachment. This way we can add it to our spam filter and ensure no-one else receives them. 

See the example of the FNB e-mail below. (Malicious links were deactivated)

…………………………………………………………………………………………………………………………
Date: Thu, 15 Jun 2017 23:41:08 +0000
From: inContact <fakeaddress@fnb.co.za>
To: Recipients <fakeaddress@fnb.co.za>
Subject: FNB :-) Account Card Activation Request   16Jun 00:00
x-spam-score: -89.7 (—————————————————)

[– Attachment #1 –]
[– Type: text/plain, Encoding: base64, Size: 0.7K –]

Dear  Valued Card Holder,

As Directed by South African Credit Card Authorities, All card holders as advised to register their FNB cards on the new security platform to avoid your account from being compromised and also
+deactivated.

To reactivate your Credit / debit Card Kindly click on the below ATTACHED and follow instructions.

SEE ATTACHED TO REACTIVATE / REGISTER YOUR FNB CARD

*NOTE: Failure to do this will lead to suspension of your ATM Card.*

Copyright c 2017 Inter-Switch Limited

Thank you.
Administrator

………………………………………………………………………………………………………………………..

 

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on Fake FNB e-mail being circulated

Compromised student account used for phishing

Tuesday, April 18th, 2017

Just because mail seems to come from a university address, doesn’t mean to say that it is legitimate.

The latest phishing scam making its rounds at the university is being sent from a compromised student account. The subject line is all in capital letters and is meant to frighten you into clicking on a link and filling in your details. This is probably how the student account that is now sending it was originally compromised.

This is a typical phishing scam. Do not respond or click on any of the links. Many thanks to all the observant students who picked it up and pointed it out to us.

Below is an example of the mail (with the dangerous bits removed)

 

From: Compromised, Student account <12345678@sun.ac.za>
Sent: Monday, 17 April 2017 12:19 PM
To: fake@email.address
Subject: YOUR EMAIL ACCOUNT HAS BEEN COMPROMISED

 

Certify Your email HERE

[ARTICLE BY DAVID WILES]

Email

Tags: , ,
Posted in Security | Comments Off on Compromised student account used for phishing

Don’t Be Fooled. Protect Yourself and Your Identity

Wednesday, April 5th, 2017

According to the US Department of Justice, more than 17 million Americans were victims of identity theft in 2014. EDUCAUSE research shows that 21 percent of respondents to the annual ECAR student study have had an online account hacked, and 14 percent have had a computer, tablet, or smartphone stolen. Online fraud is an ongoing risk. The following tips can help you prevent identity theft.

  • Read your credit card, bank, and pay statements carefully each month. Look for unusual or unexpected transactions. Remember also to review recurring bill charges and other important personal account information.
  • Review your health insurance plan statements and claims. Look for unusual or unexpected transactions.
  • Shred it! Shred any documents with personal, financial, or medical information before you throw them away.
  • Take advantage of free annual credit reports. In South Africa TransUnion, Experian and CompuShare can provide these reports.
  • If a request for your personal info doesn’t feel right, do not feel obligated to respond! Legitimate companies won’t ask for personal information such as your ID number, password, or account number in a pop-up ad, e-mail, SMS, or unsolicited phone call.
  • Limit the personal information you share on social media. Also, check your privacy settings every time you update an application or operating system (or at least every few months).
  • Put a password on it. Protect your online accounts and mobile devices with strong, unique passwords or passphrases.
  • Limit use of public Wi-Fi. Be careful when using free Wi-Fi, which may not be secure. Do not access online banking information or other sensitive accounts from public Wi-Fi.
  • Secure your devices. Encrypt your hard drive, use a VPN, and ensure that your systems, apps, antivirus software, and plug-ins are up-to-date.

 

Email

Tags: , ,
Posted in Security | Comments Off on Don’t Be Fooled. Protect Yourself and Your Identity

What is the junk e-mail folder?

Tuesday, February 28th, 2017

Just before the weekend, we became aware of a particularly intrusive and persistent phishing attack. An e-mail, seemingly from Standard Bank, was distributed from a staff member’s e-mail account after being hacked.

In order to prevent the attack from causing more damage to other e-mail users, stricter spam filter measures had to be implemented over the weekend. After this time period, the filter was reset to its default.

These measures caused some e-mails that weren’t spam, to divert to Outlook’s Junk Mail folder. They were not deleted, but they weren’t visible in inboxes.

Even though it is advisable that you occasionally check your Junk mail folder, it seems some staff aren’t familiar with the folder or it’s function.

The Microsoft Outlook Junk E-mail Filter helps reduce unwanted email messages in your Inbox. Junk e-mail, also known as spam, is moved by the filter away to the Junk E-mail folder.

How the Junk E-mail filter works

The Junk E-mail Filter evaluates each incoming message to assess whether it might be spam, based on several factors. These can include the time when the message was sent and the content of the message. By default, the Junk E-mail Filter is turned on and the protection level is set to Low. This level catches only the most obvious spam. You can make the filter more aggressive by changing the level of protection that it provides.

You can adjust the Junk E-mail Filter settings in the Junk E-mail Options dialogue box.

  • On the Home tab, in the Delete group, click Junk, and then click Junk E-mail Options.

Any message that is suspected to be junk is moved to the Junk E-mail folder. We recommend that you periodically review the messages in the Junk E-mail folder to check for legitimate messages that were incorrectly classified as junk. If you find a message that isn’t junk, drag them back to the Inbox or to any folder. You can also mark the item as not junk by doing the following:

  • On the Home tab, in the Delete group, click Junk, and then click Not Junk.

More detailed instructions can be found on the Office365 Knowledgebase and on Microsoft’s website.

We apologise for the inconvenience and confusion caused by these emergency measures. If you have any questions, please contact the IT Service Desk at 021 808 4367 or help@sun.ac.za.

 

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on What is the junk e-mail folder?

Latest WhatsApp hoax

Monday, January 9th, 2017

If you are a user of the popular chat app WhatsApp, you should be aware of the latest hoax that states that the chat service will soon start charging a fee.

Here is an example of the current hoax:

Tomorrow at 6 pm they are ending WhatsApp and you have to pay to open it, this is by law. 

This message is to inform all of our users, our servers have recently been very congested, so we are asking you to help us solve this problem. We require our active users to forward this message to each of the people in their contact list to confirm our active users using WhatsApp. 

If you do not send this message to all your contacts WhatsApp will start to charge you. 

The message is allegedly sent from Whatsapp’s chief executive officer – Jim Balsamic.

  1. The real CEO of WhatsApp is Jan Koum.
  2. WhatsApp publically declared that they’ll never charge users for the service. [ https://blog.whatsapp.com/615/Making-WhatsApp-free-and-more-useful ]

This isn’t the first time this sort of hoax has plagued the web – a similar message was sent around in 2013.

In some cases, it was reported that victims of this hoax were “tricked” into opening a legitimate-looking Word, Excel or PDF document attached to a WhatsApp message. The PDF attachment then downloaded malware to devices to steal personal information.

Another student reported that one message they received tried to persuade them to download a R200 Edgars voucher. In reality, the link simply installed cookies and a browser extension on their phone that flooded the phone with adverts.

Always be wary of messages with the following characteristics:

  1. The person sending the message claims to be associated with WhatsApp.
  2. The message contains instructions telling you to forward the message. (Use a bit of common sense here. According to this hoax message, WhatsApp servers are “very congested” and Jim Balsamic want you to add to the congestion by forwarding the message to all your WhatsApp contacts?)
  3. The message says you will suffer some sort of punishment, like account suspension, if you don’t follow the instructions.
  4. The message promises a reward or gift from Whatsapp or another party.
  5. Just because a message was forwarded to you by a friend or family member, doesn’t make it legitimate. (friends and family can be just as gullible as any other person)

[ARTICLE BY DAVID WILES]

Email

Tags: , ,
Posted in Security | Comments Off on Latest WhatsApp hoax

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.