%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250702004512+00'00') /ModDate (D:20250702004512+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 4415 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 324.884 521.469 421.850 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 325.259 520.719 421.100 re S 0.773 0.773 0.773 rg 61.016 340.634 m 550.984 340.634 l 550.984 341.384 l 61.016 341.384 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(HOW DO I REPORT PHISHING?)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(May 10,2021)] TJ ET BT 156.578 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 171.086 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(You've received a suspicious email, what should you do with it? Firstly, don't click on any links. But just as important, send )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(it to us so we can prevent more staff and students falling prey to the scam. We encourage our customers to submit )] TJ ET BT 61.016 615.442 Td /F4 9.0 Tf [(potential phishing examples for review. Using these submissions, the Cyber Security Incident Response Team \(CSIRT\) )] TJ ET BT 61.016 604.453 Td /F4 9.0 Tf [(can learn from the analysis of these messages. This collectively helps to improve the level of virus and spam detection.)] TJ ET BT 61.016 584.464 Td /F1 9.0 Tf [(What is phishing?)] TJ ET BT 61.016 564.475 Td /F4 9.0 Tf [(Phishing attacks are designed to steal a person’s login and password details so that the cyber criminal can assume control )] TJ ET BT 61.016 553.486 Td /F4 9.0 Tf [(of the victim’s social network, email, and online bank accounts. Seventy percent of internet users choose the same )] TJ ET BT 61.016 542.497 Td /F4 9.0 Tf [(password for almost every web service they use. This is why phishing is so effective, as the criminal, by using the same )] TJ ET BT 61.016 531.508 Td /F4 9.0 Tf [(login details, can access multiple private accounts and manipulate them for their own good. )] TJ ET 0.373 0.169 0.255 rg BT 61.016 511.519 Td /F4 9.0 Tf [(More on how to recognise a phishing email. )] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 61.016 510.368 m 237.092 510.368 l S 0.200 0.200 0.200 rg BT 61.016 488.892 Td /F1 11.7 Tf [(REPORT PHISHING)] TJ ET 0.153 0.153 0.153 rg BT 61.016 468.244 Td /F1 9.0 Tf [(On the ICT Partner Portal:)] TJ ET 0.153 0.153 0.153 RG 85.866 451.071 m 85.866 451.483 85.696 451.893 85.404 452.185 c 85.113 452.476 84.703 452.646 84.291 452.646 c 83.878 452.646 83.469 452.476 83.177 452.185 c 82.885 451.893 82.716 451.483 82.716 451.071 c 82.716 450.659 82.885 450.249 83.177 449.957 c 83.469 449.666 83.878 449.496 84.291 449.496 c 84.703 449.496 85.113 449.666 85.404 449.957 c 85.696 450.249 85.866 450.659 85.866 451.071 c f BT 91.016 448.255 Td /F4 9.0 Tf [(Go to )] TJ ET 0.373 0.169 0.255 rg BT 115.532 448.255 Td /F4 9.0 Tf [(https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 115.532 447.104 m 412.649 447.104 l S 0.153 0.153 0.153 rg 0.153 0.153 0.153 RG 85.866 440.082 m 85.866 440.494 85.696 440.904 85.404 441.196 c 85.113 441.487 84.703 441.657 84.291 441.657 c 83.878 441.657 83.469 441.487 83.177 441.196 c 82.885 440.904 82.716 440.494 82.716 440.082 c 82.716 439.670 82.885 439.260 83.177 438.968 c 83.469 438.677 83.878 438.507 84.291 438.507 c 84.703 438.507 85.113 438.677 85.404 438.968 c 85.696 439.260 85.866 439.670 85.866 440.082 c f BT 91.016 437.266 Td /F4 9.0 Tf [(Fill in your information and add the email as an attachment. Your request will automatically be logged on the )] TJ ET BT 91.016 426.277 Td /F4 9.0 Tf [(system.?)] TJ ET BT 61.016 406.288 Td /F1 9.0 Tf [(*Spam or phishing examples must be sent in either.EML or .MSG format as an attachment and must not be )] TJ ET BT 61.016 395.299 Td /F1 9.0 Tf [(forwarded. This ensures the original email can be analysed with its full Internet message headers intact. )] TJ ET BT 61.016 384.310 Td /F4 9.0 Tf [(Alternatively, use the mail application to save the email \(usually located under File | Save As\) as an .EML or .MSG format )] TJ ET BT 61.016 373.321 Td /F4 9.0 Tf [(to a folder location, and attach the saved file to a new email.)] TJ ET 0.400 0.400 0.400 rg BT 61.016 354.832 Td /F2 9.0 Tf [(Posted in:Phishing,Security,Tips | Tagged:Malware,Phishing,Report Phishing,Report Spam,Spam | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 510.6862 237.0917 519.8437 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/en/2016/10/how-to-recognise-a-phishing-e-mail/) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 115.5317 447.4225 412.6487 456.5800 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115) >> endobj xref 0 16 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000305 00000 n 0000000334 00000 n 0000000472 00000 n 0000000561 00000 n 0000005028 00000 n 0000005140 00000 n 0000005255 00000 n 0000005375 00000 n 0000005483 00000 n 0000005610 00000 n 0000005734 00000 n 0000005862 00000 n trailer << /Size 16 /Root 1 0 R /Info 5 0 R >> startxref 5989 %%EOF spam « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

spam

« Older Entries
Newer Entries »

No, SARS doesn’t really want to give you a refund and other phishing tales

Wednesday, February 6th, 2013

Every year we send out literally dozens of warning e-mails, and continue to do so, because despite the frequent warnings, people  still get caught falling for these tricks. 

Take note of the following scam from fraudsters claiming to be from SARS.
 
Emails are going out to university (and private addresses) seemingly coming from “SARS” informing them that they have a refund waiting for them.  (Wow! a tax refund) Clicking on the hyperlink in the email takes you to a fake “e-filing” site that has hyperlinks for the four big South African banks and instructions to log on to your Internet banking site for “confirmation of your details”.  When you follow the Nedbank link (as an example), you are taken to a copy of the Nedbank internet banking site that asks for profile, pin and password.  Supplying these takes you to a second page that asks you for your mobile number.  Submitting information on this page takes you to a page that requests the reference number sent to your cellphone.
 
Do not authorise any cellphone message that comes through if you end up in the above situation.  Furthermore, do not click on any hyperlinks in emails or divulge your account or mobile number details to anyone over the phone or via email.  Banks will never ask you to access internet banking through a link in an email, neither will banks ever ask for your mobile number when you access internet banking.

Another particulary sneaky phishing attack surfaced today. 

It comes from “Linda Perez” and has a subject line of “Administrator (Sorry for the inconvenience)” 

It asks you to contact the “sender” with your username and password so they can “expand your mailbox manually” 

Of course this is a phishing attack, and you should never respond to such mails. 

Do not respond, flag the sender as Junk Mail and delete the message.

ARTICLE BY DAVID WILES

Email

Tags: ,
Posted in E-mail, General, Security | Comments Off on No, SARS doesn’t really want to give you a refund and other phishing tales

Vaccinate your pc

Friday, November 9th, 2012

Every year you have to go to your doctor to get an anti-flu injection. You have to get one every year because the influenza virus mutates and adapts every year into a new strain. Computer viruses are exactly the same! Here are a few handy tips and hints to ensure the whole process is as painless as possible. But first things first –

  • Use an AntiVirus Software – It is very important that your computer has an antivirus software running on your machine. By having an antivirus program running, files and emails will be scanned as you use them, download them, or open them. If a virus is found in one of the items you are about to use, the antivirus program will stop you from being able to run that program and therefore infect yourself.

See this link for a listing of some online/stand-alone antivirus programs: Virus, Spyware, and Malware Protection and Removal Resources

  • Update your AntiVirus Software –  There is no point running an antivirus program if you do not make sure it has all the latest updates available to it. If you do not update the software, it will not know about any new viruses, trojans, worms, etc that have been released into the wild since you installed the program. Then if a new infection appears in your computer, the antivirus program will not know that it is bad, and not alert you when you run it and become infected. Therefore it is imperative that you update your Antivirus software at least once a week (Even more if you wish) so that you are protected from all the latest threats. If you are lucky then you will have an anti-virus product that will update itself automatically via the internet, but never blindly trust this. A large number of the more virulent viruses and trojans can deactivate your anti-virus software’s updating functions.
  • Install an Anti-Spyware Program – Just as you installed and use an antivirus program, it is essential these days to use a Spyware protection and removal program. These programs can be used to scan your computer for spyware, dialers, browser hijackers, and other programs that are malicious in nature. The 4 program that I recommend are SuperAnti-Spyware, Spybot – Search and Destroy, andLavasoft’s Ad-Aware, and Windows Defender.A tutorial on using some of these programs can be found below:

Using Spybot – Search & Destroy to remove Spyware , Malware, and Hijackers

Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer

  • Commercial Spyware Removal/Protection Programs – If you feel more comfortable installing a commercial Spyware removal program then I recommend WebRoot’s Spysweeper or Lavasoft’s Ad-Aware Professional. Both are fair products and a worthy addition to the arsenal of software protecting your computer.

Spysweeper Product Information

  • Occasionally Run Online Virus Scans – Unfortunately not all antivirus programs are created equal. Each program may find infections that other antivirus programs do not and vice-versa. It is therefore recommended that you occasionally run some free online antivirus scanners to make sure that you are not infected with items that your particular antivirus program does not know how to find. Three online scanners that we recommend are:

Every once in a while, maybe once every 2 weeks, run one or both of these scanners to see if they find anything that may have been missed by your locally installed antivirus software. Believe me, you will not regret it!

ARTICLE BY David Wiles, GERGA

For regular updates on the latest spam, malware and ransomware threats, please check or blog regularly.

Email

Tags: , , , ,
Posted in General, Security | Comments Off on Vaccinate your pc

Scam: Cancellation Of Debit Order (Absa)

Monday, October 29th, 2012

Please note the following phishing scam: These scams are becoming far more fine-tuned to South African victims and especially university accounts. Earlier this month there was a specific scam using Alexander-Forbes as a means to attack, Alexander-Forbes being the university’s preferred consultant for insurance, medical aid consultancy etc. Barely a week later Virgin Active’s name was used to attempt to scam university personnel. This week it is the turn of Outsurance. The e-mails are virtually identical, only the names and the servers in the background change, but you should be able to see that they are homing more and more to South African users, which tells me one thing that either they are getting this information from South African victims or these scamming operations are South-African based.   Here is an expurgated version of the scam. Please take note and be very careful!  From: Absa [mailto:ibt@onlinedata.co.za] Sent: 29 October 2012 01:46 PM To: Name <university_email@address.goes.here> Subject: Cancellation Of Debit Order(Absa) Dear Customer, We received a Debit Order alert on your account this morning from Outsurance Insurance Company to deduct the sum of R3150.00 from your account. If you don’t want to authorized this Debit Order you can cancel by following the instruction below. Click below to Cancel the Debit Order on your profile. You will receive a message on your cellphone with a link, type in the last Eight digit RVN on the SMS message to complete the cancellation. click here to Cancel. . Regards, Security Department

(INFORMATION SUPPLIED BY DAVID WILES)

Email

Tags: , ,
Posted in E-mail, Security | Comments Off on Scam: Cancellation Of Debit Order (Absa)

Spam – not just processed meat

Friday, September 14th, 2012

Spam, or junk mail is defined as identical, disruptive e-emails sent to a large amount of e-mail or cellphone users.  When a receiver clicks on one of the links in the message, he/she is diverted to a phishing website or websites containing malware.  Spam e-mails can also contain hidden malware scripts. The opposite of spam is, believe it or not, ham. In other words e-mails you WANT to receive.

The origin of the meaning of spam in this context, can be laid at the feet of the obscure British comedians known as Monty Python. In a 1970 sketch a group of Vikings in a restaurant starts chanting the word “spam” so incessantly that no-one else can have a conversation. Click here if you’d like to see the original Monty Python sketch where the word “spam” is mentioned 132 keer times in a mere three and a half minutes.

Even Google is amused by die word. The company once hid a surprise in their gmail users’ spam folder. When you clicked on your Spam folder, a webclip containing a variety of recipes for the original variety of spam. Amongst others recipes for  “Spam Primavera”, “Spam Swiss Pie”, “Creamy Spam Broccoli Casserole” and “Spam Veggie Pita Pockets”. The first spam was sent on 3 May 1978 to advertise a new computer system. It was sent to 600 ARPANET users and all 600 names were typed in by hand from a printed document. You can read the original e-mail here.

It is estimated that, from August 2010, 200 billion spam messages are sent per day. Lucky for Stellenbosch campus users, we have a fairly strict spam filer and huge amounts of spam bypass your inbox every day. If you still receive unnecessary spam, there are ways to decrease it even more. If it makes you feel any better though – according to Steve Ballmer, Microsoft CEO, Bill Gates receives four million e-mails a year and most of it’s spam.

SOURCES: http://blog.emailaddressmanager.com, http://mashable.com & www.wikipedia.org

Email

Tags: , ,
Posted in E-mail, General, Security | Comments Off on Spam – not just processed meat

Spyware infected mail – USPS Shipment e-mail

Thursday, May 17th, 2012

Since this morning (Thursday 17 May) a number of e-mails have been delivered into University accounts with a subject line of “USPS Shipment Info for 2351 3200 0122 9268 0611 3688”. The mail contains a cleverly disguised executable disguised as a web page or a document that when clicked or opened (the attachment) will modify the security settings in your Internet Explorer browser settings to allow criminals to gain access or control to your computer. If you get any mail with these sort of characteristics (often disguised as a USPS, UPS or international postal or courier services notification) please delete or quarantine the file. (Information supplied by David Wiles, Gerga)

Email

Tags: , ,
Posted in E-mail, General | Comments Off on Spyware infected mail – USPS Shipment e-mail

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.