%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20240517120743+00'00') /ModDate (D:20240517120743+00'00') /Title (IT-artikels) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 11 0 R 13 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 4015 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 201.055 521.469 545.679 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 201.430 520.719 544.929 re S 0.773 0.773 0.773 rg 61.016 617.359 m 550.984 617.359 l 550.984 618.109 l 61.016 618.109 l f 1.000 1.000 1.000 rg BT 278.868 698.693 Td /F1 10.5 Tf [(POST LIST)] TJ ET 0.200 0.200 0.200 rg BT 212.789 670.111 Td /F1 14.4 Tf [(INFORMASIETEGNOLOGIE)] TJ ET BT 221.824 643.466 Td /F1 11.7 Tf [(INFORMATION TECHNOLOGY)] TJ ET BT 61.016 583.841 Td /F1 14.4 Tf [(NEW CYBER CRIME E-MAIL TARGETS INDIVIDUALS)] TJ ET 0.400 0.400 0.400 rg BT 61.016 564.033 Td /F3 9.0 Tf [(Over the past two weeks a new e-mail scam has reared its head on campus. Scammers use contact information, available )] TJ ET BT 61.016 553.044 Td /F3 9.0 Tf [(on the internet, to target individuals at the university.)] TJ ET BT 61.016 533.055 Td /F3 9.0 Tf [(One example is an e-mail which has been sent to various staff at the Finance department with a request to transfer )] TJ ET BT 61.016 522.066 Td /F3 9.0 Tf [(money. \(see e-mail with inactive addresses below\))] TJ ET BT 61.016 502.077 Td /F3 9.0 Tf [(The e-mail is sent from a gmail address, but the )] TJ ET BT 253.589 502.077 Td /F3 9.0 Tf [(display name )] TJ ET BT 309.110 502.077 Td /F3 9.0 Tf [(is a SU staff member's name. Since the cyber criminal also )] TJ ET BT 61.016 491.088 Td /F3 9.0 Tf [(saw the contact person's name on the website \(in this case Finance's website\), they address the receiver personally as, )] TJ ET BT 61.016 480.099 Td /F3 9.0 Tf [(for example, Karin.)] TJ ET BT 61.016 460.110 Td /F3 9.0 Tf [(Similar scams use fax numbers available on the internet and then a fax is sent directly to the contact person.)] TJ ET BT 61.016 440.121 Td /F3 9.0 Tf [(Do not, under any circumstances, react to these e-mails. It is clearly an attempt to attract your attention and convince you )] TJ ET BT 61.016 429.132 Td /F3 9.0 Tf [(to conduct a financial transaction. Delete and ignore the e-mail.)] TJ ET BT 61.016 409.143 Td /F3 9.0 Tf [(Report suspicious e-mail to sysadm@sun.ac.za and also read our articles on security on our )] TJ ET 0.373 0.169 0.255 rg BT 430.790 409.143 Td /F3 9.0 Tf [(blog)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 430.790 407.992 m 447.800 407.992 l S 0.400 0.400 0.400 rg BT 447.800 409.143 Td /F3 9.0 Tf [(, as well as the )] TJ ET BT 61.016 398.154 Td /F3 9.0 Tf [(fortnightly newsletter, )] TJ ET 0.373 0.169 0.255 rg BT 148.550 398.154 Td /F3 9.0 Tf [(Bits & Bytes)] TJ ET 0.18 w 0 J [ ] 0 d 148.550 397.003 m 197.069 397.003 l S 0.400 0.400 0.400 rg BT 197.069 398.154 Td /F3 9.0 Tf [(.)] TJ ET 0.592 0.592 0.592 rg 0.592 0.592 0.592 RG 305.016 388.456 m 306.516 388.456 l 305.766 387.706 l 305.766 387.706 l f 1.000 1.000 1.000 rg 1.000 1.000 1.000 RG 305.016 386.206 m 306.516 386.206 l 305.766 386.956 l 305.766 386.956 l f 306.516 388.456 m 306.516 386.206 l 305.766 386.956 l 305.766 387.706 l f 0.592 0.592 0.592 rg 0.592 0.592 0.592 RG 305.016 388.456 m 305.016 386.206 l 305.766 386.956 l 305.766 387.706 l f 0.400 0.400 0.400 rg BT 61.016 368.415 Td /F3 9.0 Tf [( )] TJ ET BT 61.016 348.426 Td /F3 9.0 Tf [(FROM: Stellenbosch University staff member name)] TJ ET BT 61.016 337.437 Td /F3 9.0 Tf [(TO: Stellenbosch University staff member name)] TJ ET BT 61.016 317.448 Td /F3 9.0 Tf [(Karin, )] TJ ET BT 61.016 297.459 Td /F3 9.0 Tf [(Let me know if you can process a same day domestic bank transfer to a client. You will code it to professional services)] TJ ET BT 61.016 277.470 Td /F3 9.0 Tf [(The amount is R870,000, kindly confirm so i can forward the appropriate beneficiary details to enable instant clearance.)] TJ ET BT 61.016 257.481 Td /F3 9.0 Tf [(Regards)] TJ ET BT 61.016 237.492 Td /F3 9.0 Tf [(Sent from my iPhone)] TJ ET BT 61.016 219.003 Td /F3 9.0 Tf [(Posted in:E-mail,Security | Tagged:Phishing,Spear Phishing | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Annot /Subtype /Link /A 12 0 R /Border [0 0 0] /H /I /Rect [ 430.7897 408.3106 447.7997 417.4681 ] >> endobj 12 0 obj << /Type /Action /S /URI /URI (http://blogs.sun.ac.za/it/category/security-2/) >> endobj 13 0 obj << /Type /Annot /Subtype /Link /A 14 0 R /Border [0 0 0] /H /I /Rect [ 148.5497 397.3216 197.0687 406.4791 ] >> endobj 14 0 obj << /Type /Action /S /URI /URI (http://www.sun.ac.za/bb) >> endobj xref 0 15 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000294 00000 n 0000000323 00000 n 0000000458 00000 n 0000000547 00000 n 0000004614 00000 n 0000004726 00000 n 0000004833 00000 n 0000004949 00000 n 0000005077 00000 n 0000005175 00000 n 0000005303 00000 n trailer << /Size 15 /Root 1 0 R /Info 5 0 R >> startxref 5378 %%EOF spear phishing « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

spear phishing

Newer Entries »

Phishing and whaling

Friday, February 5th, 2016

Recently we gave you some pointers on identifying phishing e-mails. So now that you know all the signs and how to outwit the criminals, there’s another variant – spear phishing. But don’t panic, it’s almost the same, with a bit of a twist.

Spear phishing is an e-mail that seems to be sent from an individual or business you know. Of course it’s really from hackers attempting to obtain you credit card, bank account numbers, passwords and financial information.

These types of attacks focus on a single user or department within an organisation and use another staff member from the organisation’s name to gain the victim’s trust. (Also see our recent article on the incident at Finance.)

They often appear to be from your company’s human resources or IT department, requesting staff to update information, for example passwords or account details. Alternatively the e-mail might contain a link, which will execute spyware when clicked on.

But wait, there are even more fishing comparisons.

When a phishing attack is directed specifically at senior executives, other high profile staff or seemingly wealthy people, it’s called whaling. By whaling cyber criminals are trying to catch the “big phish”, or whale.

phishing

[SOURCE: http://www.webopedia.com]

 
 
 
 
Email

Tags: , ,
Posted in E-mail, General, Security | Comments Off on Phishing and whaling

New cyber crime e-mail targets individuals

Wednesday, January 13th, 2016

Over the past two weeks a new e-mail scam has reared its head on campus. Scammers use contact information, available on the internet, to target individuals at the university.

One example is an e-mail which has been sent to various staff at the Finance department with a request to transfer money. (see e-mail with inactive addresses below)

The e-mail is sent from a gmail address, but the display name is a SU staff member’s name. Since the cyber criminal also saw the contact person’s name on the website (in this case Finance’s website), they address the receiver personally as, for example, Karin.

Similar scams use fax numbers available on the internet and then a fax is sent directly to the contact person.

Do not, under any circumstances, react to these e-mails. It is clearly an attempt to attract your attention and convince you to conduct a financial transaction. Delete and ignore the e-mail.

Report suspicious e-mail to sysadm@sun.ac.za and also read our articles on security on our blog, as well as the fortnightly newsletter, Bits & Bytes.

 

FROM: Stellenbosch University staff member name<example@gmail.com>
TO: Stellenbosch University staff member name<example@sun.ac.za>

Karin, 

Let me know if you can process a same day domestic bank transfer to a client. You will code it to professional services

The amount is R870,000, kindly confirm so i can forward the appropriate beneficiary details to enable instant clearance.

Regards

Sent from my iPhone

Email

Tags: ,
Posted in E-mail, Security | Comments Off on New cyber crime e-mail targets individuals

Newer Entries »
 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.