{"id":11421,"date":"2021-10-05T10:56:23","date_gmt":"2021-10-05T08:56:23","guid":{"rendered":"http:\/\/blogs.sun.ac.za\/it\/?p=11421"},"modified":"2021-10-05T12:47:21","modified_gmt":"2021-10-05T10:47:21","slug":"how-to-recognise-a-phishing-e-mail","status":"publish","type":"post","link":"https:\/\/blogs.sun.ac.za\/it\/2021\/10\/how-to-recognise-a-phishing-e-mail\/","title":{"rendered":"[:en]How to recognise a phishing e-mail [:af]Hoe om `n phishing e-pos uit te ken[:]"},"content":{"rendered":"

[:en]<\/p>\n

We can’t warn you against every phishing<\/a> e-mail\u2013 there’s a new variation every day. You are the only person who can protect yourself from phishing scams and identity theft. The only way to do this\u00a0is to learn to recognise a harmful e-mail by paying attention and keeping an eye out for a few tell-tale signs.<\/p>\n

\"phishme_how_to_spot_a_phish\"<\/a>Typical characteristics<\/strong><\/span><\/p>\n

1. Well-known companies used as bait
\n<\/strong>These e-mails are sent out to thousands of different e-mail addresses and often the person sending them has no idea who you are.\u00a0If you have no affiliation with the company the e-mail address is supposedly coming from, it’s fake. For example, if the e-mail is sent by ABSA, but you are a Standard Bank client. <\/em>Also, see a list of types of companies generally used in phishing e-mails below.<\/p>\n

2. Spelling and grammar
\n<\/strong>Improper spelling and grammar is a dead giveaway. Look for obvious errors.\u00a0<\/p>\n

3. Lack of client information
\n<\/strong>Phishers use a generic greeting. For example, the e-mail greets you as “ABSA customer” or “Dear user”, etc<\/em>. If the company was sending you information regarding your faulty account, they would mention your account details or name in the e-mail. \u00a0A company would go through the trouble to address a client by name and won’t ask you for your information. Banks have your information on their system.<\/p>\n

4. Deadlines\/Sense of urgency
\n<\/strong>Phishing e-mails demand\u00a0an immediate response or stipulate a specific deadline, creating a sense of urgency and prompting you to respond before you’ve looked at the e-mail properly. For example, \u00a0demanding that you log in and change your\u00a0account information within 24 hours or your account will be closed.<\/em><\/p>\n

5. Malicious links
\n<\/strong>Although many phishing e-mails are getting better at hiding the true URL you are visiting, often these e-mails will show a URL that is unrelated to the company. Move your mouse over the link and look at the display address. Is this the website address of the company who seems to be sending the e-mail? If not, it’s clearly a phishing e-mail.<\/p>\n

6. Attachments
\n<\/strong>Phishing e-mails occasionally include an attachment which contains malware. When opened, it will run and install a small programme on your PC, which hackers use to gain access to your PC and information.\u00a0<\/p>\n

Typical phishing topics<\/strong><\/span><\/p>\n

\u2022 Account issues, such as accounts or passwords expiring, accounts being hacked, out-of-date accounts, or account information has to be changed.
\n\u2022 Credit cards expiring or being stolen, a duplicate\u00a0credit card, credit card transactions, etc.\u00a0
\n\u2022 Confirming orders, requesting that you log in to confirm recent orders or transactions before a delivery can be made.
\n\u2022 Winning a prize or getting something for free. Both Woolworths and Pick ‘n Pay’s have been used in fake campaigns to lure people into providing personal details.<\/p>\n

Company names phishers generally use<\/strong><\/span><\/p>\n

\u2022 Any major bank. ABSA <\/a>and Standard Bank are both popular choices in South Africa.
\n\u2022 Insurance companies, for example, Outsurance<\/a>.
\n\u2022 Internet service providers
\n\u2022 Apple<\/a> or Microsoft claiming your account has been suspended.
\n\u2022 E-mail providers, e.g. Gmail<\/a> or Yahoo
\n\u2022 SARS. Especially at this time of year. (We’ve had a few of these.)
\n<\/a>\u2022 DHL<\/a> or any delivery company claiming they have a package for you.
\n\u2022\u00a0Your company’s medical aid, for example, Discovery<\/a>
\n\u2022\u00a0Your company’s IT department<\/a>
\n\u2022 Casinos and lotteries
\n\u2022 Online dating websites
\n\u2022 Popular websites such as Amazon, Facebook, MySpace, PayPal, eBay, Microsoft, Apple, Hotmail, YouTube, etc.<\/p>\n

A few tips to keep you safe<\/strong><\/span><\/p>\n

\u2022 Never follow links in an e-mail you’re uncertain of.<\/strong>\u00a0Rather visit the page by typing the address of the\u00a0company in your browser. For example, \u00a0instead of clicking on the “ABSA URL” in the e-mail, type http:\/\/www.absa.co.za in your web browser and log\u00a0in <\/em>at their official website.<\/em>
\n\u2022 Never send personal information by e-mail.<\/strong> If a company is asking for your personal account information or claiming your\u00a0account is invalid, visit the website and log in to the account as you normally would. If everything seems in order and there aren’t any urgent notifications from your bank, you should be fine.
\n\u2022 If you are still not sure about the status of your account or are concerned about your personal information, contact the company directly<\/strong>, either through\u00a0an e-mail address provided on their website, over the phone or visit your local branch.
\n\u2022\u00a0Delete the e-mail<\/strong> and don\u2019t click on links or fill in any information.
\n\u2022 If you\u2019ve already divulged your information, immediately change your password or PIN<\/strong> and contact the institution to inform them of the breach.
\n\u2022 To report spam or phishing e-mails<\/strong> send an e-mail to\u00a0sysadm@sun.ac.za<\/a>\u00a0with the subject SPAM with the suspect e-mail attached. IT system administrators will then be able to block the e-mail to protect other users.<\/p>\n

[SOURCE:\u00a0www.computerhope.com<\/a>]<\/p>\n

 <\/p>\n

[:af]<\/p>\n

Ons kan jou nie teen elke phishing<\/em><\/a> e-pos waarsku nie \u2013 daar is bykans elke dag \u0149 nuwe\u00a0variasie. Die enigste persoon wat jou kan beskerm teen phishing<\/em>-pogings en identiteitsdiefstal, is jyself. Maar, \u0149 goeie begin is om te leer om \u0149 gevaarlike e-pos\u00a0uit te ken\u00a0deur meer oplettend te wees. Kyk uit vir tipiese kenmerke en jou kans\u00a0om \u0149 slagoffer te wees,\u00a0sal verminder.<\/p>\n

\"phishme_how_to_spot_a_phish\"<\/a>Tipiese kenmerke<\/strong><\/span><\/p>\n

1. Bekende maatskappye as lokaas<\/strong>
<\/strong>Phishing<\/em> e-posse word gelyktydig uitgestuur na duisende e-posse en dikwels\u00a0weet die persoon wat dit stuur nie eers wie jy is nie. \u00a0Indien jy geen verbintenis het met die maatskappy\u00a0waarvandaan die e-pos kom nie, is dit waarskynlik\u00a0vervals. \u00a0Byvoorbeeld, as die e-pos deur ABSA gestuur is en jy is \u0149 Standard Bank kli\u00ebnt. <\/em>Sien ook ons lys van maatskappye wat tipies gebruik word vir phishing onder.<\/p>\n

2. Spelling en taalgebruik
<\/strong>Onvanpaste spelling en taalgebruik is gewoonlik \u0149 duidelike aanduiding. Kyk uit vir voor-die-hand-liggende spelfoute.\u00a0<\/p>\n

3.\u00a0Gebrek aan\u00a0kli\u00ebnte-inligting
<\/strong>Phishing<\/em> e-posse se aanhef is altyd generies. Byvoorbeeld, die e-pos spreek jou aan as\u00a0“ABSA customer” of “Dear user”, ens.<\/em> Indien die maatskappy jou\u00a0werklik\u00a0wou inlig oor jou\u00a0foutiewe rekening, sou hulle\u00a0na\u00a0jou rekening-inligting of naam\u00a0in die e-pos verwys het. \u0149 Maatskappy sou\u00a0die moeite doen om hulle kli\u00ebnt aan te spreek op sy naam en sou hom ook nie vra vir sy inligting nie. Hulle het reeds al jou data.\u00a0<\/p>\n

4.\u00a0Spertye\/Dringendheid
<\/strong>Phishing<\/em> e-posse dring daarop aan dat jy dadelik reageer of gee vir jou \u0149\u00a0kort\u00a0spertyd. As gevolg van hierdie dringendheid, word jy onder druk geplaas om te reageer voordat jy behoorlik kans gehad het om die e-pos te bestudeer. By voorbeeld, dit dring aan dat jy binne 24 uur aanteken om jou bankdetails te bevestig of jou rekening word gesluit.\u00a0<\/em><\/p>\n

5. Vyandig-gesinde skakels
<\/strong>Deesdae is kuberkriminele al slimmer en steek hulle die werklike URL waarheen skakels gaan beter weg. Maar soms sal jy sien dat die URL wys na \u0149 adres wat glad nie verwant is of lyk soos die maatskappy s’n nie. Beweeg jou muis oor die skakel en kyk na die adres wat gewys word. Is dit die maatskappy se regte webwerfadres? Indien nie, is dit \u0149 phishing<\/em> e-pos.<\/p>\n

6. Aanhegsels
<\/strong>Phishing<\/em> e-posse het soms ook aanhegsels wat malware<\/em> bevat. Indien jy dit oopmaak, installeer dit \u0149 klein programmetjie op jou rekenaar waarmee kuberkrakers toegang tot jou\u00a0rekenaar en\u00a0inligting verkry.\u00a0<\/p>\n

Tipiese phishing<\/em> onderwerpe<\/strong><\/span><\/p>\n

\u2022 Probleme met rekeninge, byvoorbeeld \u0149 rekening of wagwoord wat verval, gekraak is of inligting wat skielik verander het.\u00a0
\u2022 Kredietkaarte wat verval, gesteel word, \u0149 duplikaat kredietkaart of kredietkaarttranssaksies.\u00a0
\u2022 Bevestiging van bestellings. Byvoorbeeld \u0149 versoek om aan te teken en onlangse bestellings of transaksies te bevestig voordat dit afgelewer kan word.\u00a0
\u2022 Kompetisies waar jy \u0149 prys gewen het of iets gratis kry. Beide Woolworths en Pick ‘n Pay is al gebruik in phishing e-posse om hul kli\u00ebnte te lok om persoonlike inligting te gee.\u00a0<\/p>\n

Maatskappye wat gebruik word vir phishing<\/em><\/strong><\/span><\/p>\n

\u2022 Enige bekende bank. ABSA <\/a>en Standard Bank is beide popul\u00eare keuses in Suid-Afrika
\u2022 Versekeringsmaatskappye, byvoorbeeld Outsurance<\/a>.
\u2022 Internet diensverskaffers
\u2022 Apple<\/a> of Microsoft (wat beweer dat jou rekening opgeskort is)
\u2022 E-pos verskaffers, byvoorbeeld\u00a0Gmail<\/a> of Yahoo
\u2022 SARS. (Veral di\u00e9 tyd van die jaar<\/a>)\u00a0
<\/a>\u2022 DHL<\/a> of enige afleweringsmaatskappy wat beweer hulle het \u0149 pakkie vir jou.
\u2022 Mediese fondse, byvoorbeeld, Discovery.<\/a>
\u2022 Jou maatskappy se IT-afdeling<\/a>
\u2022 Casino’s en loterye
\u2022 Aanlyn-afspraak webwerwe
\u2022 Gewilde webwerwe soos Facebook, MySpace, PayPal, eBay, Microsoft, Apple, Hotmail, YouTube, ens.<\/p>\n

\u0149 Paar wenke om jou veilig te hou<\/strong><\/span><\/p>\n

\u2022 Moenie \u00a0op \u0149 skakel kliek as jy onseker is nie.<\/strong>\u00a0Gaan eerder na die webwerf deur die maatskappy se webadres\u00a0in te tik. Byvoorbeeld,\u00a0tik http:\/\/www.absa.co.za in jou webblaaier\u00a0en teken aan op die amptelike webwerf, in plaas van om te kliek op\u00a0“ABSA URL” in die e-pos.<\/em>
\u2022 Moet nooit persoonlike inligting per e-pos stuur nie.<\/strong>\u00a0Indien \u0149 maatskappy jou persoonlike inligting vra, gaan direk na hul webwerf en teken aan op jou rekening soos altyd. As daar \u0149 probleem is, behoort daar \u0149 kennisgewing van jou bank te wees.\u00a0
\u2022 As jy nogsteeds onseker is oor die status van jou rekening of bekommerd is oor jou persoonlike inligting, kontak die maatskappy direk<\/strong> d.m.v. die e-posadres op hul webwerf, telefonies of besoek jou plaaslike tak.\u00a0
\u2022 Vee die e-pos uit, moenie op die skakels kliek nie en moenie inligting invul nie.
\u2022<\/strong>Indien jy reeds jou inligting ingevul het, verander dadelik jou wagwoord of PIN <\/strong>en kontak die instelling om hulle in kennis te stel.
\u2022 \u00a0Om gemorspos of phishing<\/em> e-pos aan te meld,\u00a0<\/strong>stuur \u0149 e-pos aan\u00a0sysadm@sun.ac.za<\/a>\u00a0met SPAM as onderwerp met die e-pos aangeheg. IT stelseladministrateurs kan dan die e-pos blok en sodoende ook ander personeel daarteen beskerm.<\/p>\n

[BRON:\u00a0www.computerhope.com<\/a>]<\/p>\n

[:]<\/p>\n","protected":false},"excerpt":{"rendered":"

[:en] We can’t warn you against every phishing e-mail\u2013 there’s a new variation every day. You are the only person who can protect yourself from phishing scams and identity theft. The only way to do this\u00a0is to learn to recognise a harmful e-mail by paying attention and keeping an eye out for a few tell-tale […]<\/p>\n","protected":false},"author":259,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20382,29187,48737],"tags":[48729,20381,20360],"class_list":["post-11421","post","type-post","status-publish","format-standard","hentry","category-email","category-security-2","category-tips-2","tag-hacking","tag-phishing","tag-spam"],"publishpress_future_action":{"enabled":false,"date":"2026-05-09 16:43:02","action":"change-status","newStatus":"draft","terms":[],"taxonomy":"category","extraData":[]},"publishpress_future_workflow_manual_trigger":{"enabledWorkflows":[]},"_links":{"self":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts\/11421","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/users\/259"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/comments?post=11421"}],"version-history":[{"count":20,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts\/11421\/revisions"}],"predecessor-version":[{"id":15520,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts\/11421\/revisions\/15520"}],"wp:attachment":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/media?parent=11421"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/categories?post=11421"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/tags?post=11421"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}