[:en]<\/p>\n
This morning\u2019s spear-phishing attack comes in the form of a fake mail from \u201cHelpDesk\u201d about an alleged \u201cEmail Update\u201d<\/p>\n
The spear-phishing mail is as follows:<\/p>\n
\u201cNotice From\u00a0Stellenbosch University\u00a0HelpDesk:\u00a0<\/em><\/p>\n In an effort to increase the level of security for our \u00a0email accounts User, We are implementing a new email password policy for your protection. If you have not update your password recently click here:\u00a0<\/em>sun.ac.za<\/a>\u00a0to update your password or your e-mail will be temporarily \u00a0suspended .<\/em><\/p>\n Thanks for your co-operation.\u201d<\/em><\/p>\n This is, of course, a phishing scam and you shouldn’t consider it as legitimate even though it allegedly comes from the \u201cHelpdesk\u201d.<\/p>\n The poor grammar, lack of official branding and threatening tone of the mail makes it a classic phishing scam, but with the added danger of students and personnel falling for it because of the\u00a0 salutation \u201cNotice from the Stellenbosch University HelpDesk:\u201d<\/em><\/p>\n We have already blocked access to the server, but there is a high risk that users who are currently on holiday and accessing university mail through their ADSL internet connections or cell phone, will still have access to the scammer\u2019s server and will be fooled by the \u201cforged\u201d login page and provide the scammers with their usernames and passwords. If this happens the scammers will gain control over the personnel or student account and continue their attack from \u201cwithin\u201d the university network.<\/p>\n Always send the spam\/phishing mail to the following addresses:<\/p>\n help@sun.ac.za\u00a0<\/a>and sysadm@sun.ac.za<\/a>.<\/p>\n \u00a0Attach the phishing or suspicious mail on to the message if possible. There is a good tutorial on how to do this at the following link (which is safe) <\/em>: http:\/\/stbsp01.stb.sun.ac.za\/innov\/it\/it-help\/Wiki%20Pages\/Spam%20sysadmin%20Eng.aspx<\/a><\/p>\n IF YOU HAVE FALLEN FOR THE SCAM:<\/u><\/p>\n If you did click on the link of this phishing spam and unwittingly give the scammers your username, e-mail address and password you should immediately go to http:\/\/www.sun.ac.za\/useradm<\/a> and change the passwords on ALL your university accounts (making sure the new password is completely different, and is a strong password that will not be easily guessed.) as well as changing the passwords on your social media and private e-mail accounts (especially if you use the same passwords for these accounts.)<\/p>\n IT has set up a website page with useful information on how to report and combat phishing and spam. The address is:<\/p>\n\n