{"id":15602,"date":"2021-11-23T14:03:48","date_gmt":"2021-11-23T12:03:48","guid":{"rendered":"https:\/\/blogs.sun.ac.za\/it\/?p=15602"},"modified":"2021-11-23T16:46:13","modified_gmt":"2021-11-23T14:46:13","slug":"phishing-scam-from-compromised-university-account","status":"publish","type":"post","link":"https:\/\/blogs.sun.ac.za\/it\/2021\/11\/phishing-scam-from-compromised-university-account\/","title":{"rendered":"[:en]Phishing scam from compromised university account[:]"},"content":{"rendered":"<p>[:en]<\/p>\n<p>Please keep an eye out for an e-mail from a sun email address with the subject line of FYI_Order\/Approval.\u00a0<\/p>\n<p>It is a phishing scam with a link to a website that is designed to compromise security and steal details such as banking details, login names and passwords.\u00a0<\/p>\n<p>The owner of the affected account has already put an Out-of-office notification on her account telling people to ignore the mail sent from her account, but the account is probably still compromised and under the control of the scammers.<\/p>\n<p>Once in the university domain the scammers will continue to attack the university network to steal more information or to obtain bank account details, etc.<\/p>\n<p>Here is an example of one of the mails:<\/p>\n<p><a href=\"https:\/\/blogs.sun.ac.za\/it\/files\/2021\/11\/ORDER_PHISH.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-15603 size-large\" src=\"https:\/\/blogs.sun.ac.za\/it\/files\/2021\/11\/ORDER_PHISH-500x333.png\" alt=\"\" width=\"500\" height=\"333\" srcset=\"https:\/\/blogs.sun.ac.za\/it\/files\/2021\/11\/ORDER_PHISH-500x333.png 500w, https:\/\/blogs.sun.ac.za\/it\/files\/2021\/11\/ORDER_PHISH-300x200.png 300w, https:\/\/blogs.sun.ac.za\/it\/files\/2021\/11\/ORDER_PHISH-768x511.png 768w, https:\/\/blogs.sun.ac.za\/it\/files\/2021\/11\/ORDER_PHISH.png 1080w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>Please report this phishing mail if you receive it from the above mentioned address or any other sun address.\u00a0Here is how you report it:<\/p>\n<p>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<\/p>\n<p>Go to <a href=\"https:\/\/servicedesk.sun.ac.za\/jira\/servicedesk\/customer\/portal\/6\/create\/115\">https:\/\/servicedesk.sun.ac.za\/jira\/servicedesk\/customer\/portal\/6\/create\/115<\/a>.\u200b\u200b<\/p>\n<p>Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.\u200b\u200b Please add the suspicious email as an attachment to the request.<\/p>\n<p>\u200b\u200b~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<\/p>\n<p>If you have accidentally clicked on the link and already given any personal details to the phishers it is vitally important that you immediately go to the USERADM page (either <a href=\"http:\/\/www.sun.ac.za\/password\">http:\/\/www.sun.ac.za\/password<\/a> or <a href=\"http:\/\/www.sun.ac.za\/useradm\">www.sun.ac.za\/useradm<\/a> and change your password immediately.) Make sure the new password is completely different and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts. Contact the IT Service Desk if you are still unsure.\u00a0<\/p>\n<p style=\"text-align: right;\">[ARTICLE BY DAVID WILES]<\/p>\n<p>[:]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[:en] Please keep an eye out for an e-mail from a sun email address with the subject line of FYI_Order\/Approval.\u00a0 It is a phishing scam with a link to a website that is designed to compromise security and steal details such as banking details, login names and passwords.\u00a0 The owner of the affected account has [&hellip;]<\/p>\n","protected":false},"author":61,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20382,3256,20381,29187],"tags":[],"class_list":["post-15602","post","type-post","status-publish","format-standard","hentry","category-email","category-news","category-phishing","category-security-2"],"publishpress_future_action":{"enabled":false,"date":"2026-05-22 04:59:15","action":"change-status","newStatus":"draft","terms":[],"taxonomy":"category","extraData":[]},"publishpress_future_workflow_manual_trigger":{"enabledWorkflows":[]},"_links":{"self":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts\/15602","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/users\/61"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/comments?post=15602"}],"version-history":[{"count":5,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts\/15602\/revisions"}],"predecessor-version":[{"id":15608,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts\/15602\/revisions\/15608"}],"wp:attachment":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/media?parent=15602"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/categories?post=15602"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/tags?post=15602"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}