Warning: severe phishing attacks underway on campus
There is currently a severe phishing attack doing the rounds on campus, affecting both computers and mobile devices. The attack specifically targets staff and student email accounts with messages such as this one:
At present, there are at least 5 different variants of this email. All variants contain an attachment that leads to a phishing web page that looks like this:
PLEASE:
- DO NOT CLICK THE ATTACHMENT IN THE EMAIL.
- If you did click the attachment in the email, DO NOT type your details into the page.
- Students, please warn all your friends and staff please warn all your colleagues about this phishing attack.
- If you received the email but took no action, delete the message immediately.
What happens if I clicked the attachment?
If you clicked the attachment and you did not enter your details into the phishing site, please run a full antivirus scan of your device.
What happens if I entered my details?
If you entered your details, your account may be compromised. This puts the UCT network and UCT assets at risk. It also means that your email account could be used to send out spam or phishing messages. If your account has been compromised, you might not be able to access any UCT services as we may have blocked the account.
| If your account has been blocked | If your account has not been blocked |
|
|
Other phishing emails currently in circulation
In addition to the above phishing emails that come with attachments, a new strand of phishing messages are being sent to UCT email addresses. These messages could come with the subject line:
- Recent Phishing Messages - fix issue now
or - System Upgrade
In both cases, the messages may come from a UCT email address, and they ask you to reply with your username and password. Other variations may also exist, so it’s best to be on the lookout for all suspicious messages of this kind.
In all cases, DO NOT REPLY WITH YOUR USERNAME AND PASSWORD.
If you have already, sent your login details, go to Password Self-Service and change your UCT password immediately.
Safety precautions
To keep your devices, account, and data safe, take the following precautions:
Report incidents to CSIRT
Report all suspicious cyber security incidents to the CSIRT (UCT Computer Security
Incident Response Team) at csirt@uct.ac.za.
Use an antivirus package
You must have an up-to-date anti-virus application, such as McAfee Endpoint Security,
installed before connecting to the UCT network. All UCT students and staff members may download and use are entitled to a site-licensed copy of McAfee Endpoint Security software.
For mobile phones, tablets, and other devices, be sure to install an anti-virus app. Good, free examples include Avast and AVG.
Back up your data
A backup is a copy of the data on your computer, which is placed on a storage medium, such as an external hard drive. Find out how to back up your data.
Be careful with your email
- Don't reply to emails that request personal information.
- Don't open email of unknown origin.
- Don't click on links in emails if you cannot recognise where the link directs you.
- Don't reply to spammers asking them to remove you from their mailing list. By replying, you are confirming your email address as valid. This will encourage them to send you more spam.
- Don't forward chain letters or marketing material.
- Don't respond to emailed competitions.
Read these articles for more about cyber security:
Watch these cybersecurity videos: