Beware of SMSs pretending to be from UCT senior management
Cybercriminals use various ways to get access to your information or even the UCT network. A recent example being investigated by the UCT Computer Security Incident Response Team (CSIRT) involves an SMS that appears to be from a senior UCT manager. Those who receive the message are asked to contact the individual using the provided email address.
In this case, even though the message appeared to be from a UCT staff member, an @gmail.com email address was used. In addition, the mobile number used to send the SMS does not belong to the UCT manager.
What should I do?
It is highly unlikely that a senior member of the UCT community will contact you directly via SMS. If you get such an SMS, do not respond to it. Verify it by directly contacting the individual using their officially-listed UCT contact details, instead of those provided in the message.
Remember these security tips
- Never reply to emails, messages, or calls that request personal information – especially usernames and passwords.
- If you receive a call, message, or email out of the blue from your bank or a service provider indicating that there is a problem with your account, thank the caller then hang up. Call the institution directly using the number listed on their website and verify if the call is legitimate or a scam. Never call back using details provided by the caller. You never know who will be on the other side. Some hackers run professional cybercrime companies, including helpdesk centres that sound very convincing.
- If you receive a call about an issue that you never logged and you’re asked to give the caller remote access, do not take any action. Rather hang up and report the issue to your service provider.
- Make sure you have anti-virus installed on your devices. At UCT, you have access to McAfee which you can install on your UCT-owned and personal computers.
- Keep your operating system, software, and anti-virus up to date at all times. The latest security updates contain patches and fixes to keep your devices and information secure.
- Please do not forward the message to your contacts. Report it to the IT Helpdesk at firstname.lastname@example.org, who will then conduct the necessary investigations.