Beware of phishing email entitled Completed … Invoice & Remittance August 2023

05 Sep 2023
05 Sep 2023

The Computer Security Incident Response Team (CSIRT) is aware of and currently investigating a new phishing attack doing the rounds on campus. There are variations of the email entitled Completed: Director/Faculty of: Invoice & Remittance August 2023.

Recipients are required to click the provided link to view a PDF file.

The UCT CSIRT is currently taking the required remedial steps.

Managing unusual or suspicious email messages

  • DO NOT CLICK THE LINK. Instead, delete the email.
  • If you clicked the link and/or entered your details, your account may be compromised. This puts the UCT network and UCT assets at risk. Please urgently send an email to the IT Helpdesk and let them know that you provided your details. Thereafter, follow these steps:
    • On a device that you know to be free of malware and infection, change your UCT password immediately. For assistance with password management at UCT, visit and search for “passwords”.
    • Run a full anti-virus scan of your machine.

Please remember:

  • Keep track of the latest phishing attempts on campus via the UCT Phish Bowl.
  • Don't ever reply to emails, messages, or calls that request personal information – especially usernames and passwords.
  • NEVER share your password or PIN with anyone – not even an ICTS representative, or representatives of your bank, mobile network, or other service providers.
  • Do not open attachments unless you can verify the sender and the nature of the attachment.
  • Don't open emails of unknown origin.
  • Don't click on links in emails if you cannot recognise where the link directs you.
  • Please check the announcements on the ICTS and CSIRT websites for the latest alerts. If your suspicious email differs to the one in the announcement, please report it to the IT Helpdesk at Learn more about how you can report information and cybersecurity-related issues to the UCT CSIRT.