Beware of latest spear phishing attempt
The UCT Computer Security Incident Response Team (CSIRT) is investigating a new spear phishing attempt, where a malicious individual pretends to be a person in authority, and sends an urgent request that often contains the following signs:
- The email address is not legitimate.
- The message may be poorly-written.
- The nature of the request is highly unusual, and is emphasised as being urgent.
In this instance the email entitled Payment to Vendor pretends to be from the SRC president, but an @gmail.com email address is used instead.
If you receive such an email, please do not respond to the sender, instead send the message to the IT Helpdesk (email@example.com) for investigation.
You will need to send a copy of the original email or the header information in the original email.
Steps to follow if you have a myUCT email address
- Navigate to https://outlook.com/owa/uct.ac.za and log on with your UCT student number and password.
- On the selected email, navigate to and click on the ellipse to access More actions
- From the More actions fly-out menu, select View message details
- Select all of the message content and copy this into a new email address to firstname.lastname@example.org
Instructions to follow if using the Outlook desktop client
- Double-click the email message to open it.
- Click File in the top left corner > Save as.
- Select a location to save the email and click Save.
Send the saved file as an attachment to email@example.com.