Search

Security News Updates

Thursday, 10 June 2021
Beware of purchase order phishing attempt

The UCT Computer Security Incident Response Team (CSIRT) is investigating a new phishing attempt that asks you to open a shared file. The email entitled purchase order is sent from an @myuct.ac.za email address and contains two links. One to view a purchase order and the second to submit a quote. 

What do I do?

If you receive such an unexpected email request, even if it looks like it is from one of your contacts or a legitimate company, please do not click the links. First contact the individual to verify that they sent it.

If they did not send it, please inform the IT Helpdesk immediately by sending the email on to icts-helpdesk@uct.ac.za. You can then delete the email. The same advice applies to any suspicious emails you receive on your UCT account.

If you have already clicked the link in the email, DO NOT enter your details if prompted. Instead, run a full antivirus scan of your machine. Then, on a device that you know to be free of malware and infection, change your UCT password. Send an email to the IT Helpdesk informing them that your details were compromised, but that you have changed your password.

Please remember:

  • Don't ever reply to emails, messages, or calls that request personal information – especially usernames and passwords.
  • NEVER share your password or PIN with anyone – not even an ICTS representative, or representatives of your bank, mobile network, or other service providers.
  • Do not open attachments unless you can verify the sender and the nature of the attachment.
  • Don't open emails of unknown origin.
  • Don't click on links in emails if you cannot recognise where the link directs you.
  • Don't reply to spammers asking them to remove you from their mailing list.  Replying just confirms your email address as valid, which encourages them to send you more spam.
  • Don't forward chain letters or marketing material.
  • Please check the announcements on the ICTS and CSIRT websites for the latest alerts. If your suspicious email differs to the one in the announcement, please report it to the IT Helpdesk at icts-helpdesk@uct.ac.za. You can report any other cybersecurity issues to the CSIRT at csirt@uct.ac.za.
Wednesday, 28 April 2021
Beware of latest spear phishing attempt

The UCT Computer Security Incident Response Team (CSIRT) is investigating a new spear phishing attempt, where a malicious individual pretends to be a person in authority, and sends an urgent request that often contains the following signs: 

  1. The email address is not legitimate.
  2. The message may be poorly-written.
  3. The nature of the request is highly unusual, and is emphasised as being urgent.

In this instance the email entitled Payment to Vendor pretends to be from the SRC president, but an @gmail.com email address is used instead.

 

Report it

If you receive such an email, please do not respond to the sender, instead send the message to the IT Helpdesk (icts-helpdesk@uct.ac.za) for investigation.

You will need to send a copy of the original email or the header information in the original email.

 

Steps to follow if you have a myUCT email address
  1. Navigate to https://outlook.com/owa/uct.ac.za and log on with your UCT student number and password.
  2. On the selected email, navigate to and click on the ellipse to access More actions

  1. From the More actions fly-out menu, select View message details

  1. Select all of the message content and copy this into a new email address to icts-helpdesk@uct.ac.za

Instructions to follow if using the Outlook desktop client
  1. Double-click the email message to open it.
  2. Click File in the top left corner > Save as.
  3. Select a location to save the email and click Save.

Send the saved file as an attachment to icts-helpdesk@uct.ac.za.

Monday, 19 April 2021
Beware of latest file sharing phishing attempt 20 April 2021

The UCT Computer Security Incident Response Team (CSIRT) is investigating a new phishing attempt that asks you to open a shared file. The email entitled ...is inviting you to collaborate on PROJECT 2022 is sent from an @myuct.ac.za email address and contains a SharePoint link that wants you to download a PDF document. By clicking the link you’re redirected to a webpage that resembles the Microsoft login page.

What do I do?

If you receive such an unexpected email request, even if it looks like it is from one of your contacts or a legitimate company, please do not click the link. First contact the individual to verify that they sent it.

If they did not send it, please inform the IT Helpdesk immediately by sending the email on to icts-helpdesk@uct.ac.za. You can then delete the email. The same advice applies to any suspicious emails you receive on your UCT account.

If you have already clicked the link in the email, DO NOT enter your details if prompted. Instead, run a full antivirus scan of your machine. Then, on a device that you know to be free of malware and infection, change your UCT password

What happens if I clicked the link and entered my details?

If you've entered your details, your account may be compromised. This puts the UCT network and UCT assets at risk. Please:

  1. On a device that you know to be free of malware and infection, change your password
  2. Send an email to the IT Helpdesk informing them that your details were compromised, but that you have changed your password.
  3. Run a full antivirus scan on the machine you used to enter your details.

Please remember:

  • Don't ever reply to emails, messages, or calls that request personal information – especially usernames and passwords.
  • NEVER share your password or PIN with anyone – not even an ICTS representative, or representatives of your bank, mobile network, or other service providers.
  • Do not open attachments unless you can verify the sender and the nature of the attachment.
  • Don't open emails of unknown origin.
  • Don't click on links in emails if you cannot recognise where the link directs you.
  • Don't reply to spammers asking them to remove you from their mailing list.  Replying just confirms your email address as valid, which encourages them to send you more spam.
  • Don't forward chain letters or marketing material.
  • Please check the announcements on the ICTS and CSIRT websites for the latest alerts. If your suspicious email differs to the one in the announcement, please report it to the IT Helpdesk at icts-helpdesk@uct.ac.za. You can report any other cybersecurity issues to the CSIRT at csirt@uct.ac.za.
Monday, 19 April 2021
Beware of latest file sharing phishing attempt 19 April 2021

The UCT Computer Security Incident Response Team (CSIRT) is investigating a new phishing attempt that asks you to open a shared file. The email entitled ...is inviting you to collaborate on SACOVID PROJECT 2022 is sent from an @mrc.ac.za email address and contains a SharePoint link that wants you to download a PDF document. By clicking the link you’re redirected to a webpage that resembles the Microsoft login page.

What do I do?

If you receive such an unexpected email request, even if it looks like it is from one of your contacts or a legitimate company, please do not click the link. First contact the individual to verify that they sent it.

If they did not send it, please inform the IT Helpdesk immediately by sending the email on to icts-helpdesk@uct.ac.za. You can then delete the email. The same advice applies to any suspicious emails you receive on your UCT account.

If you have already clicked the link in the email, DO NOT enter your details if prompted. Instead, run a full antivirus scan of your machine. Then, on a device that you know to be free of malware and infection, change your UCT password

What happens if I clicked the link and entered my details?

If you've entered your details, your account may be compromised. This puts the UCT network and UCT assets at risk. Please:

  1. On a device that you know to be free of malware and infection, change your password
  2. Send an email to the IT Helpdesk informing them that your details were compromised, but that you have changed your password.
  3. Run a full antivirus scan on the machine you used to enter your details.

Please remember:

  • Don't ever reply to emails, messages, or calls that request personal information – especially usernames and passwords.
  • NEVER share your password or PIN with anyone – not even an ICTS representative, or representatives of your bank, mobile network, or other service providers.
  • Do not open attachments unless you can verify the sender and the nature of the attachment.
  • Don't open emails of unknown origin.
  • Don't click on links in emails if you cannot recognise where the link directs you.
  • Don't reply to spammers asking them to remove you from their mailing list.  Replying just confirms your email address as valid, which encourages them to send you more spam.
  • Don't forward chain letters or marketing material.
  • Please check the announcements on the ICTS and CSIRT websites for the latest alerts. If your suspicious email differs to the one in the announcement, please report it to the IT Helpdesk at icts-helpdesk@uct.ac.za. You can report any other cybersecurity issues to the CSIRT at csirt@uct.ac.za.
Friday, 16 April 2021
Beware of latest file sharing phishing attempt 16 April 2021

The UCT Computer Security Incident Response Team (CSIRT) is investigating a new phishing attempt that asks you to open a shared file. The email entitled ...is inviting you to collaborate on PROJECT_2022 is sent from an @hsrc.ac.za email and contains a SharePoint link that wants you to download a PDF document. By clicking the link you’re redirected to a webpage that resembles the Microsoft login page.

What do I do?

If you receive such an unexpected email request, even if it looks like it is from one of your contacts or a legitimate company, please do not click the link. First contact the individual to verify that they sent it.

If they did not send it, please inform the IT Helpdesk immediately by sending the email on to icts-helpdesk@uct.ac.za. You can then delete the email. The same advice applies to any suspicious emails you receive on your UCT account.

If you have already clicked the link in the email, DO NOT enter your details if prompted. Instead, run a full antivirus scan of your machine. Then, on a device that you know to be free of malware and infection, change your UCT password

What happens if I clicked the link and entered my details?

If you've entered your details, your account may be compromised. This puts the UCT network and UCT assets at risk. Please:

  1. On a device that you know to be free of malware and infection, change your password
  2. Send an email to the IT Helpdesk informing them that your details were compromised, but that you have changed your password.
  3. Run a full antivirus scan on the machine you used to enter your details.

Please remember:

  • Don't ever reply to emails, messages, or calls that request personal information – especially usernames and passwords.
  • NEVER share your password or PIN with anyone – not even an ICTS representative, or representatives of your bank, mobile network, or other service providers.
  • Do not open attachments unless you can verify the sender and the nature of the attachment.
  • Don't open emails of unknown origin.
  • Don't click on links in emails if you cannot recognise where the link directs you.
  • Don't reply to spammers asking them to remove you from their mailing list.  Replying just confirms your email address as valid, which encourages them to send you more spam.
  • Don't forward chain letters or marketing material.
  • Please check the announcements on the ICTS and CSIRT websites for the latest alerts. If your suspicious email differs to the one in the announcement, please report it to the IT Helpdesk at icts-helpdesk@uct.ac.za. You can report any other cybersecurity issues to the CSIRT at csirt@uct.ac.za.
Thursday, 15 April 2021
Beware of latest file sharing phishing attempt - April 2021

The UCT Computer Security Incident Response Team (CSIRT) is investigating a new phishing attempt that asks you to open a shared file. The email, which appears to be sent by a UCT Emeritus Professor, contains a SharePoint link that wants you to download a PDF document. By clicking on the link you’re redirected to a webpage that resembles the Microsoft login page.

What do I do?

If you receive such an unexpected email request, even if it looks like it is from one of your contacts or a legitimate company, please do not click the link. First contact the individual to verify that they sent it.

If they did not send it, please inform the IT Helpdesk immediately by sending the email on to icts-helpdesk@uct.ac.za. You can then delete the email. The same advice applies to any suspicious emails you receive on your UCT account.

If you have already clicked the link in the email, DO NOT enter your details if prompted. Instead, run a full antivirus scan of your machine. Then, on a device that you know to be free of malware and infection, change your UCT password

What happens if I clicked the link and entered my details?

If you've entered your details, your account may be compromised. This puts the UCT network and UCT assets at risk. Please:

  1. On a device that you know to be free of malware and infection, change your password
  2. Send an email to the IT Helpdesk informing them that your details were compromised, but that you have changed your password.
  3. Run a full antivirus scan on the machine you used to enter your details.

Please remember:

  • Don't ever reply to emails, messages, or calls that request personal information – especially usernames and passwords.
  • NEVER share your password or PIN with anyone – not even an ICTS representative, or representatives of your bank, mobile network, or other service providers.
  • Do not open attachments unless you can verify the sender and the nature of the attachment.
  • Don't open emails of unknown origin.
  • Don't click on links in emails if you cannot recognise where the link directs you.
  • Don't reply to spammers asking them to remove you from their mailing list.  Replying just confirms your email address as valid, which encourages them to send you more spam.
  • Don't forward chain letters or marketing material.
  • Please check the announcements on the ICTS and CSIRT websites for the latest alerts. If your suspicious email differs to the one in the announcement, please report it to the IT Helpdesk at icts-helpdesk@uct.ac.za. You can report any other cybersecurity issues to the CSIRT at csirt@uct.ac.za.
Monday, 1 February 2021
Beware of latest file sharing phishing attempt - Feb 2021

The UCT Computer Security Incident Response Team (CSIRT) is investigating a new phishing attempt that asks you to open a shared file. The email contains a PDF attachment as well as a link to a shared document. By clicking on either you’re redirected to a webpage that resembles the Microsoft login page.

What do I do?

If you receive such an unexpected email request, even if it looks like it is from one of your contacts or a legitimate company, please do not click the attachment or link. First contact the individual to verify that they sent it.

If they did not send it, please inform the IT Helpdesk immediately by sending the email on to icts-helpdesk@uct.ac.za. You can then delete the email. The same advice applies to any suspicious emails you receive on your UCT account.

If you have already clicked the attachment or link in the email, DO NOT enter your details if prompted. Instead, run a full antivirus scan of your machine. Then, on a device that you know to be free of malware and infection, change your UCT password

What happens if I clicked the attachment or link and entered my details?

If you've entered your details, your account may be compromised. This puts the UCT network and UCT assets at risk. Please:

  1. On a device that you know to be free of malware and infection, change your password
  2. Send an email to the IT Helpdesk informing them that your details were compromised, but that you have changed your password.
  3. Run a full antivirus scan on the machine you used to enter your details.

Please remember:

  • Don't ever reply to emails, messages, or calls that request personal information – especially usernames and passwords.
  • NEVER share your password or PIN with anyone – not even an ICTS representative, or representatives of your bank, mobile network, or other service providers.
  • Do not open attachments unless you can verify the sender and the nature of the attachment.
  • Don't open emails of unknown origin.
  • Don't click on links in emails if you cannot recognise where the link directs you.
  • Don't reply to spammers asking them to remove you from their mailing list.  Replying just confirms your email address as valid, which encourages them to send you more spam.
  • Don't forward chain letters or marketing material.
  • Please check the announcements on the ICTS and CSIRT websites for the latest alerts. If your suspicious email differs to the one in the announcement, please report it to the IT Helpdesk at icts-helpdesk@uct.ac.za. You can report any other cybersecurity issues to the CSIRT at csirt@uct.ac.za.
Wednesday, 14 October 2020
Latest phishing attempts pretend to be from UCT Vice-Chancellor

The UCT Computer Security Incident Response Team (CSIRT) and IT Helpdesk are currently investigating two new phishing attempts that appear to be sent from the Vice-Chancellor. The first one entitled Mamokgethi Phakeng shared “UCT Forthcoming Projects” with you requests that you click the provided link. The second one entitled Projects and Agenda, requires that you open the attached PDF file.

What do I do?

  • DO NOT CLICK THE ATTACHMENT OR LINK IN THE EMAIL.
  • If you receive any of these emails or observe suspicious activity on your UCT account, please inform the IT Helpdesk immediately by sending an email to icts-helpdesk@uct.ac.za
  • If you clicked the attachment or link in the email, DO NOT enter your details if prompted. Instead, run a full antivirus scan of your machine. Then, on a device that you know to be free of malware and infection, change your password

What happens if I clicked the attachment or link and entered my details?

If you've entered your details, your account may be compromised. This puts the UCT network and UCT assets at risk. Please:

  1. On a device that you know to be free of malware and infection, change your password
  2. Send an email to the IT Helpdesk informing them that your details were compromised, but that you have changed your password.
  3. Run a full antivirus scan on the machine you used to enter your details.

Please remember:

  • Don't ever reply to emails, messages, or calls that request personal information – especially usernames and passwords.
  • NEVER share your password or PIN with anyone – not even an ICTS representative, or representatives of your bank, mobile network, or other service providers.
  • Do not open attachments unless you can verify the sender and the nature of the attachment.
  • Don't open emails of unknown origin.
  • Don't click on links in emails if you cannot recognise where the link directs you.
  • Don't reply to spammers asking them to remove you from their mailing list.  Replying just confirms your email address as valid, which encourages them to send you more spam.
  • Don't forward chain letters or marketing material.
  • Please check the announcements on the ICTS and CSIRT websites for the latest alerts. If your suspicious email differs to the one in the announcement, please report it to the IT Helpdesk at icts-helpdesk@uct.ac.za. You can report any other cybersecurity issues to the CSIRT at csirt@uct.ac.za.
Thursday, 27 August 2020
Latest phishing attack: Update your mailbox

The UCT Computer Security Incident Response Team (CSIRT) is currently investigating a new phishing attempt, which pretends to be from Microsoft. The email entitled Your mailbox requires update urges you to update your mailbox before 28 August 2020, or else it will be deactivated.

What do I do?

  • DO NOT CLICK THE LINK IN THE EMAIL.
  • If you clicked the link, DO NOT enter your details on the page. Instead, please close the page and run a full antivirus scan of your machine. Then, on a device that you know to be free of malware and infection, change your password

What happens if I clicked the link and entered my details?

If you've entered your details, your account may be compromised. This puts the UCT network and UCT assets at risk. Please:

  1. On a device that you know to be free of malware and infection, change your password
  2. Send an email to the IT Helpdesk informing them that your details were compromised, but that you have changed your password.
  3. Run a full antivirus scan on the machine you used to enter your details.

Please remember:

  • Don't ever reply to emails, messages, or calls that request personal information – especially usernames and passwords.
  • NEVER share your password or PIN with anyone – not even an ICTS representative, or representatives of your bank, mobile network, or other service providers.
  • Do not open attachments unless you can verify the sender and the nature of the attachment.
  • Don't open emails of unknown origin.
  • Don't click on links in emails if you cannot recognise where the link directs you.
  • Don't reply to spammers asking them to remove you from their mailing list.  Replying just confirms your email address as valid, which encourages them to send you more spam.
  • Don't forward chain letters or marketing material.
  • Please check the announcements on the ICTS and CSIRT websites for the latest alerts. If your suspicious email differs to the one in the announcement, please report it to the IT Helpdesk at icts-helpdesk@uct.ac.za. You can report any other cybersecurity issues to the CSIRT at csirt@uct.ac.za.
Friday, 15 May 2020
Copyright violations are a serious offence

Since the start of the national lockdown, the UCT CSIRT has noted a significant increase in illegal downloads, such as movies and series, from various websites.

We understand that the national lockdown has left you with limited entertainment options, but UCT continues to respect copyright law and requires that all staff and students abide by the law too.

If it’s copyrighted, don’t download it

All copyrighted content is protected by laws and you may not download it without permission from the owner. If you are caught illegally downloading copyrighted content, you could face disciplinary and/or legal action. Your UCT network account will also be disabled should you be found to be in contravention of copyright laws and offend a second time.

Some illegal downloads may contain malware, which could infect your computer and the UCT network. To guard against this, use our remote working safety guide to ensure your device and home network are secure and not easy targets for cybercriminals.

Additionally, because UCT is listed as the offending institution, the university could get a bad reputation for allowing illegal downloads, and in extreme cases, UCT could be subjected to legal action. Furthermore, Internet Service Providers (ISP) and other organisations may choose to block UCT IP addresses. This would have an adverse effect on teaching, learning and research activities at UCT, which rely on national and international co-operation with other educational and research institutions.

Ensure that you abide by UCT’s policies and guidelines

The UCT Policy and Rules on Internet and Email use outlines the conditions that staff and students need to abide by when using these resources. Failure to comply with these conditions will be handled in accordance with procedures established for staff or student discipline. As an ISPA member, UCT is expected to abide by their policies around illegal content downloads and circulation via our network.

Let’s all work together to ensure we respect copyright.

Pages