New phishing attacks: Don’t open the attachments

30 Jan 2019 - 10:15

We are aware of new phishing attacks currently doing the rounds on campus. The emails – sent from UCT email accounts – refer to financial transactions – such as proof of payment, clients wanting to place more orders, invoices, and remittance advices. These emails include malicious HTML or MS Word attachments.

The messages have been sent to some UCT staff and students and are attempts by criminals to access your personal information by getting you to open malicious files.

What do I do?

  • If you did click the attachment in the email, DO NOT enter your details on the page that requests your details. Instead, please close the page and run a full antivirus scan of your machine. Then, on a device that you know to be free of malware and infection, change your password

What happens if I clicked the attachment and entered my details?

If you've entered your details, your account may be compromised. This puts the UCT network and UCT assets at risk. Please:

  1. On a device that you haven’t previously used to access the UCT network, change your password
  2. Send an email to the IT Helpdesk informing them that your details were compromised, but that you have changed your password.
  3. Run a full antivirus scan on the machine you used to enter your details.

Please remember:

  • Don't ever reply to emails that request personal information – especially usernames and passwords.
  • NEVER share your password with anyone – not even an ICTS representative.
  • Do not open attachments unless you can verify the sender and the nature of the attachment.
  • Don't open emails of unknown origin.
  • Don't click on links in emails if you cannot recognise where the link directs you.
  • Don't reply to spammers asking them to remove you from their mailing list.  Replying just confirms your email address as valid, which encourages them to send you more spam.
  • Don't forward chain letters or marketing material.
  • Report any incidence of this to the IT Helpdesk at You can report any other cybersecurity issues to the UCT CSIRT at