Latest phishing attempts pretend to be from UCT Vice-Chancellor
The UCT Computer Security Incident Response Team (CSIRT) and IT Helpdesk are currently investigating two new phishing attempts that appear to be sent from the Vice-Chancellor. The first one entitled Mamokgethi Phakeng shared “UCT Forthcoming Projects” with you requests that you click the provided link. The second one entitled Projects and Agenda, requires that you open the attached PDF file.
What do I do?
- DO NOT CLICK THE ATTACHMENT OR LINK IN THE EMAIL.
- If you receive any of these emails or observe suspicious activity on your UCT account, please inform the IT Helpdesk immediately by sending an email to firstname.lastname@example.org
- If you clicked the attachment or link in the email, DO NOT enter your details if prompted. Instead, run a full antivirus scan of your machine. Then, on a device that you know to be free of malware and infection, change your password.
What happens if I clicked the attachment or link and entered my details?
If you've entered your details, your account may be compromised. This puts the UCT network and UCT assets at risk. Please:
- On a device that you know to be free of malware and infection, change your password.
- Send an email to the IT Helpdesk informing them that your details were compromised, but that you have changed your password.
- Run a full antivirus scan on the machine you used to enter your details.
- Don't ever reply to emails, messages, or calls that request personal information – especially usernames and passwords.
- NEVER share your password or PIN with anyone – not even an ICTS representative, or representatives of your bank, mobile network, or other service providers.
- Do not open attachments unless you can verify the sender and the nature of the attachment.
- Don't open emails of unknown origin.
- Don't click on links in emails if you cannot recognise where the link directs you.
- Don't reply to spammers asking them to remove you from their mailing list. Replying just confirms your email address as valid, which encourages them to send you more spam.
- Don't forward chain letters or marketing material.
- Please check the announcements on the ICTS and CSIRT websites for the latest alerts. If your suspicious email differs to the one in the announcement, please report it to the IT Helpdesk at email@example.com. You can report any other cybersecurity issues to the CSIRT at firstname.lastname@example.org.