Service Announcements

Thursday, 18 October 2018
New phishing attack: account access indefinitely revoked

We are aware of a new phishing attack currently doing the rounds on campus.  This attack, which contains a malicious link, specifically targets UCT staff and student email accounts.

The message claims that your account access has been indefinitely revoked, and asks you to click on a link to verify and reactivate your account.

What do I do?

  • DO NOT CLICK THE LINK IN THE EMAIL.
  • If you did click the attachment in the email, DO NOT enter your details on the page. Instead, please close the page and run a full antivirus scan of your machine. Then, on a device that you know to be free of malware and infection, change your password

What happens if I clicked the attachment and entered my details?

If you've entered your details, your account may be compromised. This puts the UCT network and UCT assets at risk. Please:

  1. On a device that you know to be free of malware and infection, change your password
  2. Send an email to the IT Helpdesk informing them that your details were compromised, but that you have changed your password.
  3. Run a full antivirus scan on the machine you used to enter your details.

Please remember:

  • Don't ever reply to emails that request personal information – especially usernames and passwords.
  • NEVER share your password with anyone – not even an ICTS representative.
  • Do not open attachments unless you can verify the sender and the nature of the attachment.
  • Don't open emails of unknown origin.
  • Don't click on links in emails if you cannot recognise where the link directs you.
  • Don't reply to spammers asking them to remove you from their mailing list.  Replying just confirms your email address as valid, which encourages them to send you more spam.
  • Don't forward chain letters or marketing material.
  • Report any incidence of this or phishing attacks to the UCT CSIRT at csirt@uct.ac.za. You can also report any other cybersecurity issues to the same address.
Tuesday, 9 October 2018
Resolved: Telephony issues

ICTS has resolved the issue affecting the UCT telephony service. The system is now stable, but we will continue to monitor the situation.

Previous message posted Tuesday 9th October, 4.12 p.m.

ICTS is aware of an issue which caused brief interruptions to the UCT telephony service today (9th October). Certain phones, as well as the Skype for Business client, lost connection to the server for a few minutes. We are currently investigating the issue.

Monday, 1 October 2018
Problem affecting the UCT Third Party System

ICTS has resolved the problem affecting the UCT Third Party System. The system has been restored and is once again available.

We will continue to monitor the situation.

Previous message posted 10:07 a.m. on 1st October 2018:

ICTS is aware of a problem affecting the UCT Third Party System, which is currently unavailable.

Our engineers are investigating the cause of the problem.

Tuesday, 25 September 2018
ICTS is testing the new Apple macOS Mojave 10.14

Apple has released macOS Mojave 10.14, the latest version of its operating system (OS) for Mac computers. This update introduces full Dark Mode, new apps and an all new Mac App Store.

View the Apple Mac website for the latest features available in this macOS.

Do not install Mojave just yet

ICTS is currently testing Mojave to ensure that it does not conflict with existing software and systems already in use on campus.

We therefore advise that you do not install Mojave until we give the go ahead, as we are unable to support this macOS until our testing is completed.

Once our testing is finalised, we will notify you and you can then install the update to Mojave via the App store.

Monday, 17 September 2018
ICTS to perform emergency maintenance today from 12:00 p.m. to 2:00 p.m.

ICTS is currently aware of a problem affecting our IT infrastructure. Our engineers need to perform emergency maintenance today (Monday, 17 September 2018) from 12:00 p.m. to 2:00 p.m. to address this issue.

Some ICT services may be affected during this time.

We thank you for your patience as we conduct this necessary maintenance.

Tuesday, 4 September 2018
Resolved: Problem affecting Skype for Business

ICTS engineers have identified the root cause of the problem affecting the voice quality of some calls made via Skype for Business. They’ve made the necessary changes to resolve the issue.

Our engineers will continue to monitor the situation.

Previous message sent Monday, 03 September 2018

ICTS engineers are currently investigating a problem affecting the voice quality of some calls made via the Skype for Business unified communication platform.

We are working together with our vendor to address this issue.

Monday, 3 September 2018
Problem affecting Skype for Business

ICTS engineers are currently investigating a problem affecting the voice quality of some calls made via the Skype for Business unified communication platform.

We are working together with our vendor to address this issue.

Monday, 13 August 2018
Beware of latest SARS phishing attack

There is currently a South African Revenue Services (SARS) phishing attack doing the rounds on campus. Emails entitled “SARS eFiling” are being sent by various @sun.ac.za email addresses asking you to login to your eFiling account to view an EMP Statement of Account.  

The UCT Computer Security Incident Response Team have put the necessary security measures in place, and have blocked the links. Additionally, the UCT CSIRT team has been in contact with Stellenbosch University’s CSIRT to inform them of the phishing attack, and they are taking steps to stop it from happening.

What do I do?

  • DO NOT CLICK THE LINK IN THE EMAIL.
  • If you did click the attachment in the email, DO NOT enter your details on the page. Instead, please close the page and run a full antivirus scan of your machine. Then, on a device that you know to be free of malware and infection, change your SARS eFiling password. 

What happens if I clicked the attachment and entered my details?

If you've entered your details, your account may be compromised. Please:

  1. On a device that you know to be free of malware and infection, change your SARS eFiling password. 
  2. Inform SARS about this phishing attack and that you have provided your details.
  3. Run a full antivirus scan on the machine you used to enter your details.

Please remember:

  • Don't ever reply to emails that request personal information – especially usernames and passwords.
  • NEVER share your password with anyone – not even an ICTS representative.
  • Do not open attachments unless you can verify the sender and the nature of the attachment.
  • Don't open emails of unknown origin.
  • Don't click on links in emails if you cannot recognise where the link directs you.
  • Don't reply to spammers asking them to remove you from their mailing list.  Replying just confirms your email address as valid, which encourages them to send you more spam.
  • Don't forward chain letters or marketing material.
  • Report any incidence of this or other phishing attacks of cyber security issues to the UCT CSIRT at csirt@uct.ac.za. You can also report any other cybersecurity issues to the same address.

 

Monday, 13 August 2018
Shaming scam just another way to get access to your money

In recent days, media outlets have been reporting on the Belarus shame scam in which cybercriminals target individuals – asking them to pay a hefty ransom fee to avoid “compromising” personal information being made public.

How it works

A potential victim receives an email, WhatsApp, or Facebook message from a cybercriminal. The message claims that the criminal used malware to get incriminating or embarrassing information about the victim. If the victim doesn’t immediately pay a ransom fee, the criminal threatens to publish the information online, or share the information with the victim’s contacts.

To make the scam seem even more legitimate, the criminal includes the victim’s username and password for an online account. In actual fact, they have taken these login details from a previous security breach – where the victim’s account has been compromised. That account might not even be used by the victim anymore.

Safeguard yourself

These kinds of attacks are becoming more common in South Africa, so it’s crucial to always remain vigilant.

One of the most important ways you can protect yourself from such attacks is to use a different password for each of your accounts. That way, if one account is compromised, the others will remain secure. You can use a password manager to help you remember your passwords.

In addition, please remember these security tips:

  • Don't ever reply to emails that request personal information – especially usernames and passwords.
  • NEVER share your password with anyone – not even an ICTS representative.
  • Do not open attachments unless you can verify the sender and the nature of the attachment.
  • Don't open emails of unknown origin.
  • Don't click on links in emails if you cannot recognise where the link directs you.
  • Don't reply to spammers asking them to remove you from their mailing list. By replying, you are confirming your email address as valid and will only encourage more spam.
  • Don't forward chain letters or marketing material.
  • Don't respond to emailed competitions.
Wednesday, 8 August 2018
Beware of latest Standard Bank phishing attack

We are aware of a new Standard Bank phishing attack which is currently doing the rounds. The cybercriminals are spoofing Standbard Banks’s ibsupport@standardbank.co.za email address, to make this attack seem legitimate. However, the links provided in the email will take you to malicious websites.

The subject lines used in this attack include:

  • Payment confirmation
  • YOU A PENDING DEPOSIT

A screenshot of a social media postDescription generated with very high confidence

The UCT Computer Security Incident Response Team have put the necessary security measures in place, and have blocked the links.

What do I do?

  • DO NOT CLICK THE LINK IN THE EMAIL.
  • If you did click the attachment in the email, DO NOT enter your details on the page. Instead, please close the page and run a full antivirus scan of your machine. Then, on a device that you know to be free of malware and infection, change your online banking password. 

What happens if I clicked the attachment and entered my details?

If you've entered your details, your account may be compromised. Please:

  1. On a device that you know to be free of malware and infection, change your online banking password. 
  2. Inform your bank about this phishing attack and that you have provided your details.
  3. Run a full antivirus scan on the machine you used to enter your details.

Please remember:

  • Don't ever reply to emails that request personal information – especially usernames and passwords.
  • NEVER share your password with anyone – not even an ICTS representative.
  • Do not open attachments unless you can verify the sender and the nature of the attachment.
  • Don't open emails of unknown origin.
  • Don't click on links in emails if you cannot recognise where the link directs you.
  • Don't reply to spammers asking them to remove you from their mailing list.  Replying just confirms your email address as valid, which encourages them to send you more spam.
  • Don't forward chain letters or marketing material.
  • Report any incidence of this or other phishing attacks of cyber security issues to the UCT CSIRT at csirt@uct.ac.za. You can also report any other cybersecurity issues to the same address.

 

Pages