Home > Services > Security > Spam and phishing protection

Spam and phishing protection

Spam and phishing

Spam is the practice of sending unwanted email messages, in large quantities, to an indiscriminate set of recipients. Some spam can also include malware or viruses that are loaded onto your computer without your knowledge. UCT manages spam for all @uct.ac.za email addresses by using Mimecast, which holds onto suspected spam messages so that you can review them and either block or allow them into your mailbox. Office 365 offers online spam protection for @myuct.ac.za addresses.

Phishing is an attempt to get you to hand over personal or confidential information to a criminal. The requests may seem legitimate and may be perpetrated by phone, email or via the Internet. ICTS provides you with information on how to recognise phishing messages and we encourage you to report them as soon you encounter them.

 

Spam

How does UCT manage spam?

Within seconds of being received by the UCT mail gateways, email messages pass through a number of security checks before being delivered to your mailbox. This is to prevent as much spam as possible from coming into the organisation.

UCT has to deal aggressively with spam because higher education institutions are now one of the most spammed sectors in the world. However, sometimes these aggressive spam controls prevent legitimate messages from getting through to your mailbox. There are a number of reasons that this happens, but to help you retrieve those messages UCT has enlisted the services of the Mimecast online email management tool for all UCT email addresses. The Mimecast service is only available for @uct.ac.za email addresses (i.e. UCT staff, third parties and postgraduate students).

 

Can I decide what is and isn’t spam?

If the Mimecast tool suspects that a message is spam, instead of removing it from the system, you will receive an email telling you that a message has been placed in the Mimecast On Hold queue. This gives you the opportunity to either ReleaseBlock orPermit the message.

  • Release: allows the message to be delivered to your mailbox, but does not automatically allow any other messages from the same sender to reach you.
  • Block: rejects the message and blocks this sender from sending emails to you in future.
  • Permit: delivers the message to your mailbox and you allows this sender to email you in future.

You will only receive an email if there are spam messages in your Personal On Hold queue. Hopefully over time you will receive less and less spam as the system "learns" what you do and don't allow through.

 

Phishing

What to do if you suspect a phishing attempt or fall victim to one

1. Report it

If you receive a suspicious email in your UCT email account asking you to click on a link, or requesting your personal information:

  • DO NOT follow the message's instructions.
  • DO NOT forward the message to anyone else.

Instead, report the attempt to the CSIRT by emailing csirt@uct.ac.za and delete the message:

NOTE: This reporting process applies only to your UCT email account. If you receive phishing attempts in non-UCT email accounts (e.g. Gmail), please follow the process specified by that email service provider. This can usually be found in the service provider's Help or Support pages and will help your service provider to minimise future phishing attempts to that email account.


2. Change your password

If you responded to a phishing attempt and handed over your password and username you need to change your password immediately via Password Self-Service.
If you responded to a message that requested your username and password for external services (such as Facebook, LinkedIn, etc), immediately log in to the relevant website and change your password.


3. Follow up with external service providers

If the phishing attempt relates to an external service provider - such as your bank:

  1. Contact the service provider and inform them that your account or information has been compromised.
  2. Let them know that someone has been impersonating their business (i.e. report the matter to them).
  3. Ask them to recommend the most secure methods to conduct your business with them. For example, many banks provide alternate accounts for online or telephone purchases. These special accounts limit the risk to a specific amount or transaction.