Phishing awareness
You may not like the idea, but no twice removed uncle of yours, not familiar to any of your family members that you know, has died. Nor did he leave you his estate. Or is the cheque attached. Or, or, or. Never. Ever. Sorry.
Phishing warning signs
- You don’t know the sender, or a familiar email address is slightly different.
- The sender don’t really know who you are: Dear sir/mam. It was sent to many people, irrelevant people, or your email address was in the Bcc field.
- The date and/or time does not make sense: too late, too early, etc.
- The email subject is unusual (coming from someone you know), and asks for urgent attention. Or it may be generic, or presented as a reply on a message you never sent.
- The content is unusual, with grammar and spelling errors. Or it makes you uneasy or confused – if it does not make any sense, it.
- Don’t open a suspect attachment. If you are concerned about the email, the attachment may compromise your machine.
- Hyperlinks may lead you intounsafe territory – don’t open links without proper descriptions, containing spelling errors, or if you did not expect to be sent that type of information.
- Be cautious of websites asking any personal information, or with misspelled URLs.
Here is an example of a NO-GO email:
From: winner@micosoft.com To: you@ufs.ac.za Date: Thursday December 16, 2017 2:17 am Subject: Urgent response required We are pleased to announce that you are a winner in the lucky annual Microsoft sweepstakes since your e-mail address was selected. To claim your reward of $1 000 000 (one million US dollars) click on the link below and complete the required information within the next 24 hours. http://www.micosoft.com We are looking forward to make you the next millionaire. Sincerely, David Sharp Microsoft Manager |
UFS Platforms
UFS ICT Digital Security: What you do online, matters
Key words:
digital, security, online
Most people, mistakenly, experience some kind of “anonymity” regarding
their online activities. In reality, the opposite is true – everything
that you do online has a footprint, often permanent. And everything you
do online has an effect or a reaction. In order to keep our working
environment safe and productive, the University of the Free State (UFS)
has several regulations in place for your online activities.
During the past two years, most of our lives have moved online – and we are
grateful that teaching, learning, and working could continue in this way.
However, the lines between professional (work related) and private
(personal related) online activities have blurred. It is important that our
staff maintain a regulated online presence, especially when it comes to
e-communication and browsing.
Electronic messaging covers email and various forms of instant and
store-and-forward messaging such as SMS texts, messaging apps, webchats,
and messaging facilities within social media platforms. For professional
use, and while using UFS devices, you are only permitted to use
university-provided electronic messaging facilities. Note that all
university messages should be considered official communication from the
UFS and treated as such. Do not send messages containing material that is
defamatory, obscene, or which a recipient might otherwise reasonably
consider inappropriate, including:
- Junk mail.
- Copyrighted material.
- Possible viruses.
- Fraudulent or forged content.
- Abusive, discriminating, defamatory, threatening, bullying, offensive,
obscene, or indecent content.
- Content should never be anonymous, violate other users’ privacy, or cause
anxiety.
If you are unsure about a message, check with your line manager before
responding or forwarding the content.
Although you are allowed some personal use of the Internet during your own
time (such as a lunch break), Internet access on UFS-owned devices is
primarily dedicated to work. Work related activities include accessing UFS
systems, research, updating UFS platforms, and other tasks that are part of
your role. The university has strict security measures in place to protect
our online content, but inappropriate browsing can result in a breach.
As a UFS employee, you are not allowed to knowingly create download,
upload, display, or access sites that contain inappropriate material that
might be deemed illegal, obscene, or offensive. Never download or install
software that is not approved by the UFS for use. You may also not run a
private business online via UFS devices and platforms.
Digital security is the responsibility of each member entrusted to do
online activities within the UFS system – one careless act can compromise
all. Together, we can keep our data safe.
During the past two years, most of our live have moved online – and we
are grateful that teaching, learning, and working could continue in
this way. However, the lines between professional (work related) and
private (personal related) online activities have blurred. It is
important that our staff maintain a regulated online presence,
especially when it comes to e-communication and browsing. In order to
keep our working environment safe and productive, the University of the
Free State has several regulations in place for your online activities.