Top cyber threats

What is phishing? 

Phishing is when someone pretends to be a trusted company or person to trick you into giving away personal information, such as your passwords, credit card details, or other private stuff.

These scams usually show up in your e-mail, but they can also come through text messages or phone calls. Phishing messages often look real, with familiar logos and names. They’ll try to make you react quickly, like saying you need to reset your password or confirm your account immediately. 

Examples of phishing e-mails

• An e-mail claiming to be from Unisa’s IT department, requesting you to log in to update your account information.
• A message from a popular online service (eg Takealot, Amazon) asking you to "verify" a purchase you never made.
• An e-mail from a professor or colleague asking for urgent help with purchasing gift cards. 

How to spot and avoid phishing

• Look for suspicious URLs or e-mail addresses that don’t match the official source (eg www.unisa.co.za - incorrect; www.unisa.ac.za - correct)
• Be careful of generic greetings like "Dear User" or unexpected requests. 
• Avoid clicking on links in unsolicited e-mails - rather go directly to the organisation’s website. 
• Use anti-phishing tools provided by your e-mail provider or antivirus software.

What is social engineering?

Social engineering is when someone tricks you into giving away confidential information or doing something that could put your security at risk. They might pretend to be someone you know (eg a colleague, classmate or even technical  support) to get access to things they shouldn’t.

How to avoid social engineering attacks

• Always verify the identity of individuals requesting sensitive information, even if they seem legitimate.
• Be cautious when receiving unexpected requests via e-mail, phone or social media, especially if they create a sense of urgency. 
• Avoid sharing personal or organisational information on social platforms.
• Train yourself to recognise manipulation tactics, such as playing on emotions, flattery or threats.
• Report suspicious interactions immediately.

What are identity attacks?

Identity attacks happen when someone tries to break into your online accounts by guessing or stealing your login details, such as your username and password.

Common types of identity attacks

1. Brute-force attacks: Hackers use software to try every possible password until they get the right one.
2. Dictionary attacks: Instead of random guesses, attackers use a list of common passwords (like "123456" or "password123"). 
3. Credential stuffing: If your login information was leaked in a past data breach, hackers might try that same username and password on other sites to see if it still works.

How to secure your passwords

• Use long, complex passwords that include a mix of letters, numbers and special characters.
• Enable Multi-Factor Authentication (MFA) wherever possible.
• Avoid using the same password across multiple accounts (Facebook, myUnisa, etc).
• Change passwords regularly and never share them with anyone.
• Use a password manager to store and generate unique passwords for each account.

What is ransomware?

Ransomware is a type of malware (harmful software) that locks you out of your device or scrambles your files so you can't open them. Then it demands money - usually in the form of cryptocurrency - in exchange for a decryption key to unlock everything.

How does ransomware work?

• It is often delivered through fake or malicious e-mail attachments, compromised websites or infected apps.
• Once inside (installed), it locks your files, making them unusable. 
• A ransom message pops us, tell you to pay to get access to your files. Even if you pay, there's no guarantee your files will be restored. And paying could make you a target for future attacks.

What to do if infected

• Disconnect the infected device from all networks immediately to prevent further spread. Report the attack to Unisa.
• Don't pay the ransom. Restore your files from backups (if available).

Important tip! Always back up your files to ensure you can recover from an attack without needing to pay.

What are data breaches and data leaks?

Both data breaches and data leaks involve private information ending up in the wrong hands, but there are key differences. 

Data breach

A data breach is an intentional attack by hackers who break into a system to steal data. The stolen information could be things like your personal details, bank account information, sensitive business information or anything else that’s supposed to be kept safe, but gets taken by the wrong people.

Data leak 

A data leak is when sensitive information is accidentally exposed, usually due to poor security or human error. This could be things like your personal information, money details or secret plans that aren’t supposed to be seen, but somehow end up where anyone can find them.

Be careful when you public Wi-Fi

Public Wi-Fi, which you often find in coffee shops, airports and other public places, can be risky to use. These networks are often not secure, which means hackers can easily see what you’re doing online.

They might even intercept your information or steal information, such as passwords and other private data without you knowing.

Dangers of using unprotected public networks

• Data such as login credentials, personal information and financial details can be intercepted.
• Malware may be injected into your device if the network is compromised.
• Fake Wi-Fi networks, known as "honeypots" can trick users into connecting and exposing their information.

How to stay safe on public Wi-Fi

• Avoid accessing sensitive accounts (eg banking, e-mail) while on a public Wi-Fi.
• Always use a Virtual Private Network (VPN) when connecting to public networks, as it encrypts your data.
• Disable automatic Wi-Fi connections and file sharing on your device.
• Verify the legitimacy of the network with the venue before connecting.