SCAMMERS are using a Wits student email account for internet fraud, known as phishing.

In a recent scam, students’ university email accounts were used as addresses to send fraudulent tax reports to businesses in Johannesburg and Ekurhuleni . In a grammatically incorrect email, “SARS” requested the companies check attached tax reports and “confirm is up to date”.

Phishing is “the act of acquiring private or sensitive data from personal computers for use in fraudulent activities”, according to the Business Dictionary. It usually involves sending emails that seem to come from a credible source, but are in no way affiliated with the actual source. [pullquote align=”right”]”CNS is aware of the problem”[/pullquote]

The emails trick users into entering personal data, like bank details and home addresses. Phishers also create websites that appear to be operated by government agencies.

According to the Google Online Security Blog, phishers use a popular method, called “domain spoofing” for email phishing. The address in the “From” line of the email seems legitimate, but is actually a fake address.

Computer and Network Services is aware of the problem and has referred it to a research team, according to a spokesperson.

The phishing was first drawn to the attention of Wits Vuvuzela by the engineering company Ideal Patternmakers and Tooling Ltd in Germiston.
“The first thing I thought was: why would I receive a SARS Receiver report from an academic institution?” said Pieter Swart, financial director of the company.

[pullquote]”why would I receive a SARS Receiver report from an academic institution?” [/pullquote]Other companies have confirmed that phishing is a regular problem. “We get about three phishing emails a week,” said Patricia Eales from Motrade 252 Ltd. Bronwyn Estman from Viking Foundry said they also received phishing emails asking for personal, banking and other details. The company immediately deleted such emails.

Suggested ways to avoid Phishing scams:

1.Guard against spam
2.Communicate personal information only via phone or secure websites
3.Do not click on links, download files or open attachments in emails from unknown senders
4.Never email personal or financial information even if you know the recipient very well
5.Beware of links in the emails that ask for personal information, even if the emails are from companies you do business with
6.Beware of pop-ups.
7.Protect your computer with anti-virus and anti-spyware, firewalls and spam filters
8.Check your online accounts and bank statements regularly to ensure no unauthorised transfers have been made. Source: