The Email that isn’t Superman

Drawing of a city at night with a superman symbol streaming light in the sky

Incredulous: indicating or showing disbelief.

I wanted to use the Superman words: "Look! Up in the sky! It's a bird! It's a plane! It's Superman!" But somehow "Look! In your inbox! It's spam! It's a ransomware attack! It's DHA!" just doesn't have the same ring to it.

This week I have to share the newest episode in my saga with the Department of Home Affairs (DHA). There are some lessons in it, although I'm still perplexed (my second choice word for today) by it. So I'm not sure what all the lessons are.

The sad story

I have been trying since 2018 to get an ID document for a South-African born man who works for us as a gardener. I won't bore you with the details. In desperation, I lodged a complaint at the Office of the President, aka the Presidential Hotline. I phone them every week, and they always tell me that the case officer has not made any notes on the file.

But I do have a case reference number.

The mystery email

At the end of last week, I received a mysterious email.

The subject line had just one thing in it: INC0000NNNNNNNN
(I changed the numbers to "N", because it's probably the right thing to do).

The entire body of the email consisted of the following:

Good morning
Please provide the master barcode for the Late Registration of Birth application.

That was it. No name, no signature, no other information.

It's spam!

My first thought was that it was spam. Spam filters are fallible and sometimes stupid. So now and then I get emails that look a lot like this. In fact, I'm sure some filters would mark this email as spam. But I recently asked Charles to tone down the enthusiasm of our spam filter, because I'd rather delete spam than miss client emails.

So that's the first lesson. Don't write emails that look like spam.

I decided it wasn't spam for two reasons:

  • I recognised the reference number. Yes, it was the case number assigned by the Office of the President.
  • I checked the sender. The email came from (again, details changed because I'm careful like that). I checked the message headers as well. I checked the name on LinkedIn.

That's the second lesson. You can't write anonymous emails from company email addresses that use your name and surname. And if you aren't trying to be anonymous, then not adding your name at the end of an email to a strange person is just rude.

All things considered, it probably isn't spam.

It's a ransomware attack!

I replied, in detail, to the email. And then ... the message bounced.

Mail delivery failed: returning message to sender. To be more specific, 550 rejected because recipient verify failed - user not found.

Now I was annoyed. I don't know how to send email from a non-existent email address, but hackers are creative. So I resent the email to the same email address. I also sent it to every other DHA email address I could find, and the DHA fraud hotline email address.

Every single email failed with the same error message.

Is it a ransomware attack? I have no idea. It's not the first time I've used an email address from a website and it bounced. (That's the third lesson: check those public email addresses.) But all of them?

It's NOT Superman!

I can't think of an honest explanation for this. So I tried to report it to the government fraud hotline. They told me to phone the DHA fraud hotline. According to Telkom, the published number for the DHA Counter Corruption Unit does not exist. And, as I'd already discovered, the email address doesn't work either.

I need a Bat-Signal

Yes, I'm mixing my superheroes. But I don't know how to contact Superman. Batman has the Bat-Signal that can be used to call him in times of distress. I am definitely in distress.

If you have any suggestions for a Bat-Signal that will work, please share them. I'm out of ideas.

Leave a Comment

Your email address will not be published. Required fields are marked *

Thank You

We're Excited!

Thank you for completing the form. We're excited that you have chosen to contact us about training. We will process the information as soon as we can, and we will do our best to contact you within 1 working day. (Please note that our offices are closed over weekends and public holidays.)

Don't Worry

Our privacy policy ensures your data is safe: Incus Data does not sell or otherwise distribute email addresses. We will not divulge your personal information to anyone unless specifically authorised by you.

If you need any further information, please contact us on tel: (27) 12-666-2020 or email

How can we help you?

Let us contact you about your training requirements. Just fill in a few details, and we’ll get right back to you.