You, your family, and your friends, all likely interact with the internet and technology.

Being online means you may get unlucky and be targeted by a hacker or a scammer who is trying to steal and sell your information, or steal your money through viruses (ransomware) or extortion.

Fortunately, there are many easy things you can quickly do to protect yourselves and your families from these criminals. Below are three short sections that will help you keep your information safe, be savvy to scammers, and keep your devices secure.

eSafety guides

VU is a partner of eSafety so that we can provide our community with the most current and relevant information to stay safe online.

The document packs on this page were provided by eSafety to help staff and students stay safe online in a more virtually connected world. They contain great pieces of information to help you protect yourself, friends and family, from potential online abuse. They also explain how to address online abuse if it does occur.

eSafety toolkit for academics

eSafety toolkit for students

Safe

When you go home, you enter your house with a key and you lock the door behind you to make sure a stranger can’t walk in.

Your online accounts are similar. If you don’t take care someone could break into your online home and steal you identity or money. Following the below tips can help reduce the likelihood of that happening.

Passwords are the key to your online life, make sure you do the following to keep them secure.

  • Use a passphrase for your passwords; something like “RabbitCheesePencil#3Outlook” is easier to remember and is stronger than “[email protected]” – just change the 'Outlook' part depending on what you’re logging into.
  • Keep your passwords long and unique (longer than 12 characters).
  • Practise making a good password at www.howsecureismypassword.net
  • You can use a password manager of your choice to securely store and make passwords for you. They're very convenient as you only need to remember one password after you set it up.
  • Never share your passwords.

 

Login credentials, like your usernames and passwords, sometimes get hacked or stolen. MFA adds a layer of security that stops hackers from getting in to your accounts if they have your credentials.

If you’ve ever logged in to MyGov, or your bank online, you have to receive a code via an SMS, or an Authenticator App (this is more convenient, see resources), to prove that it’s really you trying to log in – that’s MFA.

You can turn on MFA for your personal accounts that you really don’t want getting hacked, helpful guides to set it up quickly can be found here https://www.telesign.com/turnon2fa/tutorials/.

When accessing websites, games, shopping, and downloads online, you should follow these tips.

  • Make sure your internet browser is up to date so it can help protect you.
  • Look for the green padlock (https) in the URL bar. This means it's encrypted and safe. Only provide sensitive personal information when you see this padlock – like providing your TFN or credit card when buying something online.
  • Only download files from trustworthy sites, otherwise they may contain a virus designed to spy on you or hold your computer at ransom (ransomware).

  • Illegal downloading, streaming, file sharing, and publishing, breach copyright and can result in disciplinary actions, fines, or worse.
  • Unauthorised uploading and downloading of copyrighted works is a crime.

 

Files in emails and on USBs could be stolen and accessed by criminals. Encrypting sensitive information, like your medical records or TFN information, can help keep it private and safe.

  • Use a zip tool, such as WinZip, to encrypt your files with a secure password before sharing it digitally.
  • Don’t share the password of the file in the same message, or email, as the file, because if a hacker gains access to the account sending or receiving the file they’d be able to easily access that sensitive information.

Savvy

When hackers hack a company they may try to steal their customer information to sell on the dark web (internet black market). If it’s a company or app you’ve used, it’s possible your information is being sold online.

You can go to www.haveibeenpwned.com to see if your information is being sold by criminals, find out where your information was stolen from, and what information was stolen.

If your password for any app or website has been stolen and sold online, you should change your password for that website, app, company, as soon as possible, and change your password for any others that use the same password. For help on passwords please refer to the Passwords section under the 'Safe' category above.

 

  • Scammers might send you an email trying to steal your username and password, or trying to trick you into downloading a virus onto your device. Scams are getting better, this google quiz can show you a few ways you and your family can spot them.
  • Always check the email address that an email comes from, phones usually hide this and you’ll have to look for extra details. If the email address seems suspicious, delete it.
  • You can always go directly to a company’s website or app to access information you may need.
  • VU will never request your password or ask you to validate your password through email links.
  • If you believe you may have responded to a phishing email, phone IT Service Desk on +61 3 9919 2777 (option 1)

 

  • Similar to email scams, a scammer may send out scams to your phone number – they’ll likely be asking for sensitive information or to click on an unusual link. The unusual links typically lead to fake websites trying to trick you into giving them your username and password by 'logging in'.
  • If in doubt about an SMS you’ve received you should never click on the link. You should go to the company’s website, check their app, or call them, to determine if the SMS is real and access the information it was trying to lead you towards.
  • SMS scams can appear in the same conversation as real SMS's from an organisation. This doesn’t mean they’ve been hacked, as scammers can impersonate any organisation by SMS and it’ll appear on your phone as if it were coming from the reputable organisation.

 

  • Phone scams are on the rise. People who are unaware of these attacks are much more likely to fall victim, so please talk to family about these.
  • The scammers will pretend to be from a reputable company and will try to scare you into sending money via an online transfer or by buying gift cards, or they may try to download a virus to your computer by providing 'remote support'. If you’re ever unsure about a phone call, hang up and ask a friend or a family member.
  • You can always hang up and call back by finding the company’s phone number online and calling them directly (scammers may give you a fake number).

 

Stay Smart Online is an Australian governmental website dedicated to helping Australians stay safe online. You can sign up to their alerting service to be warned when new and large scams are targeting Australians.

Go to their website, hover over 'Alert service' and select sign up to the alert service to get started.

 

  • Ensure your social media privacy settings are set to your comfort level.
  • When looking for jobs it's likely your potential employer will look you up on social media. It’s always a good idea to review it before applying.
  • Searching for your name or email address online is a good way to see what’s easily found about you on the internet.

 

Secure

If you have no lock screen set on your device and it’s stolen, or lost, the thief would have access to a lot of your life.

Putting a PIN on your device (or fingerprint scan, or facial recognition if available) and turning on 'Find my device' (if you have this option) are a couple ways to protect your device and your personal information.

 

The only sure way to make sure your files stay safe from viruses, device theft, or devices getting old and failing to turn on, is backups.

  • If you get a virus, it’s very likely you could lose all of the files on your computer forever, which is why it’s important to have a copy of your files and photos.
  • Back up your files to an external hard drive, put a password on it, and store it securely.
  • Back up your files to a cloud service (like OneDrive, Google Drive, iCloud, Dropbox, etc) for convenience of access and easy access when moving to a new device or refreshing your current device.

 

  • Keep your devices up to date to help prevent virus infections on your devices.
  • Delete any apps and software you no longer use.
  • Review your phone apps permissions to ensure they only have access to what you’re comfortable accessing, e.g. a calculator app shouldn’t need access to your contacts and camera.

 

Install a reputable anti-virus software to help protect your devices, and keep the anti-virus up to date.

 

Public wifi hotspots in cafes, airports, hotels, and libraries can be risky.

Connect with care by taking the following steps.

  • Limit access to sensitive accounts such as banking or medical records.
  • When using a laptop, identify that it is a ‘public’ network if prompted, and don’t share folders or devices with others on the network.
  • Use a VPN – there is not much stopping a hacker from pretending to be a public wifi and then spying on you if you connect; using a VPN can greatly protect you from this. You should have the VPN turned on before you connect to the free wifi.

 

Contact us

If you have concerns about your security and privacy online or if you believe you may have responded to a phishing attack, please contact us in one of the following ways:

The following websites give excellent advice on staying safe online:

  • The Australian Government has a website with information and tips to help you protect your privacy online.
  • The Australian Bankers Association provide details on staying safe online through their security and fraud prevention site.
  • Staysmartonline, an Australian government initiative, provides simple information for Internet users on how to protect themselves online, as well as up-to-date information on the latest online threats.
  • Advice on ways to protect your privacy by making your mobile device (smartphones and tablets) more secure.
  • Scamwatch, run by the ACCC, provides information about current scam alerts as well as how to recognise and avoid scams.
  • Little Black Book of Scams is a document published by the ACCC through their website. The book identifies several common scams, how to recognise them, and how to avoid them.