There are steps you can take to protect yourself and make sure you don’t fall prey to attempts to take your money.

In this section we give you helpful hints and tips to protect yourself online.

Top five tips

Two-Factor Authentication

Why is 2FA important?

2FA improves the security of access to your online accounts. For example, if a cybercriminal knew your banking password, they would not be able to perform an online transaction without your security token or mobile device.

A number of sites and applications for social media, email accounts and financial institutions have introduced an optional 2FA because they recognise the importance of our personal and organisational information.

What can you do?

  • Enable 2FA wherever it is offered, usually found within applications account settings.
  • Store security devices such as tokens securely to avoid unauthorised use.
  • Unplug any security devices (where relevant) when not in use.

 

Email Compromise

How do these types of compromises occur?

A cybercriminal can compromise a director’s email account via a phishing email, or they can use an email address that looks very similar to that of the director’s. The cybercriminal works to gain trust with a victim who has online banking access (e.g. payroll manager, or treasurer) and requests an online transaction or wire transfer. The transaction will appear completely legitimate to the organisations financial institution.

What can you do to help keep your business safe?

  • Educate staff (particularly those who manage payments) on the risks of business email compromise.
  • Before acting on the message (e.g. clicking on any links, opening attachments, or following any instructions) contact the company sending the message (using a phone number from their website) to confirm the legitimacy of the sender.
  • Follow the correct and complete usual business process when completing fund transfers.
  • Report any incidents to your local government bodies.

 

Mobile Devices and Applications

What could happen if your mobile device is compromised?

Mobile devices and apps can collect and transmit your personal and confidential information including banking details, location services, contact and emails. If this information falls into the wrong hands it could be used to access your online bank accounts and enable cybercriminals to steal your identity.

What can you do to help prevent mobile device compromise?

  • Enable automatic updates to your mobile applications and operating systems to receive the latest security enhancements.
  • Only download apps from trusted app stores (e.g. Apple App Store, GooglePlay) to reduce the risk of downloading malicious software and restrict App permissions.
  • Back up your information to your personal computer, external hard drive, network or cloud regularly so it can be recovered if you are ever compromised.
  • Enable automatic locking of your device and apps and install security software which can enable you to find lock and erase content from you device.
  • Do not override your mobile devices operating system.
  • Exercise caution when using public Wi-Fi to conduct online banking or email and restrict your device from automatically connecting to unknown networks as they may be monitored to collect your information.

 

Passwords

What could happen if someone knows your password?

If someone unauthorised knows your password you may be at risk of fraudulent activity taking place on your banking, email, social media and online shopping accounts and/or identity theft.

Ways to help create stronger passwords:

  • Avoid choosing generic passwords or a password that is easily identified with you (e.g. password1, date of birth, name, phone number, your child’s name or pet)
  • Create smart passwords with a minimum of eight characters using a combination of numbers, symbols and upper & lower case letters. Consider using long and memorable passphrases (e.g. Th3Qu1ckBr0wzF0x).
  • Do not share your password! Be wary of unexpected calls or emails requesting personal information, passwords or bank details. ANZ will never send you an email or SMS asking you to verify or provide confidential information.
  • Create different passwords for online banking, social media and email to help protect your accounts should one become compromised.
  • If you suspect your ANZ password has been compromised call ANZ immediately on 13 33 50.

 

Privacy, Identity and Social Media

Why should you be cautious about the information you share on social media?

Social media can offer an easy opportunity for identify theft. It’s important to be careful how much information you make available online and to whom. Social media accounts that are private reduce your risks of identity theft and harassment.

If you identity is stolen you may be at risk of unauthorised access to your banking, loans opened or welfare claims under your name and a damaged credit rating. Victims of identity fraud have been known to suffer an impact on their wellbeing.

What can you do to help protect your identity and privacy?

  • Adjust your social media privacy settings to ‘private’ and do not share personal or confidential information such as your date of birth, address, bank details and passwords on social media sites.
  • Ensure your computer and mobile device(s) have the most up to date security software updates.
  • Beware of suspicious messages, always verify the sender of any unexpected SMSs, calls or mail by searching for their organisation online and contacting them directly.
  • If emailing identification documents such as a driver licence or passport, ensure you delete the email after sending and also delete from the trash.
  • Set smart passwords and use two factor authentication where possible to apply an additional layer of protection.
  • Never provide your personal or security details including customer ID’s or passwords, in response to any email even if it looks legitimate.
  • Avoid transacting online where you are using public or complimentary public Wi-Fi.

What to do if you suspect your identity has been stolen?

If you’re receiving bills, credit and loan statements or calls from creditors that you know nothing about or if you are experiencing difficulty obtaining a credit card or loan due to an inexplicable bad credit rating you should:

  • Immediately contact your national government’s identity theft support services.
  • Reset your passwords.
  • Take actions to keep your mobile device and apps secure.
  • Run security software to scan your computer or mobile device for malware.
  • Notify your relevant financial institutions.
  • Request a credit report from a reputable credit reference agency.

 

Security Software

Why should you use security software?

Malicious software can stop your computer from working, delete or corrupt your files and/or allow cybercriminals to access personal and confidential information on your computer.

What can you do?

  • When you first install security software on a device, run a “full-scan” of the system to detect whether there is existing malware, and then enable regular automatic scanning.
  • Keep security software up-to-date and activated.
  • Regularly back-up your data so you can recover it if your files are stolen or damaged.
  • Be wary of suspicious messages including emails and SMSs.
  • If your security software is unable to remove a virus, contact a technical support provider for assistance.

 

Shopping Online

How can you be safer shopping online?

  • Look for the https:// and padlock in your browser to determine whether the site is secure.
  • Check reviews on the online store to confirm if it is legitimate.
  • Avoid payment via money transfers and direct bank deposits by opting for more secure payment channels such as PayPal or BPay.
  • Never send your bank or credit card details via email, SMS or Social Media.
  • Make sure the computer or mobile devices you use for online shopping has the latest security software updates.

 

Suspicious Messages

What could happen?

Malware- clicking on limits or attachments in suspicious messages could lead to malicious software (malware) being downloaded onto your computer mobile devices. Malware can infect your device s and access your personal and confidential information.

Fake website – responding to or clicking through suspicious messages could also direct you to fake websites where you may be asked to enter your login and password details which may be used to conduct fraud.

Possible signs of a suspicious message:

  • The message is unexpected, is from an unfamiliar sender and/or contains unfamiliar links and attachments.
  • The message creates a sense of urgency to act e.g. ‘update your online account details immediately’ or ‘click now to claim your prize!’
  • The message requests your personal or financial information, even if it appears to be from a legitimate source.

What if you receive a suspicious message?

Before clicking any links, attachments or following any instructions, contact the organisation sending the message. It is important to use a phone number from the organisations’ website to confirm the legitimacy of the website.

What if you have clicked on a suspicious link or an attachment?

  • Disconnect your device from the internet to prevent the cybercriminal from sending any personal or confidential information from your device.
  • Back up your files to a personal computer, external hard drive, network or cloud.
  • Scan your computer device for any malware using appropriate security software or seek assistance from professional technical support provider.
  • Immediately contact your relevant financial institution if you see any signs of unexpected transactions. 

 

You need Adobe Reader to view PDF files. You can download Adobe Reader free of charge.