Watch what you share on social media
The rise of social media platforms has sent raging torrents of personal information into cyberspace, including where we are on holiday, the names of our pets, the schools our kids go to, what car we drive and our place of work. It’s a treasure trove for scammers. “Cybercriminals use social media platforms to research potential victims,” says the ACSC’s Nick Tamblyn. “Information showing your pattern of life, biographical details, relationships – those are the sorts of things they may be able to use to gain access to your information.” The website cyber.gov.au contains advice about how best to manage social media. As well as what you post, you need to consider what others are posting about you.
Be aware of phishing scams
Phishing scams are when bad actors (who are often, unfortunately, quite good actors) trick you into believing they are legitimate and make a request for urgent payment or for enough personal information that they can help themselves to your funds.
More than $2.9 million was lost in Australia to phishing scams in January alone, with more than 62 per cent delivered via text message. These phishing statistics, updated monthly, reflect data from reports to the Australian Competition and Consumer Commission (ACCC). The real numbers are likely to be a lot higher because people are often embarrassed to tell an agency when they’ve been scammed.
The ACCC’s ScamWatch is a great place to educate yourself on the many kinds of evil role-playing that sting Australians for millions each month.
“We are frequently required to hand over information digitally to service providers to confirm our identity and this process is exploited by scammers,” says CommBank’s James Roberts. “Our advice is stop, check, reject. If the text or call seems off, stop and take a breath. Real organisations won’t put you under pressure to act instantly. Check by contacting the organisation yourself or asking someone you trust to do it for you. Reject by hanging up, deleting the email and blocking the phone number.”
Download The Little Black Book of Scams, a free guide from the ACCC, to learn about how phishers try to trick you. It details the multitude of scams in operation out there. Some of these are quick muggings for money, while others are much more insidious and can result in a case of identity theft that takes years to untangle.
Know when you’ve been hacked – and act fast
If you’re active online, you’ll have received emails from companies advising of a data breach, as long as it’s an organisation operating in a jurisdiction with a notifiable data breach scheme, such as Australia. Many of us also interact with websites based offshore so we’ll never know unless we jump onto a service such as haveibeenpwned.com, where you can search using your email address and phone number to find out if they’ve been compromised. That knowledge is meaningless unless you act. “Change any compromised passwords across all accounts,” says Roberts. “If you no longer use an account where a password has been involved in a breach, you should still change the password and deactivate or delete the account.”
If you’re worried you’ve been hacked, take the two-minute Have You Been Hacked survey on the ACSC website for solid advice on next steps.
“Cybercriminals use social media platforms to research potential victims.”