Take control of your online identity

Lock down your login

As a first step, create strong, long passwords or a ‘passphrase’ that strings words together to tell a story only you know (for example, ‘MyGoatHasAPhD’). Make sure these are unique for each of your accounts and not reused. This is important because if there is a data breach and your credentials are stolen from one service provider, where you’ve used the same or even a similar password, criminals may be able to easily access more of your accounts.

You can then add an extra layer of defence with two-factor authentication. This is a way to confirm your identity by requiring something additional to a password and username, such as a unique verification code that is sent to you by a different means. At CommBank, this takes the form of NetCode SMS or a push notification. Many other popular internet services including social media, email and shopping services offer this feature too.

Think before you click

Be on the lookout for hoax phone calls, SMS and email messages designed to scare and trick you into giving cybercriminals access to your personal information. 

If you receive a suspicious message, you should never click a link, open an attachment, provide your personal information or respond to the sender. Instead, call the person or organisation via their officially listed contact details to verify the legitimacy of a message or phone call before taking any action.

CommBank will never send you a message asking you to confirm, update or disclose your personal or banking information, so if you’re a CommBank customer and you’ve received a suspicious message, you can check whether it’s already been reported as a scam on our website. You can help other customers by forwarding suspicious emails to hoax@cba.com.au so we can take action against any fake sites.

If you’re a CommBank customer and you think you may have accidentally revealed information that could result in unauthorised or fraudulent activity on your accounts, you should call us straight away on 13 2221.

Stocktake your social media settings

When it comes to social media, sometimes sharing is not caring! Cybercriminals are known to trawl through these platforms and harvest the information you share to enable their activities. You can be a savvy social media user by limiting the amount of personal details you publish on your profile, and regularly reviewing and adjusting your social media security and privacy settings to restrict who can see your activities. 

Be ready and resilient

Keeping your software and apps up to date is one of the easiest ways to protect yourself online – these updates are designed to fix security cracks, which is why it’s important to install them as soon as they become available. One easy method for keeping up to date is setting your system preferences to update your software automatically. You can also monitor sites such as haveIbeenpwned.com for data breaches your data may have been exposed in. 

It’s also a good idea to regularly backup your information, in case you ever need to restore your device to factory settings or dispose of it, to ensure all your data isn’t lost.

For more information on staying safe online, check out our online tips and the Australian Cyber Security Centre's website.