Watch out, cyber criminals about!
Aussies are being increasingly targeted by cyber criminals wanting to exploit community fears about coronavirus. (Thanks again, COVID-19!)
The Australian Cyber Security Centre has issued a new alert over spam emails and text messages that encourage recipients to click on dangerous links.
Top tips to staying cyber-safe.
How to spot if an email or text message is phising.
- Read the message carefully, look for anything that isn’t quite right, such as tracking numbers, names, attachment names, sender, message subject and URLs.
- On a PC or laptop, hover your mouse over links to see if the embedded URL is legitimate, but don't click.
- Google information such as the sender address or subject line to see if others have reported it as malicious.
- Call the organisation on their official number as it appears on their website (separate to any contact details in the received message) and double-check the details or confirm the request is legitimate. Do not contact the phone number or email address contained in the message, as this most likely belongs to the scammer.
- Use sources such as the organisation's mobile phone app, web site or social media page to verify the message.
How can you protect yourself?
- Before opening an email, consider who is sending it and what they’re asking you to do. If you're unsure, call the organisation you suspect the suspicious message is from, using contact details from a verified website or other trusted source.
- Do not open attachments or click on links in unsolicited emails or messages
- Do not provide personal information to unverified sources and never provide remote access to your computer
- Hot tip: Reputable organisations locally and overseas - including banks, government departments, Amazon, PayPal, Google, Apple and Facebook - will not call or email to verify or update your personal information.
- Use email, SMS or social media providers that offer spam and message scanning
- Use two-factor authentication (2FA) on all essential services such as email, bank and social media accounts, as this way of 'double checking' identity is stronger than a simple password. 2FA requires you to provide two things, your password and something else (such as a code sent to your mobile device or your fingerprint) before you - or anyone pretending to be you - can access your account