Protecting Yourself Online - What Everyone Needs to Know SECOND EDITION
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Protecting Yourself Online
What Everyone Needs to Know
SECOND EDITION
Protecting Yourself Online
What Everyone Needs to Know
SECOND EDITION
Introduction
Many of us have openly welcomed the To help keep all Australians safe and secure online, the
Australian Government offers a range of information from
internet into our lives. a number of different sources, including the
ISBN: 978-1-921725-68-5
© Commonwealth of Australia 2011 For most of us the internet is part of • Attorney-General’s Department
All material presented in this publication is provided under a Creative Commons Attribution our daily routine for keeping in touch • Department of Broadband, Communications and the
3.0 Australia (http://creativecommons.org/licenses/by/3.0/au/deed.en) licence.
with friends and family, working, Digital Economy
For the avoidance of doubt, this means this licence only applies to material as set out in
this document. studying, playing games, shopping • Australian Communications and Media Authority
The details of the relevant licence conditions are available on the Creative Commons and paying bills.
website (accessible using the links provided) as is the full legal code for the CC BY 3.0 AU • Australian Competition and Consumer Commission
licence (http://creativecommons.org/licenses/by/3.0/legalcode).
While the internet offers us many
Use of the Coat of Arms • Australian Federal Police, and
The terms under which the Coat of Arms can be used are detailed on the It’s an Honour
benefits, there are also a range of
• Office of the Australian Information Commissioner.
(http://www.itsanhonour.gov.au/coat-arms/index.cfm) website. safety and security risks associated
Contact us with its use. This publication brings a lot of this information together in
Inquiries regarding the licence and any use of this document are welcome at: one handy booklet, to help you stay safe and secure when
Business Law Branch
Attorney-General’s Department
These include threats to the integrity using the internet – whether dealing with scams, spam,
3-5 National Circuit of our identities, our privacy and banking or bullying.
BARTON ACT 2600
Telephone: (02) 6141 6666 the security of our electronic
copyright@ag.gov.au
communications, in particular
Disclaimer
financial transactions, as well as
The information in this publication is solely intended to provide a general understanding of
the subject matter and to help people assess whether they need more detailed information. exposure to offensive and illegal
The material presented in this publication is not and must not be regarded as legal advice. content and behaviour.
Users should seek their own legal advice where appropriate.
While everything practicable has been done to ensure the information in this book is
accurate, no liability is accepted for any loss or damage whatsoever that can be attributed
to reliance on any of that information.
Contents
Reduce your risk • some sections of this booklet also provide A summary 2 How to be safe online 22
additional information, for those who wish to take
Eight simple tips to help protect yourself online 2 Social networking safely 22
Being aware of what risks you face online will help you further precautions.
make informed choices about how you use the internet. Deal with offensive content 24
How to secure your computer 4
Mobile computing is now a dominant trend. While the
Protect your children online 25
There are no absolute guarantees that you can protect all term ‘computer’ is used throughout this document it’s Install security software 4
of your information online – but by following the advice Deal with online child grooming 27
important to remember that your phone, tablet computer, Turn on automatic updates 5
in this booklet you can significantly reduce your risk of game console and even refrigerator may be able to Checklist of basic steps 29
Use standard user accounts 5
becoming a victim of cyber crime. connect to the internet. The processing power in these
Set and protect your passwords 5 Where to go for more information 30
devices and the amount of personal information they
A bit unsure? Avoid running out of date software 7
hold is equivalent to a small computer so only thinking
Use smart settings for your web browser 7 Where to go to report online incidents 31
Taking the necessary steps to protect yourself online about security for ‘computers’ misses the reality of the
can be a bit daunting – especially to those less familiar modern world. Control your internet connection 7
Glossary of some online terms 32
with technology or the internet. However, there are Securing your wireless network 8
Read on to find out what you need to know to help protect
simple steps you can take to protect yourself and your Checklist of basic steps to secure your computer
yourself and your family online.
family online. or other internet enabled devices 9
You can also refer to the glossary at the end of this
By taking the time to understand online risks and how to How to be smart online 10
booklet to help you understand some online terms,
minimise them, you can gain greater confidence in how to
including those marked throughout this booklet. Prevent viruses and other malware 10
be safe and secure when using the internet.
Reduce spam 11
This booklet provides a range of information to help
Secure your money online 12
protect you online
Avoid scams and fraud 15
• 8 simple tips that you should always follow Be aware of phishing 17
Know how to spot money transfer scams and
• further information on various online issues, including
advance fee fraud 17
basic steps that you are strongly encouraged to take
Protect your identity and privacy 18
Checklist of basic steps to be smart online 21
PAGE iv PAGE 1
A summary
There are a lot of steps you can take to protect yourself Whether you are new to using the internet or a regular What these steps show is that protecting yourself online
online – and it can seem a bit complicated, especially if user – there are 8 simple tips that you need to follow to is about more than just how you set up and use your
you are new to using the internet. help protect yourself online: computer, mobile phone or any internet enabled device.
It’s also about being smart in what you do and the choices
This booklet provides a range of information to cater for
you make while using the internet.
you – no matter whether you have had a little or a lot of
experience online. There are criminals who use the anonymity of the internet
to run old and new scams. While many of these are
scams that most people would spot a mile away if they
1 Install and renew your security software and set it to scan regularly.
were attempted in the ‘real’ world, online scams are very
sophisticated and often harder to detect.
2 Turn on automatic updates on all your software, including your operating system and other applications.
So it’s important to remember that while the technology
may be new, the old wisdom still applies. If something you
Think carefully before you click on links and attachments, particularly in emails and on social
3 networking sites. see online or which is sent to you seems suspicious or too
good to be true, it probably is.
4 Regularly adjust your privacy settings on social networking sites. Further information about online issues and the steps
you can take to be safe online are provided in the
Report or talk to someone about anything online that makes you uncomfortable or threatened – following chapters.
5 download the Government’s Cybersafety Help Button.
This booklet is available online at
www.ag.gov.au/cybersecurity and
Stop and think before you post any photos or financial or personal information about yourself,
6 your friends or family. www.staysmartonline.gov.au.
You can request hard copies of this publication from
7 Use strong passwords and change them at least twice a year. cybersecurity@ag.gov.au.
8 Talk within your family about good online safety.
PAGE 2 PAGE 3
How to secure your computer Turn on automatic updates Use a standard user account
Reputable software companies often issue free updates to Your computer has two types of user account options, a
their software to fix security and other problems. These standard or administrative account. Creating and using a
fixes are called patches, and they should generally be standard user account for most daily tasks, such as surfing
applied as soon as they’re available. Security fixes are also the web and reading emails, will reduce the amount and
included in general updates, even if they don’t mention it. type of malware that is able to infect your computer.
The average time it takes to attack an unprotected Here are some basic steps you can take to secure
computer connected to the internet is measured your computer Most software will have an option called ‘check Many forms of serious malware require a user to be
in minutes.1 for updates’ under the help drop-down menu. You running an administrator account in order to successfully
• install reputable security software that protects your
should check this regularly. A lot of operating system infect your computer. Going online with a standard user
So it’s important to protect your computer properly. computer from viruses, malware and spyware, and
and application software can now be set to update account greatly reduces the effectiveness of many types
Otherwise you may be putting yourself and possibly includes a firewall
automatically – you should enable this option wherever of malware.
your family and friends at risk.
• have your security software set to update it is available.
The Stay Smart Online website has factsheets on
Make sure your computer is protected from harmful automatically
What is a drop down menu? how to set up standard user accounts.
emails and viruses, and from unauthorised people
• renew your security software when the subscription Visit http://www.staysmartonline.gov.au/factsheets
accessing your internet connection and personal
is due. to find out more.
information.
Also, beware of scareware – these are pop-up messages Set and protect your passwords
Install security software or unsolicited emails that tell you that your computer is
compromised and want you to purchase software to repair Passwords aren’t absolutely unbreakable, but they can
To help secure your computer you need reputable security
it. These messages aim to trick users into believing your help prevent criminals from accessing your computer.
software. The easiest software to install is an all-in-one
computer is already infected, and that purchasing the
package that includes virus and malware protection, Here are some basic steps you can take to set and protect
software will help get rid of it. Checking your security
spyware protection, a firewall – and parental controls your password
settings and making sure your pop-up blocker is on may
if you have children. If you’re not sure what software is
help avoid this. There have also been instances where • choose a ‘strong’ password
reputable ask at your local computer store or look for IT
users have received a phone call purporting to be from a
magazine or online surveys of security software. –– a minimum of eight characters
security company advising them that their computer is at
risk. Quite often the message and the software are fake. –– a mix of upper and lower case letters
–– at least one number, and
–– at least one symbol
• avoid using words found in the dictionary – try a
1 According the US Computer Emergency Response Team passphrase instead
www.us-cert.gov/reading_room/before_you_plug_in.html#I
PAGE 4 PAGE 5
Avoid running out of date software
• have different passwords for different activities and Discontinued products that are no longer for sale or Here are some basic steps you can take when setting up
change them regularly, particularly those for sensitive The challenge today – passwords and are out of date are more likely to make your computer your web browser
transactions such as banking, social networking and remembering them! insecure. This can include the software that runs your
• set up your own security settings on your web browser
your computer logon computer and other computer programs.
Ensuring that your passwords are secure is • if in doubt – set the security levels to high. But know
• don’t store a list of your passwords on your computer
Use smart settings for your web browser that this may restrict your ability to view and use some
in a word document – this makes it easy for anyone important. If your password is captured, guessed
or stolen, someone could impersonate you online, websites or the functions on them
who gets into your computer to access your social A web browser is the software you use to view websites.
networking, banking and other accounts steal money from your bank account, send emails • use the latest version – so update your web browser as
in your name or change files on your computer – Do not use the ‘remember’ function for passwords that
new versions become available.
• Select ‘no’ when your computer offers to automatically to name just a few of the possible outcomes. give access to financial or personal information like your
remember a password when logging into a website, banking or social networking accounts. This ensures that
especially banking, social networking and web mail Passwords do not have to be a single word, if your web browser gets attacked, you don’t lose all of
Control your internet connection
accounts. This is because scammers can use malware base your password on a phrase or sentence - a your sensitive passwords. More and more Australians are connecting to the internet
to find these stored within the PC. passphrase. Think of a phrase then change some using a broadband connection, whether it is ADSL,
of the characters to make it a strong password: Most computers come with a web browser already
wireless or cable.
If it helps to write your passwords down, do so – but installed. However, there is no guarantee that the web
hide them somewhere safe, away from prying eyes and I wish I could eat 12 meat pies a day becomes browser has been set up with the right security settings In addition to desktop computers and laptops, many
not together with your computer logon. An even better iWice12!mp@d for your needs. Hackers know how to exploit web browser mobile devices, such as smart phones, can be used
idea is to use a passphrase. settings, so it’s important to select the right settings to to access the internet. It’s just as important to enable
I love my cat becomes i
• If you have an ADSL or wireless modem then you • be careful about how you allow your phone to • change the Service Set Identifier (SSID), the name that
should always change the default password. broadcast your location – such as GPS applications. identifies the wireless network. Don’t use a name that Checklist of basic steps to secure
Do you really want a thief to know where you live and makes your network easy for others to identify, such
For more information check the instructions in the your computer or other internet
when your house is empty? as your family’s name or business name
manufacturer’s handbook or ask your Internet Service enabled device
Provider (ISP) for advice. • tampering with your phone’s software or operating • make sure your network encryption is turned on
install and maintain security software
system (sometimes known as jailbreaking) may leave and, just like your software, use the latest encryption
Some additional steps you can take to control your
it exposed to additional security vulnerabilities available on the device. turn on automatic updates for software
internet connection are
If you are unsure of how to do this follow the instructions
• set up separate accounts – only access the internet by Secure your wireless network use a standard user account
in the manufacturer’s handbook or seek advice from
using an account with limited access, rather than by an set and protect your passwords, use a
Wireless networks are a great way to make the internet your ISP.
administrator account. different password for different accounts
more accessible and to share information between
Here are some basic steps you can take to secure your devices online.
set up your own security settings on your web
smart phone and its internet connection browser
But an unsecured network is just like an unprotected
• use a PIN or password, so no one can access your computer – it leaves your personal and financial
control your internet connection
private data if your phone is lost or stolen information vulnerable. Securing your wireless connection
can prevent unknown people from accessing your wireless secure your wireless network.
• like your computer, set automatic updates or check connection for excessive downloads or illegal activities.
regularly for downloads to your phone’s operating
system and applications If you run a wireless network at home or in your business Still unsure about how to stay secure online? Visit page 30
there are a few steps you need to take to make it secure. to find out where to go for more information.
• only download applications from official stores or from
a trusted source, such as your own bank Here are some basic steps you can take to control your
wireless network
• take control of your smart phone - turn off your Wi-Fi
and Bluetooth when not in use or change your settings • assign a password so that any device that is attached
so that your phone asks for permission to join a new to the network must know the password to connect.
wireless networks. Don’t just use the default passwords as these are
widely known and make sure you use a strong
• only connect your phone to a secure (encrypted) password
wireless network and while it’s alright for general
browsing don’t use public wireless networks for
important online transactions such as banking
PAGE 8 PAGE 9
How to be smart online
If you suspect that your computer has been hacked The Internet Industry Association in conjunction
or infected by a virus with the Australian Government has developed
a voluntary code of practice for ISPs. The icode
• scan your entire computer with fully updated
is designed to provide a consistent approach for
The steps outlined in the previous section are an Here are some basic steps to prevent malware anti-virus and anti-spyware software
Australian ISPs to help inform, educate and protect
important start in protecting yourself online. However,
• scan email attachments with security software before • report unauthorised access to your ISP their customers in relation to cyber security risks.
simply setting up and maintaining your computer correctly
opening them
is not enough to fully protect yourself and your family and • if you suspect that any of your passwords have Make sure you use an ISP that is compliant
friends. • don’t open emails or attachments if you’re not been compromised, call the relevant service with the icode, look for the Trustmark
expecting them or you don’t know the sender provider (e.g. ISP or bank) immediately below on their website.
You also need to be smart about what you do and the
choices you make online. This means being aware of • think carefully before you click on links and • if you need assistance in removing
potential risks while transacting online, particularly where attachments in emails and on social networking sites malware from an infected computer,
money is involved. It’s important to show commonsense Reduce spam
visit www.staysmartonline.gov.au to find
and not be tricked into doing things online that you • only download files from websites you trust
resources and services that can help you. Electronic junk mail is commonly known as spam.
wouldn’t feel comfortable doing in the ‘real’ world.
• double check that the URL or website address is These are electronic messages you haven’t asked for
• you can also find more security related
correct, as the link may redirect you towards a fake that are sent to your email account, mobile phone number,
Prevent viruses and other malware information and assistance on the icode
or instant messaging account.
address, which may look similar to the legitimate site
website www.icode.net.au.
Malicious software or malware is a generic term for
• be wary when exchanging files over peer to peer The content of spam messages varies. Some messages
software that is designed to specifically damage, disrupt
networks promote legitimate products or services, while others
or take control of systems.
The Cyber Security Alert Service is a free will attempt to trick you into following a link to a scam
• read the licence agreement and terms of use before
Types of malware include things such as viruses, trojans, subscription based service that provides website where you will be asked to enter your bank
you download software and don’t download it if you
worms or spyware. information on the latest computer network account or credit card details. Many spam messages
don’t trust the terms and conditions
threats and vulnerabilities in easy to understand contain offensive or fraudulent material, and some
Your computer can be infected by malware through spread computer viruses.
• never click on an ‘Agree’, ‘OK’ or ‘No’ button to close a language.
email messages, visiting compromised websites, and
window on a website you don’t trust. This can launch
downloading infected files. It also provides solutions to help manage these risks. Spam now makes up the majority of email traffic.
spyware onto your computer. Instead, click the red ‘X’
Billions of unwanted spam messages clog up the
in the corner of the window You can sign up for the free Cyber Security internet, disrupt email delivery, reduce productivity
Alert Service at www.staysmartonline.gov.au/ and irritate users.
alert-service
PAGE 10 PAGE 11
If you have doubts, it’s
safer not to proceed
Here are some basic steps to reduce spam • be very careful about using your personal email Be smart about online payments
address on any websites
• speak to your ISP about spam filtering Do what you can to satisfy yourself that any online
• protect your private email account by creating payment you make is secure. Companies that offer secure
• if you don’t know who sent you an email, delete it
separate email accounts for use when conducting payments will tell you so before you start to provide your Be aware while shopping online
• if the message appears to be genuine, but unsolicited online transactions or social networking credit card details.
Online shopping is convenient and reasonably safe –
in nature, reply with ‘STOP’ (for SMS) or use the
• change your email account password regularly Although there are a number of things you can look as long as you take precautions.
unsubscribe facility (for email). On the other hand, if
for on a secure web page, the unfortunate fact is that
a message appears to be from a questionable source, • consider changing your email address if it’s discovered When you are shopping online, be wary if
scammers may be able to reproduce symbols to give you
avoid replying as it may alert the scammer that you by spammers
the impression that a fake website is secure.
have an active email address or phone number • the website looks suspicious or unprofessional
• update your email program as new versions
If you have doubts, it’s safer not to proceed.
• don’t reply to or forward chain letters that you receive often have built-in security and the latest spam • the website is offering bargains that look too good to
by email identification options. Here are some basic steps to ensure your online be true, or
payments are as safe as possible
• think carefully before you click on links and • you think you won’t get what you pay for.
attachments in emails and on social networking sites There are laws against spam in Australia. If you • check you are on a secure page – the URL or web
Here are some basic steps to make sure your online
have been spammed you can report it or lodge a address will begin with https (instead of just http) and
• don’t give your email address away unless you are shopping is as safe as possible.
complaint with the ACMA – refer to a key or padlock icon will appear somewhere on your
confident the recipient is a trusted party
www.spam.acma.gov.au or phone 1300 855 180. browser. But remember, this will only guarantee a Before making the purchase
• add the spam address to ‘junk senders’. Most email secure payment process – it does not guarantee the
Spam SMS can be forwarded to 0429 999 888. • know who you are dealing with – check that contact
programs have the ability to add them to a ‘junk senders’ identity of the website operator.
details are correct
list which blocks them next time they try to email you
• double check that the URL or website address is
• report email or SMS spam to the Australian Secure your money online • know what you are buying – read the description of the
correct – and not just similar to the legitimate website
product carefully – check the size, colour, value and
Communications and Media Authority (ACMA) at There are criminals who will try to find holes in your
• some web browsers also colour code the address safety of the product
www.spam.acma.gov.au or forward spam security measures and internet habits when you’re doing
SMS messages to 0429 999 888 bar to identify these websites with advanced security
online transactions – including paying bills, shopping • read all the fine print including refund and complaints
certification features.
Here are some additional steps to reduce spam and banking. They will try to trick you into revealing your handling policies
personal details and account details so they can steal your
• if the source seems genuine, and the message • check the currency, postage and handling, and other
information, money and property.
appears to promote a legitimate Australian business, charges – there may be extra charges you aren’t
contact the business and ask them to take you off their So make sure your computer is protected from online aware of
mailing list. security threats and that you have smart online habits.
PAGE 12 PAGE 13Jessica’s pedigree pup was
• check the final cost before paying, including any too good to be true Bank online securely
currency conversions and additional shipping costs.
Online banking is convenient and reasonably safe –
Making the payment “I was thinking about buying a dog and was as long as you take reasonable precautions.
looking through an online classifieds website.
• only pay by a secure web page and use a secure Here are some basic steps to ensure your online banking
payment method. Where possible, avoid upfront I fell in love with the photo of little Buster instantly. is as secure as possible
payment of any kind or money transfers and direct He was a 2 year old golden cocker spaniel with
• never use a link to your financial institution that has
debit, as these can be open to misuse and it is rare to adorable ears. He also had an impressive pedigree.
been sent to you by email or that is on a website.
recover money sent this way Best of all he wasn’t even very expensive as his
If these were from fake emails these may lead to
family was moving overseas and they wanted to
• when shopping through official classified websites, fake websites
make sure he went to a good home.
or online auction sites, ensure you complete the
• Once you have arrived at a website, double check
transaction through the website’s payment system. I contacted the seller immediately and after a
that the web address is correct – scammers can use
If you transact outside these systems you lose any lengthy email exchange, they decided that I was a
malware to make your computer redirect you to a
protection that the site offers good fit to take care of Buster.
scam copy of a legitimate website Avoid scams and fraud
• never send your bank or credit card details by email – I made a money transfer of $375 to pay for
• always log out from your internet banking session and Scams are dishonest tricks designed to fool you into giving
only by a secure web page Buster to be transported to me and went on a pet
close your internet browser when you have finished someone your money, passwords, personal details or
shopping spree so that Buster had everything he
• always print and keep a copy of the transaction other valuables.
needed when he arrived. • if any windows pop up unexpectedly during an internet
• if you think you have provided your account details banking session, be suspicious, especially if they direct Scammers love the anonymous nature of the internet.
I went to the airport to pick him up but they said
to a scammer, contact your bank or financial you to another website which asks for your account If you are shopping, banking, socialising or playing games
they had no record of Buster in their systems. I
institution immediately. information or password. If this happens, do not enter online, be on the lookout for people, emails or websites
tried calling the seller but the phone number was
your account information, password or any personal which try to deceive you.
disconnected.
details into the site and close the window immediately
If it seems too I contacted the online classifieds website to find
• don’t send your financial information by email
Dodgy sites and dodgy dealers are not always easy to
spot but knowing some of the warning signs can reduce
good to be true – more contact information, but they told me I was
the victim of a classifieds scam and that several
to anyone your risk.
it probably is other people had complained about the ad.
Besides the $375 I lost to the scammer I was also
• avoid using a public computer or public Wi-Fi
connections to do your online banking
Here are some basic steps to avoid online scams
• protect your identity: your personal details are
left with a pile of dog toys and food that I didn’t need” • make sure you are aware of, and act on, the security private and invaluable – keep them that way and away
advice provided by your financial institution. from scammers
PAGE 14 PAGE 15Be aware of phishing
• don’t respond: ignore suspicious emails, letters, phone Phishing emails used to be associated with banks, but • when you are on a banking website, look for a key or
calls or text messages – press ‘delete’, throw them out David was scammed $450 and couldn’t these days scammers will try to trick you into providing padlock icon and that the website address begins with
or just hang up pay his rent your personal and banking details by pretending to be https, to make sure the site is secure
from all sorts of well known and respected organisations,
• don’t let scammers push your buttons: scammers will • never send your personal, credit card or online
including government agencies.
play on your emotions to get what they want “I’m really busy with work, so I signed up to online account details via email.
banking and found it was an easy way to pay my While some emails will have tell tale scamming signs
• resist the personal touch: watch out for scammers bills and maintain my accounts. such as misspelt words or poor grammar, others can Know how to spot money transfer scams
posing as someone that you know and trust,
look like the real thing, using corporate logos and links to and advance fee fraud
pretending to know you, or pretending to be from well One day I received an email which looked like it
genuine looking websites.
known public companies or government departments had come from my bank saying that my account With the rise of internet banking it is easy to transfer
had some irregularities and that I needed to If you receive one of these emails – and chances are you money online. Unfortunately this has also meant an
• stay one step ahead of scammers: visit the log into a secure site to confirm my identity. probably will – do not follow any of the links. You could increase in the number and types of scams that try to trick
SCAMwatch website at www.scamwatch.gov.au to It had the proper logo and everything, so I also lose money and put your accounts at risk if you you into sending your money to scammers.
learn more about scams that might target you. clicked on the link in the email and typed in provide any of your personal details.
You can also subscribe to their email alerts at my details. Once you send money to someone it can be very hard to
https://www.scamwatch.gov.au/content/index.phtml/ Here are some basic steps to avoid phishing scams get it back – especially if they are overseas. Worse still,
tag/ScamWatchEmailAlert I was still worrying about my account later that you could be recruited as a money mule and find yourself
day, so to be safe I rang the bank to double check • never respond to requests for personal information in
in an illegal money laundering ring.
that the problem was fixed. It was then that the an unexpected email or on a website linked to from an
bank lady told me that the message was a scam unexpected email, even if it is supposedly from your Scammers use all sorts of stories to try and get your
If you have identified a scam or been a victim bank or an organisation you know or trust money. For example, don’t be lured by the prospect
designed to trick me into revealing my banking
of fraud of a new job opportunity where you can earn large
passwords and details. • be sceptical if you receive a request to update, validate
commissions for transferring money to other employees.
• report it to your service provider (eg bank, or confirm your personal information – if in doubt,
She said the bank didn’t email its customers Likewise, don’t be fooled by an email saying you have
or a social networking site), your ISP, and your contact the organisation by phone
like that. She was really helpful and froze inherited a large sum of money from a long lost relative
local police
my account straight away. I was relieved but • never enter your personal, credit card or online – and that you need to pay some fees to claim the
• you can report it to the ACCC via the someone had already taken out $450. It could account information on a website if you are not certain inheritance – this is a scam.
SCAMwatch website (www.scamwatch.gov.au) have been much worse but I didn’t have enough it is genuine
or by calling 1300 795 995. to pay the rent that week and I had to change
all my banking details and get new cards, • check the website address carefully, remember that
which was a pain.” scammers often set up fake websites with similar
addresses to real ones
PAGE 16 PAGE 17Protect your identity and privacy
Here are some basic steps to avoid being involved in a
money transfer scam
Identity theft refers to using another person’s name or
other personal information, usually for financial gain.
• avoid using public computers to access your personal
information. If you do use a public computer, check You wouldn’t hand your
• don’t fall for elaborate stories – try to remove the
Identity theft is a criminal offence. to see if the service provider has any secure settings.
Always remember to clear the history, close the web personal and financial
emotion from the situation and think before you act While the internet has improved communications and the
• don’t respond to emails offering you the chance of
ease of doing business, the downside is that fraudsters
browser and log out before you leave the terminal.
details over to a stranger
in the street so don’t
and other criminals may have more opportunities avoid using Wi-Fi hotspots for sensitive internet use.
making easy money
to obtain details about you, where you live, and your These are often open and unencrypted. A hacker may be
do it online.
• verify any person or company before you transfer personal life. able to break into your computer through a hotspot and
money or provide your credit card or bank potentially access your personal information.
By stealing your identity, a person may access your bank
account details.
account, obtain credit cards or loans in your name, and
potentially ruin your credit rating. Here are some additional steps to protect your identity
If you think your personal information has been
and privacy
Lyn was taken for a ride by an online Here are some basic steps to protect your identity and inappropriately used or accessed online, you can
lover lodge a complaint with the Office of the Australian • thoroughly check your account statements, including
privacy online
Information Commissioner at www.privacy.gov.au credit cards, bank statements, telephone and
• check your privacy and security settings on your social or phone 1300 363 992 internet bills
“I joined a dating site to see what it was like.
networking profile, never give away your account
Pretty soon I was talking to a nice man from If you suspect any fraudulent use of your identity • destroy or shred personal information – don’t just
details, and regularly update your computer security
Greece. He told me all about his home town and you should report it to the website operator throw it out
software
even sent me photos. He seemed really nice. (eg bank or social networking site), your ISP and
• check your credit report at least once a year –
• use strong passwords and change them regularly your local police.
After six months he told me he loved me and I this can help you catch any unauthorised activity.
– the personal information you put in your social
couldn’t have felt happier. A few months later he Credit reports can be ordered from
networking profile may be used by scammers to
told me his mother had cancer and had to have
guess your passwords –– Veda Advantage at www.mycreditfile.com.au or
chemotherapy. He said he couldn’t afford to pay
phone 1300 762 207
for it and he didn’t know what to do. • don’t share your personal information in an email,
SMS or on a social networking site with people you –– Dun and Bradstreet at www.dnb.com.au or
I felt so sorry for him. I’d recently had a family
don’t know and trust phone 13 23 33
member go through cancer treatment so I agreed
to help him out. I took out loans so that he could • don’t accept a friend request or follow a request from –– Tasmanian Collection Service at
pay the hospital bills. After sending the money, a stranger – the best way to keep scammers out of www.tascol.com.au or phone 03 6213 5555
I never heard from him again. I had to sell my your life is to never let them in
house to repay the debt.”
PAGE 18 PAGE 19• check out websites’ privacy policies. Only conduct
business, visit sites or become involved with websites Justin’s online friend stole his identity Checklist of basic steps to be smart online
that have adequate privacy policies that cover at least
–– who your information will be passed onto “I set up a profile on a social networking site, Preventing malware and reducing spam Transacting online and avoiding scams
added all my friends and posted a few pictures. and fraud
–– why the information is being collected Think carefully before you click on links in emails
I filled out some of the basic optional fields, such
or on social networking sites. It’s always better check you are on a secure page
–– how the information will be used as my birthday, hometown, email address and my
to type the address into the address bar yourself
interests. I also joined a few groups, such as my use a secure payment method
–– how you can access information the organisation
old school and one of my old jobs. don’t open email attachments if you’re not
holds about you don’t send your financial information by email
expecting them or you don’t know the sender
I chose secure settings so that only my friends
• if you do not agree with how websites and companies don’t respond to emails offering you the chance
could see my profile – I thought this was safe scan email attachments with security software
will use your details, do not provide them. of making easy money
enough. before opening them
verify any person or company before you
I started getting a few friend requests from don’t give your email address away unless you
transfer money, provide your credit card or
people I didn’t know, but I accepted some of them are confident the recipient is a trusted party.
bank account details.
because they had similar interests to me or were
friends with my friends. Protecting your identity and privacy
With so much of my personal history available, one don’t share your personal information in an
of these new ‘friends’ was able to forge documents email, SMS or on a social networking site with
and even make a fake ID using my photo. people you don’t know and trust
He then got a credit card in my name and ran up a avoid using public computers or Wi-Fi hotspots
debt of $500. to access or provide personal information.
Since then I am very careful about what I post,
even if I think it’s private.”
Still unsure about how to stay smart online? Visit page 30
to find out where to go for more information.
PAGE 20 PAGE 21How to be safe online
• don’t post photos of you or your family and friends that • learn how third party applications on social networking
may be inappropriate – or that your family and friends sites use your information. You can often control this
haven’t agreed to being posted by accessing your privacy or security settings
• never click on suspicious links – even if they are from • download or find out more information on the
Just as you need to be smart when transacting online, you So be very careful about the information you share and your friends – they may have inadvertently sent them Cybersafety Help Button at www.dbcde.gov.au/
also need to be aware of the risks of social networking, how you protect it. Criminals may also attempt to use to you helpbutton. It is an online resource that gives easy
particularly when interacting with people that you haven’t this information to facilitate other illegal activities in the access to cyber safety help and information.
• be wary of strangers – people are not always who they
spoken to or met in person. real world.
say they are. It’s a good idea to limit the number of
The unfortunate reality is not everyone is who they claim The social networking sites will often offer you options to people you accept as friends to people you know or
If you suspect any fraudulent use of your identity
to be online. Not everyone you meet online is trustworthy control the type of information you share with other users have met in real life and trust
you should report it to your social networking
enough to be considered a friend. and options to manage the people you want to interact
• always type your social networking website address service provider and your local police.
with. However, you still need to be careful about what
into your browser or use a bookmark.
Social networking safely personal information you put online and who you accept Parents: if you or your child has been harassed
as your ‘friend’. or bullied on a social networking site,
Never accept a
Social networking sites have become very popular ways to
go to www.thinkuknow.org.au or
communicate online. Here are some basic steps you can take to stay safe when
www.cybersmart.gov.au for advice and tips.
friend request from
using social networking sites
People use them to stay in touch with friends, make new
Download the Cybersafety Help Button at
friends or business connections, and share information • set your online profile to private or ‘friends only’
and opinions about a range of topics.
• protect your accounts with strong passwords
a stranger www.dbcde.gov.au/helpbutton. It’s an online
resource that gives children, teenagers,
However, some people using these sites have ill intentions parents and teachers instant access to help and
• have a different password for each social networking information on cyber safety issues 24/7.
and may use your information to embarrass you or Here are some additional steps you can take to stay safe
site so that if one password is stolen, not all of your
damage your reputation. when using social networking sites
accounts will be at risk If you are concerned about online behaviour that
Criminals can also use your information to steal your • check if your social networking site has a safety centre. involves sexual exploitation of a child or other
• think before you post – expect that people other than criminal activity, you should report this to your
identity. Indeed, some criminals will use social networking This will provide a number of tips and examples of best
your friends can see the information you post online local police, or phone CrimeStoppers on
sites to find out more about you and your interests so they practice when social networking online
can target you more efficiently with scams. 1800 333 000.
• don’t post information that would make you or your
• remember that any information available about you
family vulnerable – such as your date of birth, address,
online is potentially there forever. You can check what
information about your daily routine, holiday plans, or
information about you is publicly available online by
your children’s schools
typing your own name into a search engine
PAGE 22 PAGE 23Deal with offensive content
When you are using the internet, you may encounter • remind your children not to talk to strangers online
Sarah was being harassed by a stranger content that you find offensive – such as explicit sexual Report any inappropriate content to ACMA by
• monitor and supervise internet use by having the
activity or material containing excessive violence or sexual completing the relevant online form at
computer in a visible place in your home
violence, drug use, or criminal activity. www.acma.gov.au/hotline or by calling
“I like social networking because it’s a good way of
1800 880 176. • tell your children that if they are uncomfortable talking
keeping in touch with what my friends are doing. You can make a complaint about offensive content to
I can see the photos they’ve posted, and they can to you they can contact the Cybersmart Online Helpline
the ACMA.
see mine. I’ve also made new friends online. (Kids Helpline) at www.cybersmart.gov.au.
You can do this by completing the relevant online form Protect your children online
One day I received a friend request from someone Here are some basic steps for your children when
at www.acma.gov.au/hotline or by calling 1800 880 176.
The internet offers an exciting world of experiences for they’re online
I’d never met before. ‘Claire’ was about the same Make sure you take note of the offensive website’s address
children and the whole family. It can be entertaining,
age as me, and I could see from her profile that we so the ACMA can access the online content. • never give out any personal information. This includes
educational and rewarding.
liked the same music, so I accepted. your name, address, phone number, any family
If the content is sufficiently serious, such as child
However, using the internet also involves risks and information, where you go to school or where you
Everything was ok for a while, and we would pornography, the ACMA may refer the material to the
challenges. play sport
sometimes chat online. But then Claire started appropriate law enforcement agency.
writing nasty things about me and sending me Children might be exposed to content that is sexually • think before you post or share photos with people online
threatening messages. You can also contact your local police to report serious,
explicit, violent, prohibited or even illegal. They may
illegal online content such as child pornography. • never share your passwords, not even with your friends
also experience cyber bullying or be at risk from contact
I was really upset, so I checked my social
Here are some basic steps to deal with offensive by strangers. • think carefully before you open any attachments in
networking site’s safety information to see what I
could do about it. Following their advice, I reported online content emails from people you don’t know and trust.
Children may – unknowingly or deliberately – share
her using the ‘report’ link, and also blocked her so • take note of the website address so the ACMA can personal information without realising they may become
that she can’t contact me again. access the online content victims of identity fraud, or that they are leaving behind
Now I am much more careful. I have increased • make a complaint to the ACMA – by completing an
content that might not reflect well on them in the future. Stranger danger
the privacy settings on my profile so that only my
friends can contact me, and I only accept friend
online form, sending an email or making a phone call Here are some basic steps for you to protect your
children online
applies to people
requests from people I have met in real life.” • help protect your children from offensive content by
installing and maintaining a content filter on your • for younger children, set up your computer security online, just as it
computer or using parental controls on your security
software and letting them know that they can do if they
software to only access approved websites and email
addresses. This is known as whitelisting and will help does in real life
come across offensive content. to block inappropriate content
PAGE 24 PAGE 25Dealing with cyber bullying • download or find out more information on the Cybersafety The AFP works with state and territory police, other
Help Button at www.dbcde.gov.au/helpbutton so agencies and ISPs in the battle against online sexual
Unfortunately, your children may be exposed to cyber
that your child can access support immediately if they exploitation of children.
bullying. This can include
are bullied.
Here are some basic steps to help deal with child grooming
• receiving abusive emails or texts
Deal with online child grooming • monitor where your children go online
• unkind messages or inappropriate images being
posted on social networking sites Online child grooming is when an adult forms a • educate your children not to share personal
relationship with someone under the age of 16 with the information online
• being excluded from online chats. intent of later having sexual contact with that child or
young person. • remind your children to never meet someone in
Like other forms of bullying such as verbal abuse,
• never respond to negative messages but save the person who they have met online unless a responsible
social exclusion and physical aggression, cyber bullying This can take place in chat rooms, instant messaging,
message and the details of the sender. If you are a adult is also present
may result in the targeted person developing social, social networking sites and email.
parent, you may want to save the message so your
psychological and educational issues. • report suspicious behaviour to your local police or
child doesn’t keep reading it and feel worse Signs that a young person might be the target of online Crime Stoppers by phoning 1800 333 000.
While cyber bullying is similar to real life bullying it also grooming may include excessive use of the computer,
• monitor where your children go online
differs in some ways late night computer use and secretive computer use, Here are some additional steps for you to protect your
• remind your children to only have people they know changes in sexualised language and behaviour—either children online
• it can occur 24/7 and a child can be targeted at home
and trust as online friends/contacts becoming more or less sexualised in language, behaviour
• explore the internet with your children – consider
• it can involve harmful material being widely and and dress—and a change in the way they relate to friends
• reassure your children that you love and support them using safe zones and exploring child-friendly websites.
rapidly sent to a large audience, for example, rumours or family. These signs do not necessarily mean a young
and you will help them Bookmark websites for them that you have approved
and images can be posted on public forums person is being groomed. They could also be signs that a
• report cyber bullying to your children’s school and/or young person is experiencing more general social issues • let your children know that not all websites are
• it can provide the bully with a sense of relative
the relevant social networking site or service provider associated with growing up. suitable and if they encounter a site that makes
anonymity and distance from the target, so there is a
them feel uncomfortable, they should leave the site
lack of immediate feedback or consequences. • if your child has been involved in cyber bullying and If you think that you or your child is being groomed
immediately, either by clicking on ‘back’ or closing the
seems distressed or shows changes in behaviour online, then contact the Australian Federal Police (AFP)
Here are some basic steps to help deal with cyber bullying browser altogether
or mood, seek professional help. You can do this by completing an online reporting form at the ThinkUKnow
• increase your online security and privacy and block through the Cyber Smart Online Hotline at cyber safety website – www.thinkuknow.org.au. • reassure your children that they won’t be denied
communications from cyber bullies www.cybersmart.gov.au/report.aspx. This provides access to the internet if they report seeing
free, online counselling for children and young people. inappropriate content
Your child’s school may also be able to provide support
and guidance
PAGE 26 PAGE 27• for older children, consider tools that block access
to chat rooms and prevent giving out personal If you or your child has been harassed or Checklist of basic steps to be safe online
information bullied on a social networking site, go to
www.thinkuknow.org.au or Social networking safely Protecting your children online
• check to see if your ISP is
www.cybersmart.gov.au for advice and tips.
Family Friendly by looking set your profile to private install and maintain a content filter on your
for a lady bird logo on their If you believe someone has behaved computer or use parental controls on your
protect your accounts with strong passwords security software
website. These ISPs must inappropriately or in a sexual manner towards your
adhere to the Internet child or children, report it to your local police, or use discretion when accepting ‘friends’ for young children, set up your computer to only
Industry Association codes of practice. They offer phone Crime Stoppers on 1800 333 000.
access approved websites and email addresses
information and online tools to help parents and think carefully before you click on suspicious
If there is a threat to your child’s safety the police links – even if they are from your friends monitor where you children go online
children use the internet in a fun and safe way.
can help. In a life threatening and time critical
situation call Triple Zero (000). don’t post information that would make you or educate your children not to share personal
your family vulnerable, such as your date of birth information online
Download the Cybersafety Help Button at and address report cyber bullying to your child’s school and
www.dbcde.gov.au/helpbutton. Its an online
your ISP
resource that gives children, teenagers, don’t post photos of you or your family and
parents and teachers instant access to help and friends that may be inappropriate – photos that remind your children to never meet someone
information on cyber safety issues 24/7. your family and friends haven’t agreed to being in person who they have met online unless a
posted or that identify where you live, work or responsible adult is also present
go to school.
tell your children that if they are
uncomfortable talking to you they can contact the
Dealing with offensive content
Cybersmart Online Helpline (Kids Helpline) at
take note of the website address www.cybersmart.gov.au
make a complaint to the ACMA. report suspicious behaviour to your local police
or Crime Stoppers by phoning 1800 333 000
download the Cybersafety Help Button at
www.dbcde.gov.au/helpbutton.
Still unsure about how to stay safe online? Visit page 30
to find out where to go for more information.
PAGE 28 PAGE 29Where to go for more information Where to go to report online incidents
Cyber security Offensive content Fraud Offensive content
• www.staysmartonline.gov.au – for individuals and • www.acma.gov.au • report any loss or fraud attempt to your service • Report any inappropriate content to ACMA by
small business provider (eg bank, social networking site), your ISP, completing the relevant online form at
Online shopping and your local police www.acma.gov.au/hotline or by calling 1800 880 176
• www.cert.gov.au – for large companies
• www.accc.gov.au or phone 1300 302 502 Identity fraud and identity theft Scams and phishing
• copies of the Australian Government’s Cyber Security
Strategy are available at www.ag.gov.au/cybersecurity • report any fraudulent use of your identity to your • report any scams to the ACCC on the SCAMwatch
Privacy
service provider (eg bank, social networking site), website at www.scamwatch.gov.au or phone the ACCC
• www.icode.net.au for information on the Internet
• www.privacy.gov.au your ISP, and your local police Infocentre on 1300 795 995 during business hours
Industry Association’s voluntary code of practice on
cyber security (the icode) • also report any scams to your service provider (eg bank,
Scams and fraud Malware
social networking site), your ISP, and your local police
Cyber safety • www.scamwatch.gov.au • If you are having difficulties removing malware from
your computer report the matter to your ISP or contact Spam
• www.cybersmart.gov.au • SCAMwatch twitter – follow SCAMwatch on Twitter at
a professional to remove it. The icode website has
http:twitter.com/SCAMwatch_gov or @SCAMwatch_gov • you can report or complain about spam to the ACMA
• www.thinkuknow.org.au information on finding professional help at
– refer to www.spam.acma.gov.au, or for spam SMS
http://icode.net.au/professional-help.php
• cybersafety@acma.gov.au or phone 1800 880 176 Spam forward the message to 0429 999 888
• www.spam.acma.gov.au Privacy
• www.dbcde.gov.au/helpbutton Online grooming
• if you think your personal information has been
• phone the spam hotline on 1300 855 180 • you can report online grooming to the AFP by
Identity security interfered with online, you may be able to complain to
completing the online reporting form at
• spam SMS can be forwarded to 0429 999 888 the Office of the Australian Information Commissioner
• www.ag.gov.au/identitysecurity www.thinkuknow.org.au
at www.privacy.gov.au or phone 1300 363 992
Other
• you can also report any online incident to
Crime Stoppers by phoning 1800 333 000
PAGE 30 PAGE 31You can also read
