Australians lose millions of dollars each year to online scams!
Check the Scam statistics from Scamwatch.
Anyone can be a target!
Phishing is an attempt to acquire sensitive information by baiting the user. A typical phishing attack involves a person using electronic communication, typically email, to induce the user to click on a malicious link or provide sensitive data. The bait might be an attractive subject line, seemingly official layout and branding or an enticing offer. The objective of a phishing attack may be to:
- gain access to your username and password
- obtain financial information
- induce you to download malware.
Spotting a phishing attempt
The Australian Cyber Security Centre (ACSC) recommends users avoid phishing attacks by:
- not opening emails from unfamiliar people and companies
- setting up a spam blocker on your email client
- hovering your mouse over links to check the real URL
- checking the message for spelling or grammatical mistakes
- remaining skeptical of enticing offers — is it too good to be true?
- not releasing any personal information via email — a reputable bank would not ask for personal information via email.
Source: Tips to avoid phishing has advice on what you should check to protect against a phishing attack.
Malware is a combination of the words ‘malicious’ and ‘software’. This software might be downloaded as a result of clicking on a malicious link, for instance as part of a phishing campaign or installing an unknown application.
Click the plus symbol to find out more about each type of malware:
Cybersecurity at UQ has information on how to:
- recognise cyber security threats
- report incidents and risks
- access online training (for UQ students and staff)
- stay cyber-secure, including using wifi safely and sharing sensitive information.
1. Install anti-virus software
Strongly consider installing anti-virus software to protect yourself against malware, spyware and adware.
PCMag has compared the main antivirus tools for:
2. Create strong passwords and vary them between services and platforms
- Consider using a password manager (discussed in section 6 of this module).
- Do not use the Login with Facebook option. Researchers have identified security and privacy concerns with this method of authentication.
3. Update your software regularly
Software companies regularly patch security flaws in operating systems and applications. Simply keeping your phone or computer’s operating system, web browser, and other applications up-to-date can help protect you and your data.
4. Be alert and guard against phishing attacks
Human error is one of the main causes of security breaches. Take the Spot the scam quiz from the ACSC.
Read Protect yourself by the ACSC.
Malware can be distributed by spam or phishing emails, by visiting malicious websites or downloading legitimate-seeming software.