Enable multi-factor authentication where available to add an extra layer of security to all of your online accounts.

Multi-factor authentication requires 2 or more ways to verify your identity to log in to your account. For example, after you enter your password or passphrase, you will get a code from an authenticator app, email or text message that you will need to enter to log in.

Multi-factor authentication makes it hard for a cybercriminal to access your account. It protects you even if one of your accounts’ other authentication methods has been compromised.

Using multi-factor authentication with a unique and strong passphrase will give an extra layer of security to your online accounts. Learn how to set up multi-factor authentication(Opens in a new tab/window).

Using a unique and strong passphrase for each of your online accounts is one of the most effective actions you can take to stay secure online. 

A passphrase is a more secure password. It contains a sequence of random words making it easier for you to remember but harder for cybercriminals to guess.

Strong and unique passphrases:

• contain 4 or more random words
• contain 15 or more characters
• are different for every account
• do not include identifying information such as family names, birth dates or addresses
• include symbols, capital letters, or numbers, if required by the website or service.

Learn about creating secure passphrases(Opens in a new tab/window).

Password managers can help you create, manage and store passwords or passphrases for each of your accounts. Many reputable password managers will check if your passwords or passphrases have been compromised in a data breach. Learn about choosing a reputable password manager(Opens in a new tab/window).

Combining a unique and strong passphrase with multi-factor authentication where possible will provide an extra layer of security.

Installing software updates for all of your internet-connected devices, like your phone or laptop, is critical to keeping yourself secure online.

Software updates fix weaknesses or gaps in your devices’ security. Installing regular updates will keep your devices secure and makes it harder for cybercriminals to access them.

Turn on automatic updates so your device tells you when an update is available. Be sure to install software updates when prompted. Learn how to update your devices.(Opens in a new tab/window)

Information you share on public internet forums, social media or through your device settings can put you at an increased risk of becoming a victim of cybercrime.

It is important to check your privacy and location settings often to make sure you are not accidentally sharing any personal or identifying information about yourself with the public. Cybercriminals can use information like your suburb, family or pet names to impersonate you and access your accounts.

Settings to check:

• Review the default privacy settings on your online or social media accounts to control who can see your information. Limit the visibility of your profile to trusted friends and family. This will help stop cybercriminals from learning more about you.
   
• Disable geolocation tracking on your internet-connected devices and apps if not needed. Geolocation is a method of determining a device’s location. Always check location services for each of your apps under device settings. Most apps don’t need to know your location. Be careful not to share your location online with strangers or on public sites.
   
• Disable photo and camera access on your devices if not needed.
  Some apps will ask for access to your camera and photos. Always check and adjust this setting for each of your apps. Most apps don’t need to access your camera and photos.

Learn more about updating your privacy settings on social media.(Opens in a new tab/window)

Be aware of your browsing when using public Wi-Fi.

Public Wi-Fi is the free, open-access Wi-Fi often available in public locations like: 

• shopping centres
• airports
• hotels
• cafes. 

These networks are often not secure and are an easy target for cybercriminals seeking to access personal information and passwords.

When using public Wi-Fi, do not access any sensitive or personal information, or log in to online banking, social media or email accounts, as the connection is not secure Cybercriminals could access any information you enter while using public Wi-Fi.

Find out more about the risks when connecting to public Wi-Fi.(Opens in a new tab/window)

Education and awareness are critical to keeping yourself, your family and friends secure online.

If you share internet-connected devices with family and friends, such as a phone, laptop or a gaming console, it is critical you are all aware of the important actions that will keep you secure online.

Make sure you have all set up multi-factor authentication, are using unique and strong passphrases and are installing software updates on all devices as soon as they are available.

Avoid sharing internet-connected devices when accessing sensitive or personal information, such as online banking. Ensure you also only use a trusted device to access this information.

Talking regularly about online security is a great way to ensure that you and those around you have the most up-to-date information.

Learn how to talk to your family and friends about staying secure online(Opens in a new tab/window).

Reporting cyber incidents is critical to helping the government: 

• identify new trends
• collate data
• alert the community
• help you recover from the incident.

To report a cybercrime, visit the Australian Signals Directorate's website(Opens in a new tab/window).

Scammers are criminals who deceive people into paying money or providing their personal information. Scams are always evolving and becoming increasingly sophisticated, making them more difficult to detect. That’s why it’s important to learn how to spot and avoid scams.

Scammers may contact you by:

• email
• text message
• phone call
• social media. 

They may create fake websites that look real and even publish sponsored ads online.

There are many techniques that scammers use to deceive people. Common warning signs include:

• pressure to act quickly
• amazing opportunities to make or save money – for example an investment or job offer
• requests to make payments in unusual or specific ways
• requests to set up new accounts or PayIDs
• messages with links or attachments
• requests for help, including financial, from someone you haven’t met in person. 

Phishing is a common scam tactic where someone pretends to be from a trusted organisation to get personal information from you. Scammers may send emails or messages with links that direct to websites designed to steal the details you enter, or with attachments containing malware. Do not click on any links or attachments in emails or messages.

To keep safe from scams: 

• Stop – Scammers will try to get you to act quickly, sometimes by worrying you or offering ‘too good to miss’ opportunities. Never give money or personal information to anyone if you are not certain who you are dealing with.
• Check - You can be contacted by scammers in many ways, including by phone, email, text message or social media. It’s important that you know who you’re really communicating with. Always check by contacting the person or organisation using details you find yourself from an official website or app.
• Protect - Act quickly if something feels wrong. If you have had money or personal information stolen, contact your bank immediately. Help others by reporting scams to Scamwatch(Opens in a new tab/window).  

Scamwatch shares information about:

• different types of scams
• how to protect yourself from scams
• what to do if you’ve been scammed.

You can also access resources like the Little Book of Scams(Opens in a new tab/window). 

For  more information visit Scamwatch(Opens in a new tab/window)

Install antivirus software on all of your devices to protect your personal information. Antivirus software gives protection against malicious software (or malware) and keeps your device secure from harmful viruses.  

Your device can be infected by malware in many ways, including:

• clicking on infected website links
• opening infected email attachments
• visiting websites infected by malware
• downloading infected apps and files from the internet.

Most new devices have built-in antivirus software. Check if you need to activate it and find out what protection it offers. You can also buy antivirus software that may offer better protection. Turn on automatic updates to ensure constant protection of your devices.

Learn more about antivirus software(Opens in a new tab/window).