Here we will:
Install a firewall. It's a barrier between your computer and others. You can authorise/deny access attempts.
Install anti-virus software (and anti-spyware if not already included). Examples of viruses and malware are:
Use a password, pin or biometric data to lock your device when unused. Consider enabling device locking after a set time unused.
Don’t leave it unattended in public. Even if locked, it can be stolen. Do not lend it to others unless needed, and don't let it out of your sight if you do.
Keep software updated - security patches reduce vulnerabilities.
Download reputable apps from trusted sources, eg. Google Play.
Install reputable security software with anti-virus and anti-loss capabilities.
Keep Bluetooth off or hidden if not in use.
Consider app-lock applications to protect unlocked access to apps with sensitive information.
Consider enabling remote locking and wiping so you can lock/wipe your phone from afar. Auto-wiping can remove data after a number of incorrect login attempts.
Consider adding emergency information to your lock screen. This could help it be returned if lost.
Unsecured connections allow access to your devices/connection without permission.
Change the default administrator password on your router. - default passwords can sometimes be found online. Choose something strong instead.
Free wifi can have security risks.
Internet Explorer is an identified security risk. Consider another browser where possible.
Browsers offer a number of security settings to configure. Sometimes these are under ‘advanced’ options.
Some features may introduce vulnerabilities. You can turn these off, or turn them on only sometimes. Eg:
Install only reputable browser plugins/extensions. Do you research first.
Always keep your browser updated. Security patches reduce vulnerabilities.
Don't enter sensitive information into a website without 'HTTPS:'. HTTPS: means it has a SSL (Secure Socket Connection) Certificate installed to encrypt traffic, so it is more secure.
Always pay attention to what you allow or restrict, including access to camera, microphone, location, etc.
Strong passwords are your first line of defense. Consider reputable password manager software or make your own strong passwords.
Cyber-criminals can crack weak passwords easily:
Also pick a unique username. E.g. ‘admin’ is a very common username (so easy to guess).
Do use:
Don’t Use:
E.g.:
Try it in a different language too!
Make your passwords different If you use the same password everywhere, your information is more vulnerable.
This can be easy! Use extra letters to make them different. E.g.
Do:
Don't:
If your account is used by someone else change your password/s immediately and/or perform a password recovery.
When setting a password, you may need to provide a secret question and answer for password recovery. Eg:
Use information only you know. If password recovery is weak, you are still vulnerable - especially if your email is compromised.
2FA is Two Factor Authentication. Instead of one verification method (eg Username/Password), 2FA adds security with a second. Eg:
Your accounts and transactions are more secure with 2FA.
Eg. This website sends a token via Push Notification:
You must enter the code to continue the transaction:
Two Factor Authentication reduces risk, but not entirely.
Scams cheat people out of information (for identity fraud), money, or other things. Learn about common scams at https://www.scamwatch.gov.au.
Example Video: https://www.youtube.com/watch?v=BL7WJM342Uc
Most importantly:
Block problematic numbers. If compromised, contact your mobile provider - they might remove charges.
Scammers call and claim to be from a company/tech service that needs to access your computer (often to ‘fix’ a non-existent problem or process a refund).
If compromised, seek help from a qualified computer technician, change account details and contact your payment method to reverse charges if possible.
Phishing scams try to gain personal information (eg. login/credit card details/etc) often by pretending to be a trusted source.
Eg, calls or emails claiming to be from a bank or other institution asking for details to secure your account.
They are often designed to scare (eg. 'Centrelink' asking to confirm details or they'll stop payment). Others might pretend to offer a prize or similar.
If compromised, change your account information immediately, and contact the real company/institution to secure your details.
When buying from individual sellers:
When buying from stores:
When selling:
If compromised while using a payment method with fraud protection (eg, credit card or Paypal), you may be able to arrange a charge-back. Also contact your Consumer Protection Agency (eg, the Office of Fair Trading: https://www.qld.gov.au/law/fair-trading)
Some social media memes ask personally identifying questions that can be used for identity fraud - eg, 'name creators' that use your birthdate/street you grew up on to make a name).
Be cautious of 'catfishing' (fake profiles to take advantage of you, often on dating sites). ACCC example video: https://youtu.be/YDt0F7ETmRU
They may also pretend to be family or friends with fake profiles or compromised accounts. Eg:
More Information: https://www.scamwatch.gov.au/get-help/where-to-get-help
Privacy controls where your information is displayed and who sees it.
Some information you give intentionally. Eg, Your details to open an account. This is Personally Identifying Information.
Other information you might not realise you’re sharing – Eg, shopping habits or search history. This Non-Personally Identifying Information is connected to 'someone’, but not specifically you.
Video explanation: https://www.youtube.com/watch?v=y1txYjoSQQc
Information may be about you, but it is not owned by you.
Each social media platform has its own terms of service and privacy options. Review these before and during use of these platforms.
You can often Google guides on how to navigate privacy on each platform. We'll look at Facebook's settings today.
Facebook's account privacy options can be adjusted in ‘Settings’:
Timeline and tagging restricts who sees your content or can 'tag' you. Lists allow you to restrict these to specific people.
Review what other people see on your timeline: view as a general user, or specific person.
Friend lists
Create lists to easily share with only specific people.
Set privacy on posts
Select from the drop-down menu - you can select a friends list here too. Check this setting every time you post.
You (and others) can change the privacy of a post later.
Comments inherit privacy settings of original posts. Eg, if a post is public, so are your comments.
Facebook Pages and most Facebook groups have public posts. 'Account privacy' does not cover content on something marked as public.
You can block people if someone is harassing or bullying you (located under 'settings'). You can also report behavior on individual posts.
Consider disabling facial recognition to maintain privacy.
View and edit the accounts you’ve logged into using Facebook. Logging in with Facebook allows sites to access certain information. Regularly check and adjust information being shared.
Facebook advertisers use your data to show targeted content.
A lot of data is stored here. You can remove information (e.g. your interests), but Facebook will continue collecting data to rebuild lists.
Permissions allow/deny advertiser access to certain information.
Regularly check your activity log and review your data. Do you still need to share it? Remove what you don't need.
Use the security and log-in screen to review your logins, and log out remotely. If you left Facebook logged in somewhere accidentally, log out here.
Turn on Two Factor Authentication, and consider nominating people to vouch for your identity if you're locked out.
Privacy is not guaranteed even with strong settings:
To keep information 100% private, don't put it online.