Methods to Safeguard Yourself Against Online Financial Scams
Going Online in Rocky:
We've all got our daily online routine. Maybe you've paid bills, checked bank accounts, or used social media today. Maybe your phone has been your wallet, scanning QR codes at a supermarket or train station.
Now, there's a risk lurking behind these conveniences that most Aussies aren't ready for: cybercrime.
As per the most recent cyber threat report by the Australian Cyber Security Centre, around 87,000 instances of cybercrime were reported in 2023-2024. That's one report every six minutes. But that's only what gets reported. Many don't even realize they've been hacked or scammed until it's too late.
This year saw the Australians losing nearly A$319 million to scams alone. A recent example involved cyber criminals using stolen login credentials to hack several major superfunds in Australia and steal a collective A$500,000 of people's retirement savings.
Much of this escalating problem is due to poor "digital hygiene". Here are five simple ways to boost yours.
What's Digital Hygiene Anyway?
Imagine keeping your mouth clean to avoid cavities. Digital hygiene is much the same: keeping your online life clean, safe, and protected from harm. In layman's terms, it's about nailing the habits when using tech to make it hard for scammers or hackers to catch you out or snatch your private data. Sadly, we probably pay more attention to good hygiene in the bathroom than online.
So, How Can I Protect Myself?
Here are five simple steps anyone can implement:
- Don't Click Before Thinking: Got an unexpected message from your bank asking for verification? Or a text about a missed parcel delivery with a link? Scammers love urgency. Take a breath and think before clicking. Verify if you were expecting the message, and if the sender's email or phone number looks legit. Don't follow the link—go directly to the official website or app.
- Strong Unique Passwords Are Key: Using your pet's name or "123456" isn't secure. If you recycle passwords across different websites, a breach on one site means hackers can try the same password everywhere else. This is called a credential stuffing attack, and it's the method used in the aforementioned cyber attack on retirement funds.
The best move? Start enhancing your online security by using a password manager and updating reused passwords, focusing on the most sensitive accounts such as emails, banking, and cloud storage first.
- Turn on Multi-Factor Authentication: Multi-factor authentication means you need something more than just a password to log in, like a code sent to your phone or an app like Google Authenticator or Microsoft Authenticator. It's a simple step that adds a powerful layer of protection. Even if someone guesses your password, they can't log in without your second factor.
- Update Apps and Devices Regularly: Yes, those software updates can be annoying, but they're important. They fix security holes that hackers can exploit. Make it automatic if possible, and don't ignore update prompts—especially for your operating systems such as Windows, iOS, or Android. However, it's worth noting that older devices often stop receiving updates because manufacturers stop supporting older models or don't develop updates for them due to costs.
Outdated software harbors known vulnerabilities that hackers can target. While using devices longer supports sustainability, it's essential to find a balance. If your device no longer receives regular security updates, it might be safer to responsibly recycle it and invest in a newer, supported device for digital safety.
- Watch What You Share: Sharing too much on social media makes you an easy target. Posts that include information like your birthday, the school you attended, or your pet's name can be used to guess security questions or build convincing fake messages. Think before you post—would a stranger need to know this?
What Should I Do If I've Been Hacked?
To check if your passwords have been exposed in a breach, you can use the free HaveIBeenPwned tool trusted by security experts.
If you've been hacked, follow the tips provided by the Australian Cyber Security Centre.This may include changing all your passwords and passcodes, using software to scan for malware on your computer, and so on.
Need more help? Visit esafety.gov.au for practical guides, especially for parents, teachers, and young people.
Remember, digital hygiene isn't just a personal responsibility—it's a collective one. Think about the emails, group chats, workplaces, and social media platforms that connect us. One careless person can put others at risk, so talk to your family and friends about the risks of scams and how to avoid them.
Just as washing hands became second nature during the COVID-19 pandemic, maintaining a clean online existence should be an everyday practice, not an exception.
Meena Jha, Head Technology and Pedagogy Cluster, CML-NET, CQUniversity Australia
This article has been republished from The Conversation under a Creative Commons license. Check out the original article on The Conversation.
(Author: Meena Jha, Head Technology and Pedagogy Cluster, CML-NET, CQUniversity Australia)\(Disclosure statement: Meena Jha does not receive funding from any company or organization that would benefit from this article, and has no relevant affiliations beyond their academic appointment.)
In the digital age, maintaining good digital hygiene is crucial to protect personal information, especially in areas such as finance. By proactively implementing measures like strong, unique passwords and multi-factor authentication, individuals can guard against cybercrime that prey on poor digital hygiene, as seen in the recent cyber attacks targeting Australian superfunds and resulting in significant financial losses. Regularly updating technology and adopting a password manager are practical steps towards strengthening digital security.
