A father and daughter in their lounge room browsing the internet on a laptop
A father and daughter in their lounge room browsing the internet on a laptop

Our quick guide to staying safe online

Create strong passwords

When creating a safe and secure password, try using a passphrase. This is a series of joined up words that make a sentence, for example, “keepmyaccountsafe”. Sure, it might be a bit longer than your pet’s name, but you’ll find it’s easy to remember. The more characters your passphrase has, the more secure it is - you can add in a few memorable numbers too to make it even safer, and some sites (such as My Southern Cross) require this for added security. Most importantly, never share your passwords with anyone, and don’t use the same password for multiple accounts.

Untitled

Connect to a secure WiFi

The good thing about public WiFi is that it’s readily available everywhere. The downside is that it’s not always the most secure connection, and it can actually pose security risks to personal information you access on your device. If you do need to connect to Internet when away from your home hub, it’s always best to go online via a secured network – this requires you to register with an email address and enter a password to connect.


Keep your antivirus software up to date

Antivirus software is designed to protect your device from malware – software that’s been created to intentionally cause damage to your computer or smart phone. It may not protect you from every threat, but it does prevent viruses from getting into your device by scanning, detecting then removing the malware. Ensure you have the latest version of the antivirus software installed on all your devices and you should be in safe hands.

Keep your privacy settings on

To help reduce the risk of a data breach when you’re online, you should review and manage the privacy settings on your web browser and your mobile device’s operating system regularly. Alternatively, go one better and opt for private browsing when online. You can do this with the likes of “incognito”.


Update your devices

When your device notifies you that there’s a new software update to install, it’s a good idea to do just that as updates often include new security measures. If you choose not to, you’re leaving your device exposed, and cybercriminals love nothing more than an easy opportunity to deliver some form of malware that’ll enable them to steal your personal or financial information. Regular software updates and an appropriate security software go a long way to protecting your device and personal details.

Be careful what you share on social media

When it comes to social networking sites it’s really important you don’t disclose personal information, such as your address, phone number, or date of birth. Allowing easy online access to personal details can leave you open to dangers like identity theft. This occurs when cybercriminals steal information about you, then use it to commit fraud and other crimes.

Back up your data

By backing up your data regularly you’ll be avoiding the dreaded fear of losing really important information. A quick data backup also ensures that you can readily access stored information whenever you need it.


Preventing a phishing scam


What is phishing?

Phishing is the act of acquiring private or sensitive data, generally from personal computers, for use in fraudulent activities. It can come in many forms including a phone call, web search, and the most common, email. Although phishing scams can often look or feel like a genuine communication from a company, there are lots of telling signs that give them away, and we’ll explain more in this section.

Please note: Under no circumstances will Southern Cross contact you by phone requesting secure details of credit cards or passwords. If you ever receive one of these calls, please hang up and contact us straightway.

How does phishing work?

Let’s use email as an example. You receive an email that at first glance appears to be from a legitimate website you frequently use – like a bank, credit card, or an Internet service provider.

A “spoofed” or phishing email will probably inform you that your account is somehow at risk and that you may need to install a security update or reset your password. They’ll normally ask you to click on a link or open an attachment. Doing either of these will probably open a fake website, and any information you enter on this will immediately be delivered to the hacker. Once they have your personal details and login information, they can access your account and carry out fraudulent activities.


How to spot a phishing scam?

When it comes to phishing, there are some clear signs to look out for:

Question what is being asked of you: your bank or Southern Cross will never contact you directly asking you to authorise a transfer of money. They'd also never request your PIN or passwords in full over the phone or via email.

Check the sender’s email address: this is a basic giveaway. Does it look right to you, or is something slightly off? A good example is when the email domain or address is different to the company they’re supposedly representing.

Check for typos: if there are a lot of spelling and punctuation errors, or if the email simply doesn’t make sense in parts, then it’s probably a phishing scam.

Check the link: this is critical. Links may have a display name that differs to the URL address that it points to.

Are you being urged to act fast? most scams are exposed quickly. For this reason, the person will often try and instil a sense of urgency in in their communication. They'll try to rush you by creating a sense of panic, which is one thing you should never do. Take a step back and seek a second opinion if you’re unsure.

What to do if you’re being phished?

If you receive a suspicious email or a text message, do not reply, do not click on any links, and do not download any attachments. Most importantly, never provide any personal information. However, if you have provided personal, sensitive information by mistake, you need to change your password immediately for whatever website the phishing scam related to, e.g. your bank.