There’s no doubt the internet has made life easier in so many ways. But it’s also opened us up to online scams and cyber crime – the consequences of which can be devastating.
More and more Australians are falling victim to this type of crime – we made 239,225 reports of online scams to the Australian Competition and Consumer Commission’s Scamwatch service in 2022, and reported losses over $568 million.
The bulk of these scams were the consequence of phishing campaigns – that’s the sending of emails or other digital messages that trick recipients into revealing personal credentials, releasing funds or downloading malware.
So, how can you safeguard your online credentials and funds amid this rising risk? Here are some tips to help you stay ahead of the hackers and scammers this year.
Be aware of the warning signs
Tell-tale signs you’ve been targeted include your computer or device suddenly running slow, frequent random pop-ups, unexpected software installations or a mouse cursor that appears to have acquired a life of its own. Sometimes, friends may alert you to a problem by asking you about unusual messages or social media invitations you appear to have sent them.
Other signs include email, social media and other online passwords that stop working and bank accounts that are missing money. These can indicate your log-in credentials have been compromised, while a message that your files have been encrypted points to a ransomware attack in which cyber criminals hold your data ‘hostage’ until they receive payment of some kind.
Here, hacker tracker sites such as “Have I Been Pwned” can help you find out whether your email address or phone number may have been exposed in a data breach.
Enable automatic software updates
Hackers are on a constant quest to access devices and data. Taking advantage of software vulnerabilities is very often the easiest way in. According to the Australian Cyber Security Centre, the majority of significant cyber-incidents in 2021-22 occurred as a result of inadequate ‘patching’. Patching is the installation of software updates that address performance issues or enhance security within a software program.
Wherever possible, setting all your software to update automatically makes it easier to ensure your devices are running the latest, most secure software versions.
Switch on multi-factor authentication
Multi-factor authentication refers to a security measure that requires you to provide more than one proof of ID before you’re able to access an online account. Service providers offer this form of enhanced protection, usually in the form of an authenticator app, or an email or SMS verification service via a One Time Pin (OTP). For example, your online security can be improved by authorising your transactions on Citi Online with the Citi Mobile® Token, providing a secure two-factor authentication. All you need to do is download the Citi Mobile® App and enable Citi Mobile Token within the app.
It is important to note that cyber-criminals also impersonate bank staff, so never disclose your OTP or any codes to anyone, not even us.
Switch these additional safeguards on and you’ll make it more challenging for cyber-criminals to impersonate you and gain access to your funds.
Choose strong passwords
Your passwords are your first, and often only, line of defence from hackers seeking to compromise your email and other online accounts. Using long, strong letter, number and symbol combinations makes them tougher to crack.
Experts advise you avoid easily guessed passwords, such as the names of your children and pets, change passwords regularly and resist the urge to reuse the same password across multiple accounts.
Secure and back up your mobile devices
A similarly high level of protection should be applied to your mobile devices. The average smartphone or laptop contains a treasure trove of valuable personal information, in the form of emails, photos, notes and banking and social media apps. A strong password, PIN or biometric lock will help keep that data out of hackers’ hands, in the event your devices are misplaced or stolen.
Back up the contents of your devices regularly and you’ll also find it easier to recover important data.
Set up a PayID
Pay ID is a quick, easy and secure payment method that will help you protect yourself from scams. It can be an easy to remember identifier, such as your telephone number or email address which is securely linked to your transaction account. Once linked, you can share your Pay ID instead of your BSB and account number to receive fast payments.
Your bank account details should only be shared with trusted individuals and organisations. If you want to receive bank transfers from people not known to you, a good option is to establish a PayID.
A PayID links an identifier – your telephone number, email address or ABN – with your bank account and can be shared with third parties instead of your BSB and account number. PayID is free to set up.
It's important however to be aware that PayID scams also exist. This NAB announcement provides some information on how they operate and ways to keep yourself safe. They include not responding to requests to send money before you receive an agreed payment via PayID.
Keep your contact details up to date
Communicating with customers digitally is the preferred option for financial and other service providers these days.
Whether you choose to receive your information via SMS, email or letter, keeping the contact details for your various accounts up to date will ensure you don’t miss important messages. And having those messages go to the right person and place reduces the opportunity for criminals to intercept them for fraudulent purposes.
Keeping your contact details current can help financial institutions to contact you quickly if they suspect fraudulent activity on your accounts. And accurate contact details are usually required to allow organisations to verify your identity after you contact them by phone for help or advice.
To update your contact details with us, or elect your preferred communication channel, sign on to Citi Online and go to ‘Services’, ‘My Profile’, ‘View/Update Details’. Alternatively, sign on via the Citi Mobile® App on your smartphone and go to ‘Profile Information’.
Hackers and cyber-scammers are constantly trying out new methods and approaches to catch you off guard and trick you into revealing personal data that will allow them to compromise your identity and online accounts.
We will never send emails asking you to verify personal and/or account information. It is important you disregard and report emails which:
- Request customer information - including your ATM PIN or account details. Never reply to emails that request such information.
- Advise you to contact a phone number to verify your card or account details. Always call our Customer Service Centre on 13 24 84 (+61 2 8225 0615 if calling from overseas).
- Instruct you to login or apply for a product via a link in an email.
Find out more here, on how we protect you, how you can protect yourself, as well as some useful information on the latest scams.
Educating yourself about the risks and remaining vigilant will reduce your risk of becoming a statistic this year.