Articles in this section

See more

Cyber Security FAQs

Q1) Why do I need to worry about Cyber Security?

Cyber Security protects unauthorised access and/or criminal use of your data. Our lives rely heavily on technology and are vulnerable through communication (email, smartphones), shopping (online shopping, credit cards), entertainment (social media, applications), medicine (medical records) and so much more.

Q2) Should I have a different password for every website?

Yes, you certainly should. If you use the same password on every website and it falls into the wrong hands, they will be able to access all other sites as well. This could potentially compromise sensitive data such as your banking information (including credit cards), and any other personal information available online, etc.

Q3) How can I remember all my passwords?

You can use a password manager. There are free options and low-cost ones. You will only have to remember one password to unlock the password manager. It generates strong passwords and stores them for you.

Q4) What is Phishing?

Phishing is a type of attack where attackers try to gain unauthorised access, steal sensitive information (e.g. login details, passwords, credit card details, etc) or money, or distribute malware by impersonating legitimate organisations. The attacks can occur in many ways, i.e. email, text messages, phone calls, social media, etc.

Q5) If I get a Phishing email at work, should I contact my supervisor?

Absolutely! As a first step, click on the “Report Phish” button in your Outlook. Avoid clicking on links or opening attachments. If you have clicked on any of the links in the email, it is advisable to promptly notify your supervisor and report the incident to the IT team immediately.

Q6) I log into my Facebook and post a lot of photos and comments, how do I protect myself?

Please exercise caution before you click on any link or share any sensitive information online. Take the time to review your security settings and assess who can access your content (ideally only friends and family). Do not accept friend requests from people you do not know. Avoid sharing details such as travel plans, location data, your home address, or recent expensive purchases.

Q7) How do I make my phone more secure against cyber-attacks?

Keep your software updated. Use complex passwords and encryption. Avoid using public Wi-Fi. Lock your phone. Be a smart surfer and only log into secure websites that start with “https” which means they use an SSL (secure) certificate.

Q8) Is it okay if I use my personal computer for work when I am at home?

Avoid the use of personal computers unless absolutely necessary. It is advisable to use your Safe Places laptop or computer for work tasks as these are regularly updated and equipped with anti-virus software and protection against malicious websites.

Q9) Where can I get more information about Cyber Security?

Safe Places conducts annual security awareness training sessions through our Security Awareness Training Portal. You may also complete the Cyber Security training module on our LMS.

Q10) What is malware?

Malware is a blanket term for malicious software designed to cause harm to digital devices. Common malware types include ransomware, viruses, spyware and trojans.

Q11) What can malware do?

Malware can steal your bank or credit card numbers, usernames and passwords, and can take control of or spy on your computer.

Q12) What is ransomware?

Ransomware is a type of malware that locks down your computer or files until a ransom is paid. The Australian Cyber Security Centre (ACSC) recommends you do not pay the ransom, as there is no guarantee you will regain access to your information, and it does not prevent future attacks.

Ransomware works by locking up or encrypting your files so that you can no longer use or access them. Sometimes it can even stop your devices from working. Ransoms are typically paid using an online digital currency or cryptocurrency such as Bitcoin, which is very difficult to trace.

Q13) What is my digital footprint?

As soon as you go online, you start creating a trail of information about you. This is known as your digital footprint. Cybercriminals can use this information against you, by using it to create convincing scams that specifically target you or someone you know. With a simple Google search, cybercriminals could find your:

  • Identifying information (date of birth, middle or maiden name, birthplace).
  • Workplace.
  • Relationships.
  • Hobbies and interests.
  • Sporting clubs.
  • Educational background.
  • Answers to account recovery questions.

Such data could also be used to identify personal details that you have included in your passwords, PINs, or in the answers to your account recovery questions. This information could be used by cybercriminals to access your accounts and devices.

Q14) What is a Spyware?

A program designed to covertly gather information about a user’s activity on their device.

Q15) What is a Trojan?

A type of malware that is often disguised as legitimate software, used by cybercriminals to gain access to users’ systems.

Q16) What is a Virus?

A type of malware that spreads on its own by attaching itself to other software or copying itself across devices and networks.

Q17) Why should I activate MFA on all my accounts?

Using MFA (Multi-Factor Authentication) on your accounts makes them much harder for cybercriminals to access. Cybercriminals might manage to steal one authentication type (such as your password), but they still need to obtain and use the other MFA method/s to successfully access your account, requiring extra time, effort, and resources.

Q18) How can I activate MFA on all my accounts?

If you have a lot of accounts to secure, prioritise the following:

  • Accounts that save or use your payment details (e.g. eBay, Amazon, PayPal).
  • All social media accounts (e.g. Facebook, Instagram, X, WhatsApp).
  • Any other accounts that hold personal information (e.g. myGov, Apple ID, iCloud, Uber, etc).

The steps for activating two-factor authentication (2FA), the most common form of MFA, are different depending on the account.

Q19) Why should I secure my accounts with unique and strong passphrases?

A passphrase is a more secure form of password. Passphrases use four or more random words as your password, and are most effective when they are long, unpredictable and unique. If your account does not support MFA use a unique strong passphrase as your password to protect your account.

REMEMBER: NEVER REUSE A PASSPHRASE OR PASSWORD ACROSS MULTIPLE ACCOUNTS.

Q20) How can I check if my account details have been leaked online?

To check if any of your account usernames and passwords have been leaked online by cybercriminals, take the following steps:

  1. Visit the Have I Been Pwned website to see if account details tied to your email address/es have been leaked online in a data breach for anyone to see.
  2. If this search returns any results, immediately change your password or passphrase for those accounts and enable MFA, if possible.
  3. Make sure you haven’t used the breached password or passphrase on any other accounts, if you have, change these too and enable MFA, if possible.

Ensuring your accounts have unique passphrases is vital, as reusing a passphrase allows cybercriminals to easily take control of all your accounts that use the same passphrase if it is leaked online.

Q21) How can I improve my Wi-Fi security on mobile devices?

Your internet connection is a way for you to interact with the outside world, but it also provides a channel into your device. If your Wi-Fi connection isn’t secure someone may use it to steal your personal or financial information for malicious purposes.

  • Disable Bluetooth and Wi-Fi when not in use, especially if you’re in a public place.
  • Use cellular data when not connected to your secure home network.

Q22) How can I protect myself when using public Wi-Fi?

Public Wi-Fi ‘hotspots’ like cafes, airports, hotels, and libraries are convenient, but they can be risky. It’s easy for information sent using public Wi-Fi to be intercepted, so you need to be careful about what information you send or receive while connected.

WHEN USING PUBLIC WI-FI, FOLLOW THESE SUGGESTIONS TO STAY SECURE:

  • Avoid sending or receiving sensitive information while connected to public Wi-Fi networks.
  • When online banking or shopping, sending confidential emails, or entering passphrases/passwords or credit card details into websites, switch to your cellular data connection or wait until you’re on a secure home or office connection.
  • Always try to confirm the ‘official’ hotspot name from venue staff and manually connect your device to it.
  • Prevent your device from automatically connecting to public Wi-Fi networks by disabling this option in your device’s Wi-Fi settings.
  • Remember to disconnect from the Wi-Fi network and clear it from your device after you have finished using it.
  • Never leave your device unattended.

Q23) Why should I take steps to securely dispose of a device?

Disposing of a device (by discarding, recycling, selling or giving it away) without taking steps to remove your data may give other people easy access to your personal information and data.