Country Women’s Association (CWA)

You may prefer to use a phrase over a traditional random password as they’re easier to remember. Just make sure they’re not clichés as they may be easy to guess. Once you’ve chosen your secure password/s, storage options include:
 

• A physical notebook
• A password manager app, or
• A password manager that comes with your smart phone. 
   

When you update your password/s they will offer to set, store, and recall passwords making the process set and forget. You can use the suggested password or choose your own. 

Read more about super secure passwords you don’t need to remember.

Not necessarily. To protect your personal information, you should ensure your phone has a lock screen password or PIN activated. When locked, this means only those with the PIN or lock screen password can access passwords saved in an app or your phone.
 

Other ways to reduce unauthorised access to your phone is by making sure:

• Your phone is updated. Phone manufacturers are constantly upgrading the security of their devices and they send this to your phone via an update. This should be set to update by default - you can check by going to the Settings menu on your phone. When running a software update, it’s recommended to connect to a secure Wi-Fi network to save on data usage and plugged into a charger to make sure you have enough battery to complete the update.
  
  Read more about how to keep yourself safe: your questions on cyber security answered or find out more about how to update your device and software.
  
  
• You have multi-factor authentication turned on (may also be called two-step verification). You’ll need to type in your PIN or use a fingerprint if you’ve enabled two-step verification before you can view your passwords. This may be a small inconvenience for you but it will stop people who have your phone or laptop accessing your passwords.

• If you’re not sure, if it doesn’t feel right or is an unexpected call, hang up (make an excuse if you need to). 
• Never share a code that was sent to your phone or email with anyone who contacts you and asks for it. This is a common method of taking over accounts. Some companies such as Telstra, may use two-step verification or multi-factor authentication to validate your identity if you’ve initiated the call but will not call you to ask for it.
• If you’re concerned that the call may have been legitimate, look up the company’s contact number on their official website and contact the company to verify what the call was about. Don’t call the number they gave you over the phone.

Important: Scammers try to apply pressure to get you to act fast so hanging up buys you time – you can always call the organisation when you’re ready.
 

Some other helpful tips:

• Create a 'safe site’ list – a simple list that includes all your providers (banks, telcos, utilities) and their website addresses, contact numbers, and your account numbers.
• Don’t be too quick to provide your personal information or account details. Scammers can use the information you provide to make themselves appear more legitimate.

Telephone scams

Businesses can change the appearance of their phone numbers to help customers better recognise who they are. Scammers can abuse this feature to make their calls appear to come from legitimate businesses or other mobile numbers.

If you return the call, be extra mindful of the potential of scams. 

Keep aware of the current active scams.
 

Mobile/SMS scams

Never reply to scam SMS. Doing so may encourage scammers or you may be contacting an innocent person whose number has been used in the scam without their knowledge.

Websites that attempt to identify numbers can assist you to understand who a caller is, but they’re not very accurate.

You may be able to activate silence unknown callers on iPhone and similar features on Android phones like Samsung and Pixel to allow unknown calls to come through without a ringtone.  The benefit of this is you can still see the call took place and whether they left a message or not.   This option allows you to check if you should call back.

It depends on the type of scam.  Consider these steps for:
 

• Stolen password - If you think a criminal has your password, change it immediately to a new, unique, and secure password. For Telstra services, you can change your password in My Telstra. You should also consider using a reputable password manager to help keep your online passwords safe and secure.
• Financial account at risk - If you’re worried about the security of your credit/debit cards or bank account, contact your financial institution immediately and the police.
• Identity theft - If you’ve shared personal information like your driver license, Medicare card, passport or other forms of ID, contact IDCare for help.
   

Find out how to identify, avoid and recover from a phishing attack.