What you can do
Here are some things you can do to help yourself and your online security...
If you have any Questions?
For any questions or enquiries please contact the IT Support team.
The internet is part of everyday life, at home, work and school. It's important to be safe when online and to secure your computers and servers properly, otherwise you may be putting your home finances or business at risk. If malicious software infects your computer equipment it can corrupt your files and can allow others to access your confidential business information. You can help reduce the risks by having up-to-date security software installed and activated, securing your internet connections and services and understanding and managing the emails and files you receive or download. Backing-up your data can also help you recover your information if a virus destroys your files, or if your computer is stolen or damaged. Find out how to safely: Protect your email Back-up your data Comparison of back-up options Frequency and types of back-ups Secure your internet connection Information provided by Department of Communications - Stay Smart Online Some of us love sharing our personal news and views about what’s going on in our lives. Have you stopped to think who outside your trusted circle of friends and relatives may be viewing what you post? Did you know that spam bots, vindictive “friends” and even criminals could take an interest, too? When you’re talking and sharing thoughts and information online; remember that once a message, photo or video is shared, there’s no control over where it goes. Good privacy settings help control who you “friend”. Not sharing the password, setting your profile to private and not accepting friend requests from random people are a great start. Check out how to do a privacy check on Facebook, Instagram, Snapchat etc. they all have help available on their sites to do that. Online forums, messaging, and social media sites are great for socialising with friends and family, sharing photos and videos, and expressing yourself and being creative. Unfortunately there are people who use social media to: To get the most out of social media you sometimes need to provide personal information. However, it's important to be careful about what information you put online and who you allow to see it. Remember: social media sites allow you to control the types of information you share online and how you interact with others. Here are some steps to help protect you when using social network sites. Read the website's privacy policy before you sign up. Legitimate social networking sites will have a privacy statement that tells you how they collect and use your information and when and how they might disclose this information either through the website or to third parties. Some online games' privacy policies specifically state that they can use your and your friends' information in whatever way they like if linked to your social media accounts. Once information is online, it is difficult to remove it completely. Even if you remove information from your profile, saved or cached versions may still exist on other computers. Be careful about what you say about others online. Posting something rude, offensive or derogatory about another person or business in a public forum can have consequences. Once you post a comment it can be difficult to remove all record of it. Comments you make may be used as legal evidence. Many companies check to see if job applicants have online profiles. Be aware that the photos and information you share with your friends may not be what you want a prospective employer to see. Remember people are not always who they say they are online. Emails pretending to be friend requests from social networking sites try to direct people to fake versions of these websites. These fake websites may contain malicious software that could steal your personal information and infect your computer. Your profile in social networking sites often include information that could be used to steal your identity (for example open a bank account or credit card in your name), such as your date of birth, your phone number and your work and study history. Never use the same password that you use for your email account. This reduces the chances of a hacker logging in to your account. Have a different password for each social networking site so that if one password is stolen, not all of your accounts will be at risk. Find out more: Information provided by Department of Communications - Stay Smart Online Mobile devices like smartphones and tablets are basically small portable computers. Just like your computer at home they can be hacked, infected with a virus and, if unsecured, provide access to your personal information. Keep your mobile device with you at all times. Remember if your mobile device is unsecured and it is lost or stolen: Remember your smartphone or tablet is a mini-computer and you need to protect and secure it just as you would you home or laptop computer. Treat your smartphone like your wallet; keep it safe and with you at all times. Many apps have the ability to collect and transmit data from your device about your personal information, location, contacts and messages. You can control the personal information accessed by an app by choosing permissions when you install it. Be careful of downloading hoax or malicious software that could contain a virus or malware. Always source your apps from reputable providers and check the feedback other users leave. If you are unsure why an app needs access to your contacts, calls, photos or location, see if there is a different app available that has the same functionality that you need. Viruses, spyware, trojans and worms are all types of malware. Malware is software designed to be installed into a computer system to cause harm to the user or others. Malware can track your movements in the real world and steal information (including passwords) for the purposes of identity theft or crime. Your device may have been infected with malicious software if any of the following things have happened: Contact your service provider for instructions on how to identify and remove malicious software. Public wi-fi 'hotspots' in places like cafés, airports, hotels and libraries are convenient but, unlike your home computer, use of public hotspots involves security compromises. It's easy for other users to intercept your data, so be careful about what information you send or receive while connected. Try and limit activity when connected to a public wi-fi network to web browsing and avoid banking or any other activities that involve user password access. Avoid using hotspots that are run by people you do not know or trust. Criminals can set up hotspots known as 'evil twins' and 'rogue hotspots' to steal users' information. Always try and use encrypted (password protected) networks. Choose networks with WPA2 and WPA encryption if they are available as they are more secure than other types of security encryption. When you connect to a wi-fi network many devices will prompt you to select or identify the network type ('home', 'work' or 'public'). Always select 'public' when you connect to a public wi-fi network as this will lock down the connection more securely. Use a virtual private network (VPN) if possible as they encrypt connections at the sending and receiving ends and keep out traffic that is not properly encrypted. If you can't connect securely using a VPN, avoid: If making sensitive transactions, only use secure websites and look for: Highest risk activities: Find out more: Information from Department of Communications - Stay Smart Online Phishing is an attempt to use a fake lure or bait to catch your username, password, credit card or banking details. If you receive an email or an instant message from a bank, PayPal, eBay, WhatsApp, UNE, a government department or someone you don’t know, asking you to login to a website or reply with personal details, be very careful. Most of these services will never ask you to confirm your information by email. If you are unsure, the best approach is to delete the message, go directly to the official website of the organisation and login from there rather than clicking any links in suspicious messages. Spear Phishing is a more advanced, targeted attack. Spear Phishing emails might appear to be from a friend, colleague or a business you know. They might use your name or reference something you’ve recently done or a recent online purchase you’ve made. Spear Phishing attacks are personalised and well researched. They may use details you put online on Facebook, Twitter, Instagram or other social media sources to make it look like they know you and make you more likely to fall for their bait. Recent spear phishing attacks at UNE have attempted to subvert normal business processes and trick the recipient into entering fraudulent transactions. Messages may appear to come from your supervisor, your lecturer or UNE administration, requesting that you perform some action. Sometimes, these requests can appear to be fairly harmless, but are in fact just one part of a much more complex and clever plan which includes multiple parts, often involving a number of victims. How to spot a phishing message: Useful links: To retrieve messages headers from suspicious emails, follow the steps below: Exchange: Double click on the message to open it Click on File at top left of window Click on the Info icon Select Properties A new window will open – at the bottom of that window, you’ll see “Internet Headers”. Select and copy the header information contained in the adjacent box and paste into a new email and send to Outlook Web Application: Click on the message On the top right hand side you’ll see three dots … Click on the three dots and select View message details A new window will open Select and copy the header information and paste into a new email and send to it-security@une.edu.au AOL, Yahoo!, Gmail and more... What’s with all these annoying software updates? They have a tendency to appear at the most inconvenient times, asking you to reboot just when you’ve got important things to do, but putting it off could be risky. Computer programs, applications and operating systems are all written by people, and people make mistakes. Security holes & vulnerabilities, coding mistakes, software & hardware incompatibilities and other errors are frequently discovered after a program has been released to the public. In order to fix the program and make it safe for general use, the manufacturer might release a software update or ‘patch’. Manually installing these updates at our leisure is not really good enough these days. We need to act much faster. In the days of Windows XP and Vista, automatic updates got a bad rap as they might reboot your machine at odd times of day and potentially cause system instability or application crashes. These days things generally seem to behave much better. There are three main reasons to stay on top of your software updates: We highly recommend enabling automatic updates for your operating system. If you have a work PC connected to the UNE domain, this should happen automatically. For your home machine or personal PC, here’s how: OSX: System Preferences -> App Store -> Automatically check for updates Windows 7: Control Panel -> System and Security -> Turn automatic updating on or off Windows 8+: Settings -> Change PC settings -> Update and recovery -> Choose how updates get installed Don’t be scared of updates… be scared of unpatched PCs… Keeping your online accounts secure and your privacy settings up to date might not be high on your list of priorities, but it really should be. Most of our online accounts like email, gaming and social media are really important to us and they can hold sensitive information like date of birth, passport copies, photos, bills and rental agreements. Your password is the key to your online world! You might think that you can trust someone else with your passwords, but how well do you really know that person? Can you really be sure they won’t give your passwords to someone else because they trust that other person? What happens if you have a falling out with someone you’ve given your passwords to – could they decide to be vindictive and access your accounts? For incidents while on campus relating to UNE IT accounts and systems or dodgy emails and IT account compromises, contact the IT Support team. For e-safety incidents like cyber bullying, online hate; or loss of devices like laptops or phones contact the UNE Campus Safety Centre, call 02 6773 2099. For incidents while off campus or not relating to any UNE IT accounts and systems, contact the Armidale Police station at 96-98 Faulkner Street, Armidale or call 02 6771 0699 Public Wi-Fi is not SECURE Watch where you SURF BE UNIQUE. Passwords are easier to hack than you think! Beware what you SHARE Always CHECK before you CLICK Attackers will take your human nature and turn it AGAINST YOU Don’t leave your devices unattended and always lock your screenUsing social media safely
Check the site's privacy policy
Be careful how much personal information you share online
Be careful when sharing your opinion online
Be wary of strangers
Watch out for phishing emails
Protect yourself from phishing emails
Protect your accounts with strong, unique passwords
Where to get help
Issue Contact
Fraudulent use of your identity
Bullying or harassment
Sexual exploitation or other criminal activity
Information about socialising online
Protect yourself and your mobile device
Secure your mobile device
Secure your information
Using applications (apps) on mobile devices
Be smart about how and where you use your mobile device
Protect against malicious software (malware)
Symptoms of malicious software infections
Using public wireless networks
Connect using the right network type
Avoid sending or receiving valuable information when connected to public wi-fi networks
Wi-Fi Website Recommended activities
Public and unsecured
Unsecured
Low risk activities:
Public and unsecured
Encrypted
Moderate risk activities:
Public and secured with WPA
Encrypted
High risk activities:
Private and secure
Unsecured or Encrypted
Where to get help
Issue Contact
You believe you have been a victim of a virus or malware attack
Your local computer repairer or computer supplier
Your device has been lost or stolen
You are looking for more information on securing your mobile device
Your device manufacturer's website, Whirlpool or other discussion forums
Information on recent threats
Sign up to the free Stay Smart Online Alert Service
You need to make sure you never lose access to those accounts. Here’s how:
UNE provides secure WiFi - always use it when you’re on campus. When you’re off campus, be careful about the WiFi connections you use. Always use a VPN and be aware of who can see your screen in coffee shops, airports and other public places.
What you browse can compromise your device and get data stolen. Regularly update your web browsers and avoid installing unnecessary plugins. Bookmark your important or regularly used websites like email, myLearn, banking etc. Install the free UNE antivirus and regularly update it. Don’t save your passwords for on-line accounts in your browser!
What you share can make you a target. Avoid sharing too much personal information on social media. Your information is valuable to cyber criminals.
Don’t help others to steal your information. Targeted emails from hackers will look legitimate at first glance. Make sure the email is genuine before you click any links.
Don’t be tricked into giving away personal and UNE information over the phone. Don’t answer any questions until you can independently verify who you are talking to.
Unlocked computers will allow someone to access information and files, send email from your account, access your personal information and install malware. Unattended devices can easily be stolen – don’t help thieves. When in a public place, keep your devices with you at all times.#StopAndThinkBeforeYouAct