Make Protecting Your Identity & Personal Information Part of Your Day
The growing numbers and the recent surge in data breaches and scams are on the minds of many individuals at the moment, particularly those who have had their data breached.
Due to these constant threats within the cyber environment, it is important that we create a cyber safety aware culture amongst individuals and small business owners. Cyber security awareness is critical for every person who is actively online to understand and for individuals to learn how to identify a fraudulent request for information.
The current scams are a timely reminder on the importance of knowing where your data is, how do you identify what types of personal information, if shared online, could have serious consequences and how to remain diligent in protecting this information.
Scams target people of all backgrounds, ages and income levels across Australia. There’s no one group of people who are more likely to become a victim of a scam, all of us may be vulnerable to a scam at some time.
Our personal information is any information that can be used to identify us online. Personal information is any information that relates to a specific person. Some of the most obvious examples of personal information include someone’s name, mailing address, email address, phone number, and medical records.
Your personal information is the key to your identity. It includes your:
- Full name
- Date of birth
- Current address
- Bank account numbers
- Credit card details
- Tax file number (TFN)
- myGov and ATO online login details
- Driver’s licence details
- Passport details
Internet technology has made personal data collection more widespread than ever before. Today, personal information is stored in a variety of places. For instance, web applications, social media platforms, ad networks, employers, or healthcare providers all might have data about a given person stored in digital form on servers all over the world. This has important implications for data privacy, as people may have less control over who can see their personal information than they want.
Be aware of what you share! You should treat requests for personal information with caution.
Be Alert to the Fact That Scams Exist
When dealing with uninvited contacts from people or businesses, whether it’s over the phone, by mail, email, in person or on a social networking site, always consider the possibility that the approach may be a scam. Remember, if it looks too good to be true, it probably is.
Scams succeed because they look like the real thing and catch you off guard when you’re not expecting it. Scammers are getting smarter and taking advantage of new technology, new products or services and major events to create believable stories that will convince you to give them your money or personal details.
Source: Protect yourself from scams | Scamwatch
Staying Cyber Safe
The first steps to staying cyber secure are turning on automatic software updates, switching on multi-factor authentication, regularly backing up your devices, using passphrases, securing mobile devices, and watching out for cyber scams.
The Australian Cyber Security Centre (ACSC) have comprehensive resources with lessons and quizzes to guide individuals to a greater understanding of the risks online. See: Cyber.gov.au – Learn
The ACSC also provide a number of resources with information on how individuals can take steps to mitigate the risk from data breaches. You might like to check out the Australian Cyber Security Centre’s Small Business Cyber Security Guide which gives more advice to help smaller organisations build their cyber security resilience and also ACSC’s Personal Security Guides for assistance with induvial cyber protection.
Advice from the ATO
The Institute of Certified Bookkeepers works very closely alongside the ATO and ACSC when it comes to all things Cyber. The ICB strongly encourages it’s members and Bookkeepers in employment within small business, to take the time to check if your cyber security practices needs a spring clean with some simple steps as outlined below from the ATO.
1. Update your devices and applications.
Regular updates are critical to maintaining secure systems. Cyber criminals hack devices by using known weaknesses in systems or apps.
Check your devices for updates and turn on automatic updates to apply future updates straight away when charging and connected to Wi-Fi.
2. Turn on multi-factor authentication.
Multi-factor authentication (MFA) is a security measure that requires at least two proofs of identity to grant access, such as a physical token, random PIN or fingerprint.
Turning on MFA will boost your protection against criminals. While they might steal one proof of identity, such as your password, they will be locked out of your account without the other.
3. Back up your files.
Backing up your data saves copies of your files to an external storage device, or an online server like the cloud. Setting up automatic backups means you can recover your important information if something goes wrong.
It’s so easy to fall into the habit of putting off security updates, or not backing up your devices, but they’re an essential part of protecting your personal information and yourself from cybercrime.
If identity thieves steal your identity, it can take a long time to fix. If you suspect your personal information, such as your TFN, has been stolen, misused or compromised, phone the ATO as soon as possible on 1800 467 033 between 8.00am and 6.00pm Monday to Friday. They will investigate and can place extra protection on your ATO account.
Recent Scams Targeting ATO Users
The ATO have recently observed a number of social media accounts impersonating them. While these occurrences appear to be limited to Facebook and Twitter and LinkedIn. It is important to also be aware that the ATO do not have an online presence via TikTok or WhatsApp.
An example of one of these fraudulent Twitter posts is shown above.
The ATO will never ask you to provide your password details when speaking with them over the phone or via social media, even through private messages. You can read more about protecting your info at ATO – How to protect yourself
The ATO are actively addressing this issue.
If you’ve received a message from the ATO and you’re not sure it’s really them:
- Look for the official ATO logo and organisational name next to the message. Beware of slight variations on the name, like ‘Australia’ rather than ‘Australian’ Taxation Office.
- Check the date the messenger joined or opened their account – if it was 2 weeks ago, it’s not them!
- Check that any email addresses they provide you end with ‘.gov.au’
- Check for typos in the message.
- Check the number of followers they have.
Keep engaging with the ATO if you have tax and super questions!
Take control of your cyber security and reduce the impact of an attack by learning how to protect yourself online.
You can find out about the FWO’s upcoming webinars at www.fairwork.gov.au/webinars.