Search Results

Share Article:

Facebook Twitter Linkedin Mail

Tag: cyber-safety

Getting scammed: our advice for Scams Awareness Week

Cyber Security Consumer

Posted on August 12, 2019

2 min read

Did you know that in the five months to 31 May 2019 Australians submitted more than 75,000 reports to Scamwatch, with a total financial loss of $46.3m? Did you know that at Telstra, we detect and block millions of spam and scam emails to our customers every day, and issue takedown notices to hundreds of fake websites each year that are designed to trick our customers into providing payments and collect personal information?

Sadly, these stats show we need to be more vigilant than ever when it comes to scams and protecting ourselves against financial loss or identity theft.

Scammers are persistent and regretably part of our everyday life. The rapid uptake of new technologies provides a nearly always-on connected world, but the flip side is it also provides new avenues for crime and fraud.

Some of us might think we are above being scammed and that we can spot a scam a mile away, while others may be oblivious to what is real and what is not. It can be difficult to know what to look out for and as Scams Awareness Week is upon us so let me see if I can help with some tips – and remember, it always pays to be a little suspicious.

Real vs. fake – the unsolicited phone call

Luckily there are a few easy ways to tell whether the person on the other end of the line is who they say they are.

Firstly, Telstra will never call you and threaten to cancel your service or take court action if you don’t immediately make a payment or hand over your information.

We will never make an unsolicited call asking for remote access into your computer or demand your sensitive personal or financial information.

Telstra staff should only ever treat you with respect and courtesy.

If you get an unexpected call from someone who says they are a Telstra representative, try to verify the person is who they say they are – or call us back on the number listed on our official website; never use the contact details the caller provided you.

If something doesn’t feel right, trust your gut – take the time to stop and think about it, and if you feel uncomfortable, just hang up.

Tags: cyber safety,

Keeping your smartphone as safe as houses


Posted on June 17, 2019

2 min read

Our lives can now be found in our pockets: email, both work and personal. Favourite shops and restaurants. Banking. Our social lives. Our smartphones are a gateway to the world, but are also a detailed record of our lives – past, present and future. Like our home, everything that we are can be found in it.

We are told all of the time that online is the new frontier of crime: Identity theft. Scams. Hacking. Stalking. The message is clear: BE AFRAID! BE VERY AFRAID! Couple this with the constant juggle of modern life and an overload of information and paralysis can set in.

Research conducted for the Australian Digital Inclusion Index in 2018 shows that almost two-thirds of Australians feel that technology is changing so fast that it’s difficult to keep up with it.

Although it is important to know the risks out there, it is more important to put fear aside and take control – think of your smartphone like a house. 

Like keeping your house secure, keeping your smartphone secure is simple:

  1. Adjust your privacy and security settings, as they help you control the information that apps can access from your phone.  This is like shutting the blinds to stop people seeing in from the street.
  2. Set your apps to automatically update on Wi-Fi, as these updates often provide fixes for known security faults.
  3. Use 2-step authentication where available on apps and accounts for that extra level of protection. This is like having a lock and an alarm for your home.
  4. All our online apps and accounts have passwords – but we all forget these and have to reset them from time to time. Make sure that the password that protects the email address where your recovery passwords are sent is unique, long and strong. This is just like keeping your house key somewhere safe.
  5. You could even use a password manager so that you don’t need to remember all those different passwords.

Remember, YOU control your smartphone. With so much information on there, keep it safe as houses.

Blocking websites hosting footage of the Christchurch terrorist attack

Telstra News

Posted on March 19, 2019

1 min read

We have moved to temporarily block a number of websites that continue to host footage of Friday’s terrorist attack in Christchurch. We understand this may cause inconvenience for some legitimate users of these sites but these are extraordinary circumstances and they required an extraordinary response.

We appreciate that it is necessary to ensure free speech is carefully balanced against protecting the community – but with these sites continuing to host disturbing content we feel it is the right thing to do to block them.

These are shocking events and the idea that this footage could in some way be used to incite or support hate is a sickening thought. We will continue to do whatever we can to assist and to support a diverse and inclusive community.

For kids, spotting scams in Fortnite is child’s play


Posted on October 18, 2018

4 min read

Staying safe online is hard. The average person has little understanding of the many ways they can be targeted, or of the controls they can use to make themselves harder to hack.

But I was pleasantly surprised last month to find the younger generations a little savvier. Dozens of year five and six kids threw up their hands to recount stories of how scammers had tried to con them during a presentation I gave to a primary school in Melbourne’s south.

Most of those stories are related to Fortnite – a video game that seemingly counts every other kid in Australia among its 125 million players – and that was the context in which I spoke of cyber security. These digital natives are growing up in a world where amorphous digital thieves plying for their personal information and passwords is normal.

Click to download our kid-friendly Fortnite security tip sheet

Flashing banner ads, pop-ups, and scammy direct messages and posts that confound some of us seem boring and obvious to them.

Take Dylan – this switched on fifth-grader was targeted by scammers while playing Fortnite.

The bad guys spoke to him over in-game voice chat in a bid to convince him to disclose his game account details, promising to deposit a free stash of the in-game Fortnite currency known as V-Bucks.

I asked him what he did next. “I ignored them, played a few rounds, beat them, then left.”

Dylan was just one of the many kids who appeared cool and unflustered in the presence of such attacks.

Children are by no means immune to compromise; I’ll bet my last dollar that a targeted attack would net all of them (except perhaps for remarkable six-grader Annabelle, who spotted and called bluff on a tailored social engineering effort).

This means they, like us, must take the time to learn how to use the cyber security defences at their disposal to help protect themselves.

These defences can make the user experience a little more clunky, but they are immensely powerful and will send all but the most dedicated hackers looking elsewhere for victims.

A great defence to start with is switching on two-factor authentication for any of your accounts that offer it. I also recommend using a reputable password manager such as LastPass or 1Password.

The best defence is inside your head

Online defences are easier to use than ever thanks to concerted efforts by the cyber security industry over the last decade. But they are still more stick-and-clutch than driverless car.

Ultimately, you are your best defence.

As the driver, you need to look out for threats on the road. This requires a mindset that is likely much more skeptical than what you employ in the physical world.

This mindset requires distrusting the unexpected, regardless of its source. Consider phishing messages – these can bear few hallmarks of a scam, and almost perfectly replicate trusted brands and organisations.

They can be fluent and free of typos and appear to come from organisations you know, use, and trust. They may even start as a benign conversation (such as romance scams) in a bid to build rapport with victims.

Your best defence here is to adopt the skeptical mindset and worry less about the classic hallmarks of a scam.

This means ensuring messages with links, attachments, bank accounts, and phone numbers are expected before using them, and verifying those that are not using official websites or trusted search engines such a Google or Bing.

This advice seems unwieldy because it is. There is no glossing over this fact. But it is the best way to defend yourself against continually evolving online threats.

And with it you will build experience and cyber security savvy – something our kids seem to already have in spades.

Tags: cyber safety,

‘You got me’: Woman busts romance scammer after six month stint

Cyber Security Consumer

Posted on May 25, 2018

6 min read

It took six months for Kathryn to fall in love with Michael, but only minutes to reveal him as a romance scammer.

Accusing Michael of being a scammer was an unusual act of assertiveness for the reserved 55-year-old healthcare worker from the NSW Central Coast.

It was an unlikely act too; Kathryn (not her real name) had every reason to believe Michael was the caring, genteel man he presented as. They spoke regularly over the phone and, from his would-be London apartment, Michael arranged gifts of flowers, chocolates, and movie tickets.

Kathryn, divorced from a decades-long marriage and facing an intimidating and foreign dating scene, thought she had found in him a diamond in the rough. He was worth the long-distance relationship.

Through friends, she tells us how her relationship with Michael, which began on a dating site in late 2016, before quickly switching to email and social media, became possessive in its latter weeks. Facebook messages appeared more regularly in a tone that, with the benefit of hindsight, seemed more demanding: “what are you doing online”, “who have you been speaking to” they asked.

Michael was set to travel to Australia mid last year. They were both excited. Days before he was set to fly, he sent an exasperated message claiming he bought the wrong non-refundable plane ticket and that his passport was cancelled for elaborate reasons. He needed $7,450 to cover fares and fines.

Kathryn’s online sleuthing about his predicament gave her pause to reflect on his frantic request for money, and his escalated messages.

He called again, and she answered. “I think you’re a scammer,” she told him. A beat, then, a laugh. “Yeah, you got me,” he said. “But you know what? I’ve got 12 of you on the go.”

High-pressure sales

It’s impossible to know how Michael operated. He may have been a lone wolf. Or he may have worked in a call centre alongside other scammers.

“I’m convinced [romance scamming] is their day job,” says Sean Lyons, director of technology and partnerships at Netsafe, an online safety non-profit based in Auckland, New Zealand.

Lyons has not seen evidence of romance scammers operating in coordinated international networks, but says he sees indications – business hour operations and consistent messaging structures for example – that some scammers work in call-centre style environments.

“There may be much larger operations where you have [scammers] working in shifts and handing off to each other,” he says. “They may have CRM (customer relationship management) systems and work an account (a victim) in the same way that staff in high-pressure sales do.”

In such an environment, text messages to victims could be written by any scammer while voice calls would be made by a consistent perpetrator.

There is further evidence of romance scammers coordinating their operations. FBI Special Agent, Christine Beining, said in February last year that romance scammers typically work together sharing intelligence on vulnerable victims.

“From what we can tell, these are usually criminal organisations that work together,” Beining says.

“And once a victim becomes a victim, in that they send money, they will oftentimes be placed on what’s called a ‘sucker list’ [where] their names and identities are shared with other criminals [for] future recruitment.”

Lyons agrees that romance scammers are likely to organise. At present, evidence from Netsafe’s now shelved Re:scam artificial intelligence-like chat bot – which sent more than a million email replies to scammers in a bid to waste their time and energy – indicates a scattergun mass-email approach to targeting victims.

Reach out

Victims of romance scams are not stupid or gullible. They can be anyone.

Romance scams are deliberately ‘hyper-personal’, meaning they are of an overly intense nature that is designed to capture and isolate victims.

University of Warwick professor, Monica Whitty, in a paper published in February this year revealed victims are typically “middle-aged, well-educated women” who “tend to be more impulsive, less kind, more trustworthy, and have an addictive disposition”. Whitty’s work is designed to assist in the development of scam preventive and awareness programs.

Defence against romance scammers is tough for those involved in online dating. The Federal Government’s Scamwatch site has good advice which centres on not sending money to partners and provides clues to help spot fake social media profiles.

More broadly, experts agree that those in online relationships should keep trusted friends abreast of significant events including any plans to travel or requests for monetary loans.

“Talk to someone not connected to the romance before a major event,” Lyons says.

“A dog dying in surgery, a passport not coming through, or bribes to corrupt regimes; talk to someone who isn’t in love with the person before you put pen to paper on that Western Union slip.”

As a last resort, Lyons says, those intent on wiring money to their love interest should stick to official and local credit card networks which can offer traceability that Western Union and other non-conventional payment providers cannot.

Academics have examined other hallmarks of romance scammers. They reveal psychological manipulation as a universal tool in romance scams which includes techniques akin to domestic violence.

Queensland University of Technology academics, Cassandra Cross, Molly Dragiewicz, and Kelly Richards, describe the four signs of this manipulation including isolation, monopolisation, degradation, and withdrawal.

If this story has raised any issues for you and you’d like to speak to someone, call Lifeline on 13 11 14 or Beyond Blue on 1300 224 636.