Tips From Cyber Security Expert After The Data Of Millions Of Optus Customers Is Hacked

We’ve all heard about the 9.8 million Optus customers who’ve been victim to a massive cyber attack here in Australia and now news has just been released showing some Telstra employees have been hit by a data breach. We all try to be careful but what can we do to make sure we’re not giving away all of our information on the Internet?

Cyber and digital industry expert, Stephen Kho from Avast, has given his opinion about the Optus hack and he’s also given us some tangible tips that Australians – Optus customers or not – should implement in their everyday interactions with their online devices.

Kho said: “The Optus data breach has affected an unprecedented number of Australians and has forced the government and industry bodies to urgently review the existing data privacy laws protecting us. Less than a week following the revelation of the data breach, the government has already indicated a strong push for significantly stiffer financial penalties for such data breaches.”

“Additionally, the need to implement a much quicker process for the sharing of affected user’s data with financial institutions will be key so that the 9.8 million victims of the Optus data breach get ‘enhanced monitoring’ on their bank accounts to spot potential signs of fraud and identity theft,” he added.

“In the meantime, there are things we can all do to lower the risk of being victims of frauds and scams as we brace ourselves for the expected spike in online criminal activities,” Kho said.

So take a look at his tips here:

1. Do not click, download or reply. People whose data has been stolen face an increased risk of phishing attempts via email and also text message, sometimes called ‘SMishing’. Everyone should  be extra cautious of SMS messages they receive after this data leak. If you feel the email/text message looks suspicious, don’t click on any links, download any attachments, or reply. Even if it comes from a person or institution you know. Instead, reach out to the organisation and contact them directly to confirm the legitimacy of the message.

2. Enable Multi-Factor Authentication (MFA). Where possible, enable this as another layer of protection to ensure your various accounts across different platforms are harder to gain access to. Use complicated passwords that include a mix of symbols, numbers and characters to make it easier to remember, (for example B0bLov3sFootb@11), and use a password manager to manage all your passwords.

3. Be conscious and thoughtful about the information you are providing those who request it. Whether it be through email, text or a phone call, be conscious about who you are giving your personal information to. Resist the urge to quickly click through to new or unknown websites from emails, social ads or text messages and always double check the source and the URL to make sure it’s what it says it is.

4. Do not store payment info. As you visit site after site, and as you make purchase after purchase, you will be peppered with requests to start new accounts and save your credit card info. We strongly suggest you deny these requests and instead take up the option to use established payment broker services such as PayPal, Google Pay or Apple Pay… You want to share, save, and store as little personal info as possible on the internet.

5. Be cautious of a deadline. Fear-invoking requests by email, phone or text should be approached with caution as they are almost always phishing attempts to gain more of your personal information or money from you.
6. Update your digital security. Always stay protected against the latest online threats by updating your smartphone, tablet or laptop operating systems

For more from Women Love Tech on hackers, visit here.