91成人版抖音

Top tips for cyber security

Check the security of your devices and ensure you're protected against malicious attacks

Personalise
Students with their laptops in the Paddington Library

Beware of online threats targeting your accounts, devices and data.听These cyber security tips will help you stay safe.

With the threat of cyber security continuously increasing, we have invested in comprehensive defensive measures to prevent online threats from affecting you. Failure to take protective measures could result in the theft of your sensitive information, malware installation in your devices or unauthorised tracking of your online activities. It鈥檚 important to know how you can manage your own cyber risks at uni, at home, and in public spaces.听

Choose your Wi-Fi connection carefully

If you're in a public space, avoid connecting聽to public Wi-Fi networks in cafes, bars, restaurants, etc. Use your mobile phone鈥檚 hotspot聽instead, if you can.

When you're on campus, ensure you're connected to UNSW's secure, private Wi-Fi networks such as Uniwide. Are you in a secluded spot? Explore our various secure networks that you can choose from below.

Quick & easy tips

Take a look at how you can improve your cyber security in several quick steps!

  • You鈥檙e probably used to getting pop-ups on your computer, phone or other devices telling you a system update is available, right? Top tip 鈥 don鈥檛 ignore them!

    Updated versions of your device's operating system (OS) include enhanced security features that older versions don鈥檛 have!聽Keeping your OS up to date is a minimal effort way to protect your devices and information.

    What we recommend
    • Enable automatic updates wherever possible, or at least avoid delaying updates when reminders appear
    • Allow updates to download over mobile data and not just Wi-Fi (if you're on a mobile plan that can accommodate it)
    • Restart your device regularly to auto-install updates.
  • Malware can infect our everyday devices even through simple interactions with software and web-based services.听Security software (e.g. antivirus software) protects devices, servers and networks from unauthorised access, viruses and other threats.听This software can be integrated into an operating system, or installed separately.

    What we recommend
    • Look for security software that offers a multi-layered defence system encompassing features like anti-virus, anti-phishing, anti-malware, safe browsing and firewall capabilities
    • Check your device's built-in security software and ensure they're up to date.
  • Passwords, pins, patterns and other security question responses are important barriers for preventing unauthorised access to your accounts.

    What we recommend
    • Use different passwords for different accounts
    • Don鈥檛 store passwords or answers to security questions in plain text form on your system or anywhere that is accessible to others. Use a password manager聽which will store your passwords in an encrypted format.
    Our protective measures for you

    To help keep your information safe from cyber criminals, we have strengthened the password requirements for your UNSW accounts.听Use the聽聽self-service portal to manage, change or reset your password.听

    To be able to use all portal services, ensure you have a personal email address OR聽mobile number registered in your聽聽Student Profile.

  • Multi-Factor Authentication (MFA) is an electronic verification method that requires two or more steps of authentication to provide access to online accounts, apps and other digital services.听

    For example, some online accounts might require you to enter your password (the first 'factor of authentication'), along with a one-time code that's sent to you at the time of logging in (the second 'factor of authentication'). The one-time code may be sent to you by SMS or to a device such as your mobile phone.

    What we recommend
    • If you receive an email, SMS or notification from your MFA app triggered by a login attempt and you鈥檙e sure it wasn鈥檛 you, don't accept it - reset your password and report the issue
    • Not all forms of MFA聽are created equal. Mobile app-based login prompts with number matching (like the聽)聽are stronger than SMS-based ones.听Where possible, use strong MFA,聽especially for your private email accounts and cloud storage services.听
    Adding an extra layer of defence for your university accounts

    At UNSW, we use the聽聽for all聽聽applications, like your student email, myUNSW and Moodle. This ensures that聽only聽you聽can access your UNSW accounts and any sensitive information contained within them.

  • Email and text messages present a prime opportunity to exploit individuals and organisations. Cyber criminals can use various techniques such as phishing and smishing (SMS-based phishing) to deceive you into clicking malicious links, downloading malware-infected attachments or divulging sensitive information.听These attacks are often disguised as legitimate emails from trusted sources, making it challenging for users to identify the threats.

    Successful mail-based and text-based attacks can lead to data breaches, unauthorised access to systems, financial losses and reputational damage.

    What we recommend
    • Report all potential phishing emails. Your personal email service provider will have a method by which you can do this. Follow the instructions for , if you are using your UNSW account
    • Avoid opening attachments or links from unsolicited emails. Remember that you can check the identity of a sender via secondary methods, such as by phone or in-person. You can also search for the site with a search engine
    • Never open emails that make outlandish claims or offers that seem 鈥渢oo good to be true鈥
    • Enable mobile device security spam filters where possible - learn聽more for聽听补苍诲听.
    • Beware of suspicious messages requesting personal details or containing links.

    Medibank security incident

    In late 2022, a major cyber incident occurred within Medibank Private, affecting international students in Australia with overseas student health cover policies from Medibank Private or its subsidiary, Australian Health Management Group Pty Ltd (ahm).

    Who can I speak to?
    • Visit the聽聽on Kensington campus for face-to-face enquiries between 9:30am - 3pm, Monday to Friday
    • Contact Medibank directly on 13 23 31
    • Continue to check your email for further updates from Medibank.
    What to do if your UNSW account has been affected

    If you think you have clicked on a phishing link or downloaded a malicious attachment sent to your student email address, act fast.听Report the cyber security incident to .听

    When you report potential phishing emails, UNSW Cyber Security will identify other mailboxes the phishing email could have reached and invoke our incident response practices.

    If you receive a communication about your program, enrolment or related matters and you're not sure if it's legitimate, contact聽The Nucleus: Student Hub聽to verify it.

  • Backup and recovery methods ensure that important information stored on your devices and applications is also accessible to you from somewhere else.听If the primary location is disrupted, you can then simply restore the data from your secondary location. Businesses employ this technique to avoid data loss issues.

    What we recommend
    • Regularly back up personal information stored on devices to your preferred collaboration and storage platform
    • Use strong passwords and MFA for your chosen storage platforms
    • Encrypt laptops, PCs and mobile devices so they can't be tampered with if stolen.
    Backing up your university data just got easier

    As a UNSW student, you have access to聽Microsoft Office 365 services, including聽听补苍诲听, to help you encrypt聽and synchronise uni-related information. This ensures that you can safely access your data across your various devices.

Advanced tips

Go through some additional tips on how you can improve the security of your online ecosystem.

  • Your network router serves as the entry point to your home network.听Without adequate security measures and timely updates, network routers become more susceptible to compromise, potentially endangering other devices connected to the network.

    What we recommend
    • Keep your routing devices on your home network up to date with the latest patches to minimise vulnerabilities and enhance security (preferably through automatic updates)
    • Replace routing devices when they reach their end-of-life (EOL) for support so they can continue receiving updates and patches as new vulnerabilities are discovered
    • Consider using your own routing device alongside the modem/router provided by your Internet Service Provider (ISP) to gain greater control over your home network's routing and wireless capabilities
    • Take advantage of modern router features to establish a separate wireless network specifically for guests, thereby segregating it from your more trusted and private devices. Most network routing devices also allow configurations to block certain types of network traffic.
  • Remember that if聽your Wi-Fi connection isn鈥檛 secure, it can be used to steal sensitive information (such as passwords and documents) and to infect your devices with malware.

    What we recommend

    Ensure that your personal or ISP-provided Wireless Access Point (WAP) supports Wi-Fi Protected Access 3 (WPA3). When setting up WPA3 or WPA2/3:

    • Use a robust passphrase to your network device with a minimum length of fourteen characters;
    • Modify the default Service Set Identifier (SSID) to a unique value;
    • Avoid hiding the SSID as this does not provide any additional security to your wireless network and may cause compatibility issues.
  • Most current home networks consist of lots of different devices, including laptops, PCs, mobile phones, tablets, gaming consoles and smart devices. These are often from different manufacturers and come with varying degrees of security posture.听Keeping the devices on separate networks can prevent malicious activity pivoting from device to device.

    What we recommend

    Implement network segmentation within your home network by creating distinct segments for your primary Wi-Fi, guest Wi-Fi, and IoT network. This segregation ensures that less secure devices are prevented from directly interacting with your more secure devices.听

  • Email security protocols add mechanisms to protect your email from threats, maintain privacy and ensure the overall security of communication.

    What we recommend

    For your personal email accounts, use email services that employ secure means of authentication such as strong Multi-Factor Authentication (MFA) and robust encryption protocols such as Transport Layer Security (TLS).

    Communicate through UNSW email accounts with ease of mind

    Email is the most widely used communication tool between students and academic staff. As an enrolled UNSW student, you have access to our secure email system hosted by , which has extensive cyber security controls, including聽anti-phishing and anti-malware protection.

What to do if your account or device is compromised

Affected UNSW devices or accounts

If you believe your account or device has been affected by a malware, report the聽the cyber security incident by calling the UNSW IT Service Centre on 02 9385 1333 or submitting an immediately.

UNSW data breaches

UNSW has published a new聽Data Breach Policy and Procedure聽aimed at identifying, assessing, managing and responding to a breach of data held by UNSW. You can view聽the procedure, or learn more on聽.

Common examples of data breaches can include loss or theft of a device containing UNSW data, unauthorised access of UNSW systems, loss of user login details or any loss of data through a cyber-attack.听As soon as you suspect or confirm that a breach has occurred, report it immediately to UNSW IT Service Centre.

Affected personal devices or accounts

If you suspect that your personal device or account has been compromised by a malware or virus, report the cyber security incident to the聽聽as soon as possible.听If you have been targeted by a scam, report the incident to聽.听

In the event that your identity or personal data have been affected, it is strongly recommended that you look into the following:

  • Contact - National identity and cyber support service for individuals and organisations
  • Report all tax-related security issues to the (ATO)
  • If you need to report a financial misconduct, contact the (ASIC) - National corporate regulator who can help with issues such as superannuation and crypto-asset scams
  • Apply a credit ban with .听While under ban, credit reporting bodies cannot disclose your information, blocking potential fraudulent activity.

See also

Beware of scams

Find out the types of scams that are common in Australia, how to spot them and what to do when handling a scammer.

Set up your IT

Discover available resources for your devices throughout your studies, where to get support and how you can bolster your cyber defence.

opens in a new window

Get support from the Australian Government's leading team focusing on聽improving cyber security and making a secure online space for you.

opens in a new window

Need help?

The UNSW IT Service Centre is here to assist you with issues regarding your devices, accounts, cyber security and network issues. We're here to help.