Tips for protecting personal information
Schools can provide the following tips to parents, children and young people in need of guidance on this issue. Alternatively, age appropriate information and resources are available from the Parents, Young kids, Kids and Teens sections of the website.
Only disclose financial information on secure websites
Credit card details, bank account details, tax file numbers, passwords or other personal information should never be sent electronically unless on a secure website. This may be indicated by a web address beginning with https:// and a ‘locked’ padlock symbol in the bottom of the screen, which indicates that data is being encrypted. If in doubt about the legitimacy of a website, call the organisation it claims to represent to check the legitimacy. When calling, do not use phone numbers provided on the suspect website or in suspect emails. Use a known phone number or one obtained from a trusted source such as the White or Yellow Pages or a government website. The SCAMwatch website provides further advice on how to identify and report potential scams.
Providing information to your banking institution
Banking institutions will never email individuals asking for their user name or password. If you receive an email by an organisation claiming to represent a banking institution report the email to the bank and SCAMwatch. Do not respond and do not click on any links provided.
Read user agreements and privacy policies
If a site asks for personal information and asks the user to click on an 'I agree' button, users should not automatically agree. Encourage students to read user agreements or privacy policies to determine how their personal information may be used in the future. Many organisations use information for their own marketing and some sell it to other marketing firms. If information is posted on websites that do sell information to marketers, individuals may receive promotional spam emails which can be difficult to stop.
Reduce spam by protecting your details
Spam can be reduced by:
- protecting email addresses and mobile phone numbers by limiting disclosure online
- installing and using spam filtering software and asking internet service providers about ways to prevent spam
- checking the terms and conditions when purchasing products, entering competitions or signing up for services or email newsletters
- not agreeing to allowing contact details being used for marketing purposes
- boosting online security to ensure that spammers can't send spam via the user’s computer.
Some spam messages are sent by professional spammers, while others are sent by legitimate businesses that do not comply with Australia's spam laws. People who think they have been spammed, either via email or SMS, should not open or respond to suspicious messages. They may also choose to report the spam to the ACMA.
If a message seems genuine and is from a known source but the recipient wants to stop further messages they may choose to contact the business responsible and ask that they stop emailing. They may also choose to unsubscribe using an ‘unsubscribe’ link in the email, send ‘Stop’ if it is an SMS, or make a complaint.
More information about spam and how to make a complaint is provided on the ACMA website.
Set up a new personal email account that can be used for competition entry
Where the security of a website is unknown, an option is to create and use a new email address for use on these sites. Use a separate address to communicate with friends, family and for work or study. Alternate email addresses can be generated easily using free email accounts, which are available online. These email accounts can also then be deleted easily and with little impact on other communication if they become the victim of spam attacks.
Use caution in the use of names when setting up personal email accounts
Setting up an email account name is a good example of where students should be particularly careful about the information that they share. For example,
Jack Smith — this name is personal information. In setting up an email address, Jack@hotmail.com is fairly secure as it does not reveal personal information. However, JackSmith13@hotmail.com does reveal personal information, ie, his name and potentially his age.
Understand that information shared online can be permanent
Information posted and shared in social networking sites may be permanently recorded and young people may not have control over who sees it. This can include teachers, parents, prospective employers and tertiary institutions.
When joining online communities, students are best advised to read and understand the privacy policies and settings offered to prevent access to personal information, including images, by people they don’t know.
Select passwords carefully
Use long and random passwords for any application that provides access to personal identity information, including logging onto a computer. Don't use dictionary words, pet names, birthdates, family or friends’ names, favourite actors or singers’ names as a password. Ideally, the password should be eight or more characters in length and combine letters and numbers and upper and lower case letters. Change passwords regularly. User names and passwords must never be shared, even with peers.
As with PINs for bank cards, passwords should not be accessible in any format to any person other than the user. They should not be stored on the computer or written down.