Cyber Security


The Cyber Security information and resources collected on this page is intended to provide an introduction to the topic, and help you protect yourself, your friends and family, and the wider University community as a result. We encourage everyone to look through what's here.

If you're looking for additional resources tailored for University staff, come join us in the Security Corner (staff login required).

Focus: Device Security & Bring Your Own Device

Be Smart with your devices: lock your devices; do not leave devices unattended; do not download files from untrusted sources.

(click view full size)

If you’re using your own device to access University services, please make sure you’re practicing good device hygiene, to ensure our data is kept as securely as possible.

Device Hygiene

When accessing University data or digital services, ensure the device(s) used are secure: install system updates as they’re made available by the device’s manufacturer, and have functioning antiviral software. With these, you are much less vulnerable to viruses and we are all more secure.

Lock your device

Setting a pin, password, fingerprint or facial recognition is often the first and easiest steps in preventing unwanted access to your devices.

Manage Wireless Services

You should be turning Bluetooth and WiFi off when they are not in use as they can provide attackers an avenue to access your devices

Set up remote tracking

In the event you lose a device, or it gets stolen, services like Find my iPhone or Find My Device can allow you to lock or wipe your device remotely

Take care around WiFi hotspots

Free public WiFi Hotspots often provide little in terms of security. Therefore, you should not access sensitive data (like mobile banking) when using them. If you’re creating a hotspot with your phone, make it secured with a strong, unique password

If you need to safely connect a device to the ‘Western WiFi’ Network, instructions can be found in KB0014236 (opens in a window).

Focus: Phishing

Be sceptical with emails. Ask yourself: who is sending this; where do links lead; why is it urgent; is it too good to be true?

(click to view full size)

Phishing is a scam to try and steal your identity, your money, or both. Don't get hooked!

Spotting and reporting phishing

Check out our guide to avoid getting caught! (opens in a new window)

Have a look at our short video on recognising phishing emails! (opens in a new window)

Phishing & COVID-19

Scammers have been using the COVID-19 epidemic as bait in phishing scams, not just emails but in text messages and social media. Now, more than ever, maintaining healthy scepticism is vitally important. If you receive a suspicious message, report it to the IT Service Desk.

Here's some updates and advice on COVID-19-themed phishing from official sources:

  • An alert from SCAMWatch (opens in a new window)
  • An alert and some examples of COVID-19 phishing scams from StaySmartOnline (opens in a new window)
  • An interview with the acting head of the Australian Cyber Security Centre (ACSC) from late March, stored on the ACSC's website (opens in a new window)

For more information on these organisations, see External Resources section below.

Passwords

Passwords are the keys to your digital kingdom! It is vitally important they are strong and secure.

  • Make different passwords for different accounts
  • Don't share your password with anyone
  • Consider changing your passwords regularly, at least once annually
  • When you have the option to, switch on Multifactor Authentication
  • If you struggle to remember multiple passwords, consider using password management software.

Looking for advice on managing the password to your Western Account? ITDS maintains a Western Sydney University Password Management (opens in a new window) knowledge article.

Not sure how secure your password is? Test it out at 'how secure is my password' (opens in a new window) - a free online password tester.

Need further assistance?

If you have cyber security concerns, or think you may have been scammed, please contact the IT Service Desk by:

Cyber Security in the IT Knowledge Base

If you want to explore Cyber Security in more depth than outlined above, there are Knowledge Articles that cover several Cyber Security topics. If you're not sure where to start, we've created a Cyber Security Knowledge Base Reference Guide to help!

We particularly encourage students to read through our Student Cyber Security Guide 2020, which is available through the Knowledge Base, article KB0016229 (opens in a new window).

External Resources

StaySmartOnline

The StaySmartOnline (opens in a new window) website is developed and run by the Australian Cyber Security Centre (ACSC) and the Federal Government, to educate and raise awareness about cyber security. It contains sections on creating better passwords, protecting yourself from phishing and similar email scams, protecting yourself from identity theft, and more.
StaySmartOnline even has a small number of videos on their YouTube channel (opens in a new window).

SCAMWatch

SCAMWatch (opens in a new window) is the Australian Competition and Consumer Commission (or ACCC)'s online information and reporting website for scams of all varieties - its scope is wider than only scams committed using the internet. You can also use it to see stats around the amount of scamming happening, the kinds of scams happening, and how to protect yourself.
We would particularly draw your attention to the Little Black Book of Scams (opens in a new window), a document published by the ACCC through their website. The book identifies several common scams, how to recognise them, and how to avoid them.

IDCARE

IDCARE (opens in a new window) is Australia and New Zealand's national identity & Cyber support service. IDCARE is a not-for-profit Australian charity organisation that was created to provide support and advice to people who are recovering from ID theft. The website also includes information on how to recognise the signs of identity theft.

Have I Been Pwned?

The 'Have I been Pwned' (opens in a new window) website is a free resources that can be used to check whether your email address has been involved in a data breach. This is especially useful to know whether passwords need to be changed or how likely it is that someone could use your information to impersonate you online.

How Secure is my Password?

'How secure is my password' (opens in a new window) is a free online password tester - see above for more information. it can be very informative to see just how fast common or weak passwords can be compromised.