AUS: 1300 630 488    NZ: 0800 1477 6287

How to protect your identity and personal information online

It’s now more important than ever to pay careful attention to the information we share on the internet. We explain how to protect yourself.

As the internet continues to play an ever-increasing role in our everyday lives, it follows that the risks associated with using it increase too.

This is particularly true when it comes to our identity and personal information.

For many of us, these risks can be exacerbated by unfamiliarity or uncertainty with the technology being used.

A good general rule to follow is to treat your personal information like you would your cash in real life – don’t just leave it lying around for others to take. Pay careful attention to where you store it.

What kind of personal information can be stolen online?

Our personal information is any information that can be used to identify us online. Many social media websites use it, and share it, to help us connect with people we know or find businesses that might interest us.

However, fraudsters can also use this information for nefarious purposes.

This information might include:

  • Your full name
  • Your address
  • Your phone numbers
  • Your date of birth
  • Your email addresses
  • Your usernames and passwords
  • Your bank details

How can I protect my personal information?

The following tips will help you protect your personal information online and ensure your identity is not used in ways in which you would not approve.

1. Set strong passwords

This is among the most common errors many of us make. Because passwords can be difficult to remember, we may be inclined to set simple passwords – a date of birth, for example, or a single word, or an obvious string of numbers or letters like “12345” of "qwerty".

As you can imagine, the above habits make passwords far too easy for fraudsters to crack. These days, security experts recommend using a “pass phrase” (with four or more words). Try to include numbers and symbols in your password, too – this makes them even tougher to crack. Indeed, many websites will not let you set a password without including numbers and symbols.

Also, it's better if you don't use the same password across multiple accounts. You can download a password manager online to help you keep track of all your various passwords.

2. Adjust your privacy settings on Facebook

Many of us enjoy the social connection and sharing opportunities that Facebook provides. However, Facebook also asks you to fill out information about yourself in the “About” section, such as contact details, birthday, work and education, family and relationships, where you live, and more.

Remember first of all that you are under no obligation to fill these out. If you would like to fill them out, however, then be sure to adjust your privacy settings so that only your friends can see them.

On a computer:

  • Click the downward arrow button in the top right of Facebook.
  • Click on Settings
  • Click on Privacy
  • From here, you can adjust your privacy settings manually, or you can click the “Check a few important settings” button for a full privacy check-up. 

On a smartphone or tablet:

  • On your News Feed, tap your profile picture. This takes you to your Profile page.
  • Tap the symbol
  • Click View Privacy Shortcuts
  • Again, from here you can adjust manually, or click Review a few important privacy settings for a full privacy check-up.

3. Only disclose personal information on secure websites

Often, when shopping online and various other online activities, you’re required to enter personal information – to complete a purchase, for example. Before you do, ensure the website is secure. You can do this by checking the address bar for “https://” (note the "s" for secure – if the "s" is missing, it’s better not to trust) at the start of the address, and a “locked” padlock symbol. This indicates that your data is being encrypted.

If you do have any doubts about a website, call the organisation that claims to represent it, or type the name of the organisation into Google along with “scam” and see if any red flags appear in the search results. The Scamwatch website also provides useful information about how to identify possible scams.

4. Don’t respond to phishing emails

Another common way for your identity and personal information to be stolen is by responding to “phishing” emails. “Phishing” is a term for the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details. The scammers present themselves as trustworthy or official individuals or entities – such as the government, or banking institutions – in the hope that you will unwittingly part with your details in your communication with them.

Remember to never respond to unsolicited messages and calls that ask for personal or financial information. Government authorities, banking institutions and other official entities will never contact you in this manner to obtain your personal information. Better to ignore the email completely and, if you're uncertain, make a phone call to the organisation the email claims to represent.

5. Make sure your software is updated regularly

Whether you’re using a computer, a tablet or a phone, it’s important to ensure you keep your software updated. You’ll receive prompts for this regularly – on a smartphone, for example, it’ll most likely appear as a notification.

Don’t ignore these prompts. One of the most critical functions of software updates is to plug security holes that online criminals have found in your current operating system. By taking the time to install these updates, you’ll be safeguarding yourself from possible identity theft.

For more information about how to protect your identity and personal information online, visit the Australian Cyber Security Centre website or the website of the eSafety Commissioner.