AU: 1300 432 273
 NZ: 0800 201 415


Learning Centre

IDCARE's learning centre is a key resource for visitors to learn how to prepare, prevent, detect and respond. This is where IDCARE prescribes and offers immediate treatment.

Fact Sheets

IDCARE has prepared Fact Sheets that you may find useful.


YouTube Videos

IDCARE has prepared "How to" YouTube videos that you may find useful.

Fact Sheets


Engaging Service Providers

  • Service Providers

    Service providers are organisation that transact with your identity information. These organisations can be government or business, such as telecommunication providers, financial institutions, retail outlets, postal services, and document issuing organisations. Service providers can assist in understanding whether an error is actually identity misuse, how to protect your existing accounts, and if there has been misuse, what precise information about you was misused (for example the credentials used by the criminal). Put simply, they can be critical in understanding what has happened and how to protect and respond. Brace yourself; experiences can be highly variable.

  • Understanding what has happened

    Criminal exploitation of accounts and/or personal information can often present in ways that can look like a transaction or change of account details. It’s important to validate whether what’s experienced is actually a suspected crime or merely a mistake by the service provider. Here are some tips on engaging with service providers when trying to understand what is happening:

    • Put in writing your concerns or at the very least document what you have asked.
    • Ask what and how they will respond to your questions.
    • Ask for a unique reference number to ensure you have an identifier for your request for information.
    • If your request relates to a transaction, ask for specifics about the transaction, such as when did it occur, via what channel, what information was provided and related “evidence” about the transaction.
    • Ask for any documentation from the provider regarding the event, such as a billing account number, a service number, a ‘welcome letter’ or invoice.
    • Contact information about an escalation point within the service provider just in case you are not satisfied with their response.

    Note that not all service providers will give you an option to call. Technology companies are known for difficult customer engagement channels.

  • Protecting Yourself

    When requesting that a service provider assists in protecting you:

    • Ask what your service provider can do to increase the security of your account and information. Some service providers may be able to increase account monitoring or disable the ability for your account to engage overseas – such as transfer money overseas (if you don’t have a need).
    • Ask your service provider to place a not on your file / customer account record if you suspect that someone has acted criminally.
    • If you have to put things in writing or prove who you are, ask the service provider to acknowledge that you have done this in writing.
    • Ask whether there are any costs associated with increasing your security and related terms and conditions.
  • Responding when things take a turn
    • In most cases you are entitled to know what information was used to identify you during the suspected fraudulent transaction. This information is vital.
    • Request written confirmation that your identity was misused with the service provider – this may assist in being reissued a new driver licence number in Queensland and NSW if this was misused.
    • Report to Police and contact IDCARE.
    • Check your credit reports – you may need to request for them to be corrected.
    • If your service provider is a government agency, financial institution, superannuation fund or telco, you can escalate complaints to the relevant ombudsman.

Engaging Credit Report Agencies

  • What are Credit Reporting Agencies?

    A credit reporting agency is a private company that collects data and maintains historical information on consumer and business credit records. Credit reporting agencies also provide consumers and credit providers with credit reports. A credit report is a point in time snapshot of what credit related transactions you have made where the provider of credit has checked your history. You are entitled to one free credit report every year. A credit history provides a ‘picture’ of how you use credit. If you have ever owned a credit card, taken out a loan, or applied for a mobile phone plan you will have a credit history. Your credit history may include information such as loan inquiries, current loans, defaults, bankruptcies, and details about whether you pay your bills on time. This ‘picture’ is used by credit providers when deciding whether or not to approve an application for credit.

  • Why do I need a Credit Report?

    A credit report is a means to assess whether someone has attempted to obtain credit in your name. A yearly credit report is also a way you may monitor your file to ensure no errors are on your report. Errors may look like enquiries organisations have made about your credit you can’t explain.

    Note: If you request your credit report, your current contact details will then become available to any lenders, creditors or debt collectors who check your report.

  • How to do I obtain a Credit Report?
    • Request a free credit report from ALL relevant agencies as some may gather credit information others have missed:
      • Australia – Equifax, Experian, Dun & Bradstreet
      • Tasmania – The above and Tasmanian Collection Service
      • New Zealand – Equifax, Centrix, Dun & Bradstreet
    • Have sufficient identification ready in order to obtain your credit history.
    • You may be charged a fee if you have already obtained a report from the same credit reporting body within a twelve month period.
    • You may also be charged a fee if you require an urgent copy of your credit report – free credit reports take up to 10 working days.
    • If you would like help understanding the process or need assistance in obtaining or interpreting your credit report please contact IDCARE.
  • What if my identity has been compromised?
    • If there is risk that your identity may be fraudulently used, it is recommended that a ban (also known as a suppression) be placed on your file – this is a free service.
    • During a suppression period, credit providers will not be able to access your file for 21 days (Australia) or 10 days (NZ).
    • Report your matter to police and notify your financial institution(s).
    • A suppression may be extended indefinitely but you will need to provide proof of fraudulent activity (or risk thereof) ie: police report or if it’s an online crime and you’re in Australia an ACORN ( report number, or if in New Zealand a report number from The ORB (
  • Relevant Websites

Understanding Identity Theft

  • Identity Theft

    Identity theft is a type of fraud that involves the compromise of identifying information that may or may not result in the misuse of such information by another person without authorisation. The theft of identifying information is also referred to as an “identity compromise”. The further usage of compromised information is also referred to as “identity misuse”. Identity theft can occur online or offline or a combination of both. Common information targeted include driver licences, passports, and account details.

  • Common Signs of Identity compromise and misuse
    • Lost or had stolen important documents (e.g. passport, driving licence)
    • Mail stops arriving at your designated address.
    • Items appear on bank/credit card statements you don’t recognise.
    • Bills, invoices or receipts addressed to you for goods/services you haven't asked for.
  • Responding to Identity Theft

    Every case is different, but here's some general tips on what to do:

    • Contact IDCARE to assess your risks and build a tailored response plan.
    • Update and run anti-virus software on all internet-enabled devices.
    • Reset all password and PINs
    • Review where you keep your personal information on your devices, such as emails and hard drive and remove unnecessary items.
    • Review your existing accounts. Look for unauthorised transactions, changes to settings (for example email particulars) and, if possible, times your account has been accessed.
    • Check your credit report to see if someone is accessing credit in your name.
    • Contact your financial institution and let them know what's happened and ask how they can assist.
  • Mitigating the risk of Identity Theft Online
    • DO NOT open suspicious texts or emails – delete them.
    • Never send money or give credit card, online account details or copies of personal documents to anyone you don’t know or trust - and never by email.
    • Choose passwords that would be difficult for others to guess, and update them regularly.
    • Secure your networks and devices with anti-virus software and a good firewall.
    • Be cautious about using social media and limit the amount of personal information you publish online.
    • Be cautious about requests for your personal information over the internet.
  • Mitigating the risk of Identity Theft Offline
    • Secure your personal documents at home and when travelling.
    • Put a lock on your mailbox and destroy any documents containing personal information not required.
    • Be cautious about requests for your personal information over the phone and in person.
    • Order a free copy of your credit report from a credit reporting agency annually.
    • Regularly check your bank & superannuation statements.
    • Be curious about where your information goes that is collected by organisations – you have a right to know why they are collecting it, how they will secure it, for how long they will keep it, whether they will share it.

Understanding Telephone Scams

  • Telephone Scams

    The most prolific form of identity compromise currently impacting the Australian and New Zealand communities are telephone scams. Most scams originate from offshore. There are two common varieties -

    1. scams that deceive individuals to provide personal information and payment details over the phone;
    2. scams that can lead to remote access of a device for the purposes of harvesting information, transacting and/or installing malware, such as ransomware.
  • Detecting telephone scams
    • Cold calls from individuals that claim to be from well-known government and private sector organisations.
    • Numbers may appear from Australia or New Zealand, but will likely be routed from offshore.
    • Scammers will look to incentivise individuals to act on something, for example a prize, a grant, an unpaid tax, a virus.
    • Scammers will ask you to “prove” who you are or ask for access to your device.
    • Some may even threaten legal action.
  • Preventative measures
    • Good organisations won’t call you and then ask you to prove yourself.
    • Scam calls can be received from landline or mobile numbers and the “Do Not Call” register will only keep honest telemarketers at bay.
    • Don’t feel pressured to act. If you think a call may be legitimate take down the person’s name and number and do your own research. Make sure when you hang up you hear a dial tone – some scammers will pretend to hand up and catch you dialling the real organisation’s number only to pretend to answer it (when they haven’t disconnected from the first call).
    • Don’t think a message left is more legitimate, it’s not.
    • Hang up if you suspect it is a scam and talk to family or friends about it.
  • Responding to telephone scams
    • If you believe that you have experienced a telephone scam contact IDCARE for assistance 1300 432 273 (AUS) 0800 201 415 (NZ) or
    • Disconnect your device immediately form the Internet if they have gained remote access.
    • Immediately contact your financial institution(s) and inform them of what has happened.
    • Engage service providers and ask what additional security can be put in place.
    • Note down any identifiers of scammers, such as the telephone numbers they have called from.
    • If you believe you have had your licence, passport or other high-risk credential compromised see our Fact Sheet about Credit Reporting Agencies.

ACORN and the Police

  • ACORN and the Police

    Both the state and federal police exist in Australia and it can be difficult to determine which one is responsible for taking reports about the compromise of personal information. In most cases your local police station is the best place to start. If you believe your information may have been compromised or misused online, then the local police most likely will refer you to the Australian Cybercrime Online Reporting Network (ACORN). is a national online police reporting tool where users can input key information about what they have experienced. From there, the report is distributed to the relevant law enforcement agency for review. The most important things ACORN providers individuals is a report number.

  • ACORN & Police Report Numbers

    An ACORN Number (for online events) and a Police Report Number (for offline events) are critical for someone who believes their personal information is at risk. These numbers are relied upon throughout the response system by service providers and credit reporting agencies to assist them in progressing your protection and response requirements. In relation to police progressing your matter this will depend on a number of factors, least of which is the prospect of an investigative outcome.

  • Police Engagement

    Most Australians and New Zealanders in their ordinary lives have had little to do with police. When you experience the compromise of your information and/or its misuse, you not only have to respond to the event but work out which organisations you need to engage, how, why and what to expect. In IDCARE’s experience every police agency across Australia and New Zealand are slightly different on how they do things. In Australia, State and territory police have primary responsibility for progressing individual reports of identity and cybercrime. Accessing police report numbers can be at times difficult in some States and the physical copy of a report is something that you may have to pay for. Transnational crime is also largely responsible for what occurs in Australia and New Zealand when it comes to identity and cybercrime. One person’s report can be a critical contribution in building this picture.

  • Police Process

    Like any reported matter to the Police, an identity and cybercrime report from and individual or business will need to be assessed and prioritised against other matters. For local police this may be an assessment against reports of assault, abuse and disturbing the peace. For someone who experiences identity and cyber-related crimes the most critical part of your engagement with police is the reporting process and evidencing that the report has been made. The risks to individuals in most cases are much larger and require many more actions that don’t rely on police involvement. To explore these IDCARE provides clients with Response Plans that are tailored to your needs and are developed in a way that meets your priorities and capabilities. A key step in these plans we develop will almost always be to report your matter to police, because evidencing such reporting is a critical step in the broader response journey most people will confront.


IDCARE Self-Assessment


Image Exploitation

  • Image Exploitation

    Image exploitation is when an individual’s image is used without their knowledge or consent and then used to exploit the individual. Images that can be exploited are diverse and cover instances where leverage can be gained by a perpetrator, including intimate photos, private emails and text messages, and credential information. Images may also be fraudulently used on fake credentials and web sites that sell products and seek to exploit others, including consumers. The impact of image exploitation on a person can be very significant and can be influenced by their willingness to communicate and confide in others, their sense of helplessness, the perceived impacts to them and others, and the seriousness others take in assisting with their response.

  • Detecting Image Exploitation

    The process of detecting if an image has been exploited can at times be quite difficult. Reverse Images search programs (e.g. can be used to search the web for duplications of an image. Other instances of image exploitation can be more direct, particularly if a perpetrator engages direct with an individual with a view to leveraging their situation for some form of ransom.

  • Preventing Image Exploitation

    Here’s a number of practical measures to consider in reducing the risk of image exploitation:

    • When sharing sensitive images, be certain that the individual or site you are sharing them with/on is one that you trust and is verified.
    • When engaging with online services (e.g. Facebook) minimise the type of sensitive materials you share – assume scammers will be watching.
    • Do not store sensitive images on open/low security devices or software – IDCARE recommends keeping all sensitive information on an external hard drive the is not connected to the internet when not in use.
    • Be future minded – ask whether an image could be exploited at some future point.
  • Responding to Image Exploitation
    • Report: Companies (e.g. Facebook) will often remove content which has been posted online for you if you request it.
    • Store Evidence: Preserve any information which is related to your content being posted online.
    • Remove: There are services available which serve to remove online content from the internet for a fee (e.g.
    • Legal Action: It is possible to take legal action against those who publish an individual’s intimate photographs without consent. Report to police and if you suspect this involves a child image exploitation contact the eSafety Commissioner (
    • Seek Help: Seek counselling/support by calling IDCARE.

Avoiding Phishing

  • What is Phishing

    Phishing emails are emails that encourage a recipient to click on a link, download an attachment or perform some action on the pretext of being legitimate. Phishing emails can come from scammers who claim to be from someone or something you know.

  • Detecting Phishing Emails
    • Compare the email address with the information on the sender.
    • Avoid clicking any links or opening attachments before you investigate.
    • Look at alternative ways to communicate with the person or organisation if you are still unsure.
    • Mention it to someone you work with or a friend first before you act - get advice before you click.
  • What you need to know about phishing
    • Anyone can fall for a phishing email.
    • Recipients can be motivated because they want to do the right thing or avoid some type of penalty.
    • When we focus on following a task, it can be human nature to let our guard down when it comes to looking for what's deceptive.
    • Successful phishers are those that purport to come from senders that are known by recipients, including big government and big business.
  • A Guide on Avoiding Spoofing

    Spoofing emails are emails that encourage a recipient to click on a link, download an attachment or perform some other action on the pretext of being legitimate just like other phishing emails. The big difference is that the sender address is the genuine address.

    How can Spoofing impact you?

    • You can receive an email that has been "spoofed" from an address you know to be right.
    • Your email can be "spoofed" and people you know receive it and think that you have sent it.

    How do you know if you have received a spoofed email?

    • Follow the C.A.L.M. advice. Avoid making quick decisions and look to confirm what is asked using other contact means. Just like typicaly other phishing emails, spoofing emails often require the recipient to do something that is time critical. Please consult your IT service for assistance.

Knowing Your Privacy Rights

  • Knowing Your Privacy Rights

    We all have rights in relation to the protection of personal information. Privacy legislation in Australia and New Zealand requires regulated entities to protect your information that identifies you. It is important to understand these rights, particularly when they are threatened by identity compromise and misuse, including data breach events. The Privacy Commissioner websites in Australia and New Zealand are the best sources of information on these rights. This Fact Sheet introduces the basics and provides some tips if your identity information is compromised.

  • Know Your Privacy Rights

    In most cases privacy legislation and related rules allows individuals to:

    • Know why information is being collected, how it will be used, and who it can be disclosed to.
    • Give an option to opt out of being identified or using a pseudonym.
    • Ask for access to your own personal information.
    • Stop receiving unwanted direct marketing.
    • Ask for incorrect information to be corrected.
    • Make a complaint about an entity covered by the legislation if you believe they have mishandled your information.
  • Privacy Awareness

    It is important to take steps to maintain the safety of your privacy:

    • Always read privacy policies to understand how your information will be used.
    • Always ask why, how, and who. If you don’t think they need it, don’t supply it.
    • Keep yourself safe online. Make sure the websites you are visiting are secure before providing any personal information. Avoid using unsecured Wi-Fi. Use strong, diverse passwords for all your accounts.
    • Use security software on all devices.
    • Be careful with what you share on social media and store on your devices.
    • Be careful with what you share on social media and store on your devices.
    • Keep up to date on the latest scams.
    • Block cookies and think about whether you are happy to lose control of your private information.
  • Privacy and Identity Theft
    • You have a right to know what personal information of yours was used to commit a crime. Be persistent. Businesses are expected to have procedures for identifying and responding to privacy issues.
    • Note that whilst an organisation is not required to provide you details about the person that is suspected of impersonating you, there are ways that good organisations can validate whether your credentials have been used, such as parties confirming the first and last numbers of a credential.
    • Ensure that all communications and decisions made with the business are recorded.
    • You have a right to obtain free credit reports every year. If you believe your credit report is at risk because of identity theft and fraud you can request a credit ban (see
    • Some industries have a national ombudsman, or a state and territory industry ombudsman. These offices may be able to resolve disputes on your behalf.
    • We’ve seen organisations facilitate the further compromise of personal information because they have willing divulged details to perpetrators thinking it is to the real customer – it’s important to understand whether this has happened and what the service provider proposes to do in response.
    • If your information has been data breached, check out our Fact Sheet on data breaches for consumers.


  • What is Facebook

    Facebook is a free social networking website supporting over 1 billion individual users, groups and businesses worldwide. Users can send and receive written messages, share photos or videos, link posts to news or other content, stream videos and play games. Facebook also supports interactive, real time online chat. Facebook has the benefit of being more open and social than traditional communication tools, but usage does not come without its risks. By reviewing your Facebook security settings and being conscious of how you use Facebook you can mitigate risks to your account and personal information.

  • Detecting problems with your Facebook account

    Facebook give users the option to enable email or login notifications that alert users whenever their account is logged into. Facebook also allows users to check their security settings to ensure they are the only person logged into the account.

    If you receive an unusual message from friends or family, do not respond or click on links provided; rather confirm its validity by reaching out to them via other communication methods. Request that friends and family do the same if they are feeling unsure about a message or request. A potential complication with some online accounts is that when established they may have relied on an existing Facebook account. This can lead to uncertainty as to what is compromised.

  • Preventing Facebook account problems
    • Ensure you are using the correct website before logging in.
    • Choose a secure password you do not use for other online accounts.
    • Keep your information/profile private. If you don’t want people to know – don’t share.
    • Avoid clicking bait links that appear in your feed and in messages.
    • If you are prompted to login to your account by clicking on articles, do not; this is software that captures your information.
    • To review your settings:
      1. Select Account at the top right hand corner of your logged in Facebook profile
      2. Select Settings
      3. Review options under Security
  • Responding to threats on Facebook
    • Inform Facebook immediately if you suspect fraud. Facebook has the option to ‘report’ a profile that is impersonating someone you know, representing a business or organisation, is annoying you, or sharing inappropriate or offensive material.
    • Report if your own account has been compromised and follow Facebook’s official account recovery instructions.
    • If someone you know is threatening or bullying you, screen shot the evidence to provide to police if necessary.
    • If you believe that any personal information is at risk through Facebook, please contact IDCARE immediately / 1300 432 273 (AUS) / 0800 201 415 (NZ)


  • What is LinkedIn

    LinkedIn is a social networking tool for individuals interested in developing their professional network and find new opportunities to grow their careers. LinkedIn operates similar to other social media platforms. You invite “connections” and converse via private messages. However, instead of sharing photos you display your professional experience and achievements on your profile. While LinkedIn facilitates great opportunities to connect it may also be used as a tool to facilitate social engineering by online criminals.

  • Abuse Occurring via LinkedIn

    Emails and related contact details are accessible on LinkedIn. This may be influenced by the level of access afforded to users – for example, premium service recipients are able to send messages direct to a certain number of prospective connections. Here are some of a few instances of abuse reported to IDCARE from users of LinkedIn:

    • Invitations to connect with unknown people who send emails containing links aimed at directing you away from the LinkedIn in order to facilitate deceptive engagement.
    • Fake Jobs / Money Laundering where job opportunities are made by criminals that are administrative, requires a person to transfer money (often overseas) and may even demand an 'Application Fee' is paid.
    • Receiving unsolicited emails with a .zip file attached that may contain malware/trojans that can steal your data.
    • Receiving unsolicated emails seemingly targeted towards your profession/interests, these may be phishing emails.
  • Prevention
    • Go to Linkedin’s privacy settings and review who can access your contact information.
    • Ensure your email and LinkedIn account have strong and separate passwords – If a scammer can access one, they can access both.
    • Do your research on individuals wanting to contact you about a job opportunity.
    • Don’t match with connections you do not know or do not trust.
    • Review the type of information you post about yourself. You don’t need to share your full name and date birth. Never share credential information, such as images of licences and passports.
    • Always use anti-virus and be careful to only access social media on trusted wi-fi.
    • Check and download Linkedin updates.
  • Responding to threats on LinkedIn
    • Forward or send a screenshot of any suspicious emails/messages to
    • Download and run the latest anti-virus software.
    • Change your Linkedin password, preferably from another device.
    • Remove or block the connection who send suspicious email/message.
    • Delete suspicious emails from your account.
    • If you believe the email/message could have been part of a job scam, contact IDCARE immediately 1300 432 273 (AUS) 0800 201 415 (NZ).


  • What is Instagram

    Instagram is a social networking app made for sharing photos and videos from a smartphone. Similar to Facebook or Twitter, everyone who creates an Instagram account has a profile and a news feed. When you post a photo or video on Instagram, it will be displayed on your profile. Other users who follow you will see your posts in their own feed. Due to the increased popularity of Instagram. Instagram is a greater networking tool, but can be exploited to access private photos, geo-locate, delete photos, edit comments and post new photos.

  • Detecting an Instagram compromise
    • Your account is leaving comments or sharing things that you haven't posted.
    • Without acting your account starts to follow people you don’t know and also like their images.
    • There are images on your account which you KNOW aren’t yours.
    • You don’t have access to your account anymore and you are 100% sure that you’re using the right password and it’s not a technical glitch.
  • Preventative measures
    • Don’t post information, photos or videos you wouldn’t want made public.
    • Always use strong, unique passwords.
    • Enable personal verification as a tool if you forget your password.
    • Do not allow access to 3rd party apps that may collect your information.
    • Keep backups of your posts if they are important to you or your business.
    • Unfollow or block those that threaten your wellbeing.
    • Disable geolocation on posts, tailored ads and others ability to tag you in photos.
    • Use a “link checker” service to ensure all links are safe before clicking!
    • Use private accounts so that only those who you permit can see your content.
    • Don’t provide your real date of birth when registering your account.
  • Responding to threats on Instagram
    • If your registered Instagram account email was changed, there should be an email from Instagram confirming that you’ve changed your email.
    • Click the link attached to the email to revert your account back to the original email address.
    • If you don’t have this email, do a password reset to reset the password to your original email account.
    • If you don’t get this email reset your password then report your account as being compromised to Instagram.
    • Inform Instagram immediately if your account has been compromised by going to their Help Centre (see
    • If you have concerns about your personal information or cyber security please contact IDCARE: 1300 432 273 (AUS) 0800 201 415 (NZ).


  • What is Twitter

    Twitter: is a virtual and public forum used by individuals, groups and businesses. This social media platform is designed for users to be able to share and discuss opinions and events referred to as ‘tweets’. Tweets are short and succinct, allowing for informal collaboration and quick information sharing. Twitter Profiles are often public, allowing the world to see this information with few restrictions. It’s important to understand how to use Twitter safely, what to look for if things go wrong, and how to respond in these cases.

  • Detecting things that may indicate something is wrong
    • Watch out for notifications of tweets or direct messages you did not send.
    • Keep an eye on your followers, changes to users you follow may indicate a compromise.
    • Check your profile often to ensure that changes have not been made.
    • Check the apps you have attached to your profile and revoke the authorisation of any that look suspicious.
    • Utilise two-step veritifaction to receive notifications when your account has been accessed.
  • Preventative measures
    • Don’t post information, photos or videos you wouldn’t want re-tweeted by strangers.
    • Always use strong & unique passwords.
    • Enable personal verification as a tool if you forget your password.
    • Remove unknown apps from your twitter account that collect data.
    • Ensure you are using the legitimate twitter website before signing in.
    • Keep backup your tweets if they are important to you or your business.
    • Unfollow or block those that threaten your wellbeing.
    • Disable geolocation on tweets, tailored ads and others ability to tag you in photos
    • Use a link checker service to ensure all links are safe before clicking!
  • Responding to issues on Twitter
    • Report if your own account has been compromised and follow Twitter’s official account recovery instructions.
    • Inform Twitter immediately if you suspect fraud. Twitter has the option to ‘flag media’ if a tweet, ad or image is inappropriate, offensive or fraudulent.
    • Twitter has two forms for reporting: One form is for reporting impersonation and the other is to report abusive or harassing behaviour.
    • If you believe that any specific identity documentation has been compromised through linked accounts/apps, please contact IDCARE for assistance 1300 432 273 (AUS) 0800 201 415 (NZ) or

Understanding Ransomware

  • What is Ransomware

    Ransomware is a form of malware (a virus) that encrypts files, or denies the user the ability to access their device, or both. There are many forms of ransomware, but they all lead to a demand for payment of a ransom for access to be allowed. Attacks typically come in the form of phishing emails, downloading free software, and remote access scams (someone being provided access to another person’s device and installing ransomware whilst in control). Once the ransomware has been executed, such as by clicking on links or attachments, the criminals have largely automated their whole process. Pop-ups or other screen messaging will alert the user to “a virus” or “encryption” or “computer being locked”. A contact point will be provided, typically with a short timeframe to respond to the ransom demand.

  • Detecting Ransomware

    There are two ways to detect ransomware: (1) prior to executing the malware and (2) after executing the malware. The best way of detecting it before it’s executed is through anti-virus. Make sure you run anti-virus on all devices frequently. The other way is when it’s been executed and a demand is made.

  • Preventing Ransomware
    • Ensure you back-up all of your data.
    • Run anti-virus frequently and make sure it’s the most recent version – millions of viruses are created each year so your anti-virus needs to keep up with these.
    • Turn off your cloud storage when you are not using it (like Google, DropBox, OneDrive etc).
    • Keep your operating system and apps/ software updated.
    • Consider blocking ads and pop-ups, and think twice before downloading freeware (free downloads) without checking their security first!
    • Become familiar with how to spot phishing emails and never provide remote access to your device when someone calls or emails you first.
  • Responding to Ransomware

    There are hundreds of ransomware types, but unfortunately most cannot be decrypted. Ransomware encrypts and the criminals using it have the tools to decrypt. Before you think about paying, you may want to try the following:

    • EUROPOL and a number of software security vendors have launched a free decryption check called CRYPTO SHERIFF that can be accessed at
    • Decryption services – these are by no means a guaranteed result and most cost money.
    • Assess what’s at risk and would be lost. If there’s too much at stake you may have to consider paying but be careful, you’re dealing with criminals.

Dealing With Debt Collectors

  • Debt Collectors

    Debt collectors work to collect debts on the behalf of business and government. Debt collectors include organisations that are collecting debt on behalf of organisations money is owed or organisations that have “bought” the debt from another organisations and will retain all money collected. Irrespective of the type of debt collector, you have protections under consumer law and privacy codes. For individuals experiencing identity theft, debt collection notices may be the first sign that an identity has been misused to obtain credit.

  • Debt Collection and Your Rights

    Generally speaking, under Australian and New Zealand debt collectors cannot:

    • Use physical force, or coercion.
    • Harass you unreasonably for payment.
    • Mislead or deceive you.
    • Take unfair advantage of any vulnerability, disability, or other similar circumstances that may affect you.

    This applies to yourself, your spouse, your family, or others who may be connected to you. If a debt collector mistreats you, you can make a formal complaint the relevant authority (Aust is ACCC and NZ is Consumer Protection).

  • Being Contacted About a Debt

    If the debt is legal and reasonable, a debt collector should only contact you when it is necessary to do so. Reasons may include:

    • Making demands for payment
    • Making arrangements for payments
    • Discussing why a repayment plan has not been fulfilled
    • Reviewing a repayment plan
    • Inspecting or recovering mortgaged goods

    Visits to your home will only ever happen if there is no other way the debt collector can contact you, or if you ask or agree to a home visit. If poor conduct occurs that results in assaults or threats of violence, then the collector should be reported to immediately.

  • Debt Collectors and Identity Theft

    Seven steps are really key when you suspect a debt collection is a sign that your identity has been misused by someone to obtain credit in your name without repayment:

    • Lodge a dispute with the debt collector and confirm in writing the name and nature of the original credit provider (such as the telecommunications carrier or bank).
    • Lodge a complaint with the original credit provider and request that the debt be investigated, including what specific information of yours was used to establish the original debt.
    • It is important to consider requesting that your credit report also be corrected by the credit provider and that they provide written confirmation of this and a relevant case number.
    • Request credit reports from the three major credit reporting agencies (go to and regularly to keep track of your finances, as there is a chance that other misuse may have occurred.
    • Consider requesting credit bans to stop future misuse of your credit. For further information on credit bans (go to
    • Contact IDCARE to discuss your options and develop a tailored response plan.
    • Consider reporting the matter to your local police.

Ransomware and Small Business

  • Ransomware

    Ransomware is software designed to infiltrate and remotely lock your device or network until your pay a fee. Small businesses can be particularly susceptible to ransomware attacks. Small businesses are rightly focused on building and sustaining their operations. They typically don’t have dedicated information technology and security staff, and for a large number are family operations that can blur boundaries between “business” and “personal” technologies and online accounts. Business pressures, resource constraints and blurring of information environments can all heighten the risk for small businesses to ransomware attacks.

  • Detecting Ransomware

    Ransomware will generally present itself clearly, in that your device will be unusable and there will be a message demanding payment.

    It is best to detect ransomware before an attack by using an up-to-date anti-virus program.

    Ransomware may occur via phishing emails, online “pop-ups”, or even covertly through older versions of operating systems that have not been updated. Phishing emails and pop-ups look to inspire action by clicking on links, attachments or making phone calls. Always think before you act and ask someone if you or your staff are not sure.

  • Prevention

    You can minimise your susceptibility to ransomware attacks by:

    • Regularly backing up your files externally and offline. Businesses are most susceptible to ransomware when there are no file backups.
    • Regularly updating your operating system, anti-virus software, and applications.
    • Regularly running anti-virus programs and treating all devices connected to your business and business applications (such as accounting software).
    • Using strong passwords, and changing them regularly.
    • Not clicking on suspicious links in emails, even if they appear to be from a trusted source. Phishing attacks often lead to ransomware attacks.
    • Becoming an IDCARE small business member and participating in our business cyber resilience program (see
  • Responding to a Ransomware Attack

    Seven steps are really key when you suspect a debt collection is a sign that your identity has been misused by someone to obtain credit in your name without repayment:

    • Disconnect the device from your network to limit the scope of the attack.
    • Check on your back up files using a different device and network. Avoid reconnecting until you are able to clean your affected device with anti-virus software and/or a decryption service.
    • EUROPOL and a number of software security vendors have launched a free decryption check called CRYPTO SHERIFF that can be accessed at
    • Assess what’s at risk and what would be lost. If there’s too much at stake you may have to consider paying but be careful, you’re dealing with criminals.
    • Change your passwords and PINs.
    • If you have supplied your credit card or account details, contact your financial institution.
    • Really weigh up whether to pay or not and the risks to your situation. Engage IDCARE if you need advice and assistance.

Understanding Patching

  • What is patching?

    A patch is a piece of software designed to update a computer program or it’s supporting data to enhance performance and/or address vulnerabilities. Security vulnerabilities, commonly called bug fixes or bug fixes, is a key outcome for most patches.

  • Why is patching important?

    By not applying a patch you might be leaving the door open for a malware attack, including ransomware. Malware exploits flaws in a system in order to do its work. Unpatched defects in software may allow malicious websites, etc. to infect or compromise your computer with no action on your part.

  • Detecting vulnerabilities & weaknesses in software
    • Check your server or operating system provider’s website for updates.
    • Vulnerabilities may present as missing encryption for sensitive data, a reduction in system performance, and incompatibility with other networks and applications.

    These vulnerabilities and weaknesses make your network susceptible to hackers and scammers looking to take advantage of unaddressed vulnerabilities and weaknesses.

  • Preventing compromises
    • Operating software is imperfect so it is always important to keep your software up to date.
    • Use an automated patching tool to keep your software updated.
    • Use a traffic scanning tool to keep you from accessing infected web locations.
    • Use an application that can block advanced forms of malware, which antivirus can’t detect or block. These will sometimes require payment.
    • Use an antivirus in case you get infected.
    • Remove software you no longer require or do not recognise.
    • Regularly check your operating system and server sites for updates.
  • How to patch software

Understanding Cryptocurrencies

  • What is Cryptocurrency?

    Cryptocurrencies such as Bitcoin or Ethereum are digital currencies in which ‘coins’ are exchanged for goods and services via the internet. Cryptocurrencies maintain legitimate benefits as an alternative to traditional currencies such as no banking fees, instantaneous transfer of funds, and privacy of your personal data. However, a lack of oversight from regulators and the increasingly preferred use of crypto or virtual currencies by criminals has meant that cryptocurrencies have become synonymous with cybercrime. Just like many other payment systems and platforms, cryptocurrencies are not immune from scams.

  • You may have been involved in a cryptocurrency scam if
    • You ordered goods/services with cryptocurrency through a site that never arrived, and the vendor can no longer be reached.
    • You installed software related to your cryptocurrency and notice unexplained transactions within your account.
    • You did not receive the promised return of your investment and are encouraged to buy more to ‘recoup your losses’.
    • You are asked to receive cryptocurrency and tasked with transferring to other bank accounts with the promise of a percentage - this may be money-muling and is a criminal offence.
    • You engaged with a fake website that mimics legitimate website, offering cryptocurrencies at lower prices.
  • Protecting against Cryptocurrency scams
    • Never agree to transfer funds for someone else and then transfer to another account.
    • Seek out the public identity of the company/people you are engaging with.
    • Be cautious with any site or software promising you a fixed gain as these can be scams.
    • Be certain of the person/product you are engaging with as cryptocurrency transactions are almost all irreversible.
    • Ensure you have adequate protection on your devices through which you conduct any activity involving cryptocurrencies.
    • If someone is selling a cryptocurrency investment opportunity do plenty of research and engage widely first.
  • General response advice for Cryptocurrency scams
    • Disengage with all parties involved to minimise further harm.
    • Save evidence of transactions, correspondence, information about those you have engaged etc.
    • Ensure no breach of your device of personal information occurred by completing a virus scan, reset all PIN’s and passwords, clear history and remove cookies and if required reinstall your operating system.
    • Reflect on what information was provided about yourself during the scam.
    • Contact IDCARE to work through your concerns and to develop a response plan ( / 1300 432 273 AUST / 0800 201 415 NZ).

Safely Shopping Online

  • Online Shopping

    Online shopping has made the shopping experience more efficient and more accessible. Unfortunately, some websites are not as genuine as others. You may find you have been charged for a product you never receive, or that the vendor is asking you for identity documents in exchange for receiving your purchase. This fact sheet will provide some tips on how to safely shop online, and steps you can take if something goes wrong.

  • Protecting Yourself Online
    • Research the website/seller’s history and reliability. Reviews and comments from other buyers can help you ensure its authenticity
    • Use secure payment methods like credit cards and PayPal. These may recover your money if things go wrong. Online shopping scammers will often ask to use money orders, wire transfers or a pre-loaded money card because they’re less secure. Scammers may also ask that you pay with gift cards from the genuine retailer
    • Check you’re on a secure web page. These pages begin with ‘https://’ and show a locked padlock symbol in the address bar. These will encrypt your data
    • Check if the company has complete, and verifiable, contact details, including street addresses
    • Be cautious of links to fake websites on genuine shopping websites and avoid clicking on pop-ups
    • Avoid shopping on public networks or Wi-Fi connections as your data is less secure on these networks
    • Be aware of websites that advertise sales that seem too good to be true. Online shopping scammers may encourage you not to miss out on a particularly good deal. If you are unsure, research the website and find reviews.
    • Read any refund or return policies, and ensure they seem fair. Genuine websites often have detailed descriptions on their policy
    • Ensure the website provides contact details for any customer enquiries.
    • Don’t interact with sites that ask for too many personal details or ask for identity documents. They don’t need these.
    • Keep track of your email confirmations, and make sure you receive one before you close your browser. Make a record of reference or receipt numbers.
    • Make sure you understand the full cost of your purchase, including tax, shipping costs, and international transaction fees.
  • Common Online Shopping Scams
    • Fake retailer websites: Scammers set up websites that look like the genuine retailer. The websites may advertise the same products at highly reduced prices and often charge you through unreliable payment methods.
    • Online auction sites: Although online auction sites such as eBay are reliable, sellers may attempt to make a deal outside the website to scam you into giving them your money or details. Since these transactions happen outside their jurisdiction, the original legitimate auction site will not be able to help you.
    • Online classified websites: Scammers may post fake ads on classified websites and you won’t receive what you purchased. Or criminals may pose as buyers, and try and get your personal details, or get you to refund money that they haven’t really paid you.
  • Responding to Online Shopping Scams

    If you suspect your identity has been compromised, or if you have sent money to a scammer, there are steps you can take to limit damages:

    • If you have bought something online and you believe it may have been a scam, contact the retailer or auction service first. There may be a legitimate reason for your problem, or they may be able to help you recover from the scam.
    • If you’ve sent banking details, contact your financial institution immediately and try to stop any possible transfers. If you paid by credit card, you may be able to arrange a charge-back through your financial institution.
    • Assess any identity documents the scammer has access to, and contact the relevant agencies.
    • If you’ve clicked on any links or pop-ups, make sure to run anti-virus scans on any devices.
    • Report any scam pages to ACORN (
    • Be cautious of secondary scams that may attempt to use your details.

Employment Scams

  • Employment Scams

    Employment Scams are designed to recruit unsuspecting individuals to launder money for criminal organisations. These scams are typified by job advertisements posted online, or emails sent to random addresses, promising quick commissions in return for receiving and transferring money or goods elsewhere. These criminals often use online chat rooms, social networking sites, hoax websites and fake profiles to furnish the scam to convince the recruit. New recruits are usually found using resumes published by hopeful job-seekers to job websites. The recruitment process is usually quick, with little to no training required. Most ‘jobs’ offered are work-from-home situations and relatively easy, but promise high-return commissions. Often it is not until the victim is alerted by their bank or money transfer service that they will leave the scam. This scam will also typically gain access to victims’ passports, driver licence and tax information under the ruse that they are applying for a legitimate job.

  • Detecting An Employment Scam

    Detecting an Employment Scam: If you believe you may be involved in an employment scam, keep track of the following warning signs: 1) The contact is offering you a guaranteed income or job 2) They claim that you can make a lot of money for little effort using your personal computer 3) The message is not addressed to you personally 4) They ask you to provide your personal credentials before you know all the job details 5) The job entails facilitating transactions or reimbursements 6) Referee are not checked 7) You never have visual contact with the person asking you to work for them 8) They are an overseas company wanting to transfer money through Australia.

  • Preventing Employment Scams
    • Be suspicious of any unsolicited job offers, especially if they are guaranteed without interview
    • Do not give your personal credentials to a stranger offering an unsolicited position
    • Be wary of emails with language errors
    • Avoid offers from a stranger that requires immediate up-front payment
    • Never agree to transfer someone else’s money, especially if they are a stranger
    • Take steps to research the company in relation to any scams, as well as checking relevant business registries for licencing
    • Don’t provide information to someone asking for details regarding your financial status/personal information e.g. marital status
  • Responding to Employment Scams

    If you believe you have been a victim of an employment scam, there are a few steps you can take to limit the damage:

    • Stop sending any more money and immediately contact your bank(s)
    • Assess what identity documents the scammer has gained access to, and contact the relevant agencies
    • Report the scam to police, and any relevant job sites if it originated from an online ad
    • If you clicked on any links/downloaded attachments in emails, make sure to run anti-virus scans on your devices
    • Consider taking out credit bans to prevent future financial misuse of your credentials
    • Be wary of secondary scams attempting to use your details

iPhone Security

  • iPhone Security

    iPhones are commonly viewed as being more secure than Android devices when it comes to hacking and viruses. When it comes to cyber security, it’s quite risky to say “never”. The operating system that Apple products use is called iOS. One indicator that iPhones, just like Androids, are vulnerable to exploitation is the ongoing advancements and updating of its iOS. This Fact Sheet gives users of iPhones some basic tips on how to improve your device security.

  • Tips to Enhance Your iPhone Security:
    • Always run the most up-to-date version of your iOS operating system. You can check this by opening:
      • 1st Step - Settings
      • 2nd Step - General
      • 3rd Step - Software Update

      • Note that while this is a really good security measure, updates may impact system performance and it’s also important to do your research!
    • Activate “Find My Phone”. If you lose your iPhone then you can log onto Find My iPhone from another iOS device or via the web and remotely wipe your device, taking your personal data with it. To remotely wipe your iPhone, log in to the Find my iPhone app (or iCloud website), select your iPhone, tap 'Erase iPhone' and confirm the action.
    • Regularly run anti-spam on your email applications you access on your iPhone – note you will most likely have to pay for these.
    • Activate a 6 character iPhone access code and ensure you are using your biometric access (Settings > Touch ID & Passcode).
    • Disable Siri when iPhone is locked (Settings > Touch ID & Passcode).
    • Avoid responding to any unknown links or attachments as an SMS (text message, email, or web browsing). Your iPhone data is just as vulnerable to phishing scams if you don’t practice safe online behaviours.
    • Revoke your Application permissions – spyware are viruses that can exploit some of your phone’s communication channels, such as your camera and microphone. Review what access you have provided your Apps by going to Settings and then Privacy.
    • Turn off auto-fill - if a hacker does manage to gain access to your iPhone, it provides them with access to all your online logins. To disable keychain and auto-fill, simply go to Settings > Safari > AutoFill and toggle off each option.
    • Turn on two-factor authentication for your Apple ID (Settings > iCloud (Top Option) > Password & Security > Two-Factor Authentication.

Cyberbullying & Cyberstalking

  • Cyberbullying & Cyberstalking

    Cyberbullying and cyberstalking is the exploitation of the online environment to harass, intimidate or threaten someone. Whilst there is some debate as to the nuances in definition between bullying and stalking online, common characteristics include false accusations, monitoring, threats, and online defamation. All forms are unacceptable and this fact sheet provide some tips on how to protect, detect and respond for individuals concerned about cyberbullying and cyberstalking.

  • Protecting Yourself Online:
    • Be cautious of anyone trying to befriend or communicate with you online.
    • Be vigilant about who you provide access to your device(s).
    • When you move away from your computer or device ensure it is locked.
    • Limit the amount of personal or financial information you post online.
    • Be careful who you trust online and keep a copy of conversations in case you need to report them.
    • If you have children talk to them about all the great things about being online, but also the risks – be honest and open.
    • Familiarise yourself with privacy and security settings for your device and the applications / software you download.
    • Disable your geo-locating services.
    • Protect your social media, email and banking accounts with strong passwords.
    • Regularly run anti-virus and anti-spyware.
    • Regularly change your passwords.
    • Be cautious opening attachments and clicking on links from people you don’t know.
    • Ensure the security on your home Wi-Fi is turned on and you have changed the default password to any modems or routers you may be using at home (talk to your service provider if needed).
    • Avoid using public Wi-Fi. If you need to, ensure you are using secure webpages and do not send information out whilst using it.
    • Talk to people you can trust to provide good advice about things you may be experiencing if you’re not sure – some bullying and stalking may not appear so when you first experience it. Get advice.
  • Detecting if things go wrong:
    • Receiving constant messages/comments from someone.
    • You might notice a change in a friend or family member’s behaviour that seems unlike them.
    • You or someone you know are receiving uncomfortable / harassing / threatening messages.
    • Information or photos have been posted without your consent.
    • Someone has access to passwords or accounts.
    • Your accounts have been logged on in different locations.
  • Responding when things go wrong:
    • If you or someone is in immediate danger call the Police (000 in Aust or 111 in NZ).
    • Don’t feel you need to go alone – talk to someone you trust or access any number of counselling services that can assist you work through what you are experiencing (eg. KidsHelpLine, BeyondBlue, LifeLine etc.).
    • Screenshot or save communications as evidence.
    • If you believe your device has been compromised and you are a survivor of family and domestic violence contact IDCARE.
    • Report cyberbullying to relevant social media site.
    • Block the sender.
    • Make a complaint to the eSafety Commissioner (Aust) or NetSafe (NZ).
    • If your image is being exploited download IDCARE’s Fact Sheet on Image Exploitation for the latest prevention and response advice.



Romance Scam advice


How to install Anti-Virus on Android Phones


How to Manage Cookies


How to Block Spam on Gmail


How to Block Spam on Hotmail


Phishing Email Detection


How to Close an Internet Pop Up


How to Turn Off Snap Chat


Small Business Phone Scams


How to Update Windows