What to do when scammed?
When the University can help:
- If you receive phishing or even junk email in your UWA inbox, please use the Report Message add-in (If using Microsoft Outlook, this is accessible from the Home tab) to flag and quarantine the message, and to help protect others from the same scam.
- For other issues concerning your University accounts and devices please contact the University IT Service Desk by calling +61 8 6488 1234 or emailing IT-[email protected].
In any other cases:
- If you feel you have been a victim of a phishing scam outside of the university, you should immediately report the scam to the company involved, like your bank. If you are unsure how to contact the company, visit the company's website to get the correct contact information. The company may have a special email address to report such abuse. Remember not to follow any links in the phishing email you received. You should type the known website address for the company directly into the address bar in your internet browser.
- If you feel you have been a victim of other scams or cyberbullying, report it to the eSafety Commissioner and the Australian Cyber Security Centre.
- If there is an immediate threat to life or risk of harm, call 000.
Important steps that you must consider when reporting a cybersecurity incident:
- Close or freeze affected account;
- Reset all account passwords;
- Contact your bank or financial provider;
- Inform family and friends;
- Scan your computer system and remove any devious programs;
- Steer clear of phishing emails.
How do you know if you've been hacked?
Some of the warning signs that you might have been hacked include:
- You are signed out of your online accounts (social media, email, online banking, etc.), or you try to login and discover your passwords no longer work.
- You receive emails or text messages about login attempts, password resets, or multi-factor authentication (MFA) codes that you didn’t request.
- You notice strange emails in your 'Sent' folder.
- You receive more spam emails — especially ones that specifically threaten or try to extort you.
- Friends or family members tell you they’ve received strange messages from your email or social media accounts.
- You receive a data breach notification from a company or service that you use.
- You suddenly receive pop-ups that claim your device is infected with a virus.
- Your devices slow down, heat up, or start to crash more often.
- You notice browser plugins, add-ons, or toolbars that you didn’t install.
- You get redirected to unwanted websites, or they open automatically behind your browser window.
- Your cursor starts moving by itself — when you haven’t touched the mouse or trackpad.
- There are suspicious charges on your credit card or bank statements.
- Your web camera light is on, even when you’re not using it for video calls or recordings.
- Your antivirus software is disabled when you haven’t changed anything.
- Google “Have I Been Pwned” and check if your email has been involved in known data breaches. If so, change the password of all the accounts affected.
How can I protect myself from social media dangers?
Do watch out for fake friend requests
It’s best not to accept friend requests from anyone you don’t know personally. If you accept a friend request from a fake profile set up by a hacker, they can not only see everything you upload to your social media, but they can also download your photos and information and set up a fake account using your name and sending requests out to all your friends.
Verify friend requests before accepting them.
Cyberbullying includes the use of social media, instant messaging, texts, websites and other online platforms to send abusive or hurtful texts, emails, posts, images or videos; spread nasty gossip or rumours online; or impersonate someone online or use their log-in; creating hate sites or implementing social exclusion campaigns on social networking sites.
When the University can help:
- For problems concerning your University accounts and devices please contact the University IT Service Desk by calling +61 8 6488 1234 or emailing IT-[email protected].
- You can drop into The UWA Living Room for a chat or the get support if you are feeling worried, stressed or upset.
In any other cases:
- If you feel you have been a victim of cyberbullying, report it to the eSafety Commissioner and the Australian Cyber Security Centre.
- If there is an immediate threat to life or risk of harm, call 000
How can I protect my accounts & passwords?
Enable Multi-Factor Authentication (MFA)
MFA is a security measure that verifies your identity by requiring multiple proofs of identity to grant you access. Rather than just asking for a username and password, MFA requires additional credentials, such as a code from your phone. It helps keep your account safe even when your password gets stolen.
For information on how to set up MFA for UWA account, please visit the University IT’s website.
Do not share your passwords
Sharing your password puts your physical and digital security at risk because it allows others access to all your personal information and provides them the power to post on your behalf or perform prohibited activity.
At UWA, it’s against the Acceptable Use of IT Policy to share your University passwords with anyone.
Use password managers
A password manager is a type of browser add-in or app on your device that stores your passwords, so you don’t need to remember them. Once you’ve logged into the password manager using a ‘master' password, it will generate and remember your passwords for all your online accounts. It allows you to use strong, unique passwords that are difficult to hack (and remember).
UWA has partnered with LastPass, a password manager to help you create, store and manage passwords for your accounts. You can create your own LastPass account for free using your UWA student email address as LastPass username. Please note that these accounts are not managed by the University.
For more information and handy cyber security tips, visit the University IT’s cyber security website.