With a week of negative headlines for Optus, you can imagine all the telcos have been locking down their security, but also fielding lots of calls from their own customers, worried about their personal data.
In response to that, and as a service to their customers, EFTM understands Telstra has this afternoon started sending emails to all their mobile customers with online safety advice.
The email, which has been sent to us by a Telstra mobile customer says “Over the past week many of our customers have reached out to us following the Optus cyber-attack with questions about how to stay safe online and to know if their data has been impacted.
To be clear, our customers’ data has not been impacted. We have however heightened our monitoring and, as cyber-attacks become more regular, and scammers become more sophisticated, we all need to remain on alert.“
Not shy in mentioning Optus, because not mentioning them would simply look like they’re pretending this isn’t happening – the email would like be hitting millions of people more than even Optus has had to contact.
A Telstra Spokesperson told EFTM the email was a direct response to customer feedback, saying “We took the decision to send communications [today] to our customers and provide tips on how to stay safe online given many of them have contacted us since the Optus cyber-attack. We are one of many businesses who have taken similar action to help our customers.“
Most curious to us though was the timeframe. There has been much criticism of Optus’ slow response and even days after the cyber attack many people hadn’t received their email.
I had blamed that on the restrictions on bulk sending of emails, but in that I was clearly wrong. EFTM asked Telstra how long it would take to send this message to their customers, and a spokesperson said “We anticipate our customers will receive this communication by close of business today.”
So Telstra can contact millions of people in one day – but Optus can’t? Something very wrong at Optus if that’s the case.
For those of us who are not Telstra customers, here’s the full email so you can see the tips which are remarkably helpful, simple, and far more detail than Optus has gone into with their customers. In part, it should be said, that’s because passwords were not compromised at Optus and some of this relates to Passwords, I can agree that it would have been confusing to talk about passwords with Optus customers when they were not in any way compromised.
We know it can be tough to make sense of what you should do to stay safe online, so we wanted to share some simple tips with everyone.
Tip 1: Switch on two-step verification with Telstra if you haven’t already
This works by adding an additional layer of security to your Telstra accounts. It means if someone other than you was trying to access your account, they would need more than just your username and password.
Where an app or a website offers two-step verification you should set it up to take advantage of the additional security it can offer, especially for your financial institution and telecommunications provider.
How to set up two-step verification for your My Telstra App
- Step 1: Identify yourself with your personal or account information as you currently do. For example, using your Telstra ID and password to log in online.
- Step 2: Verify your identity with a one-time code sent to your mobile phone number or email address, or by completing an in-app challenge using your biometrics (face or fingerprint ID), or by using your Telstra PIN.
- We recommend biometrics or Telstra PIN as more secure methods of verification.
How to strengthen your two-step verification?
- As a minimum you should verify your contact details so you can receive a one-time code to verify your identity. We highly recommend you take additional steps, such as setting up a Telstra PIN and enable biometrics such as face or fingerprint ID.
- If your identity cannot be verified with a two-step process, you may have to go in store and show a valid form of ID to update your contact details.
- Use the My Telstra App – it is a secure environment, and you can trust the messages in there are definitely from us.
Tip 2: Switch on two-step verification on your bank account and monitor transactions
Always monitor your bank accounts for any unusual or fraudulent activity and notify your financial institution immediately if something is not right.
Tip 3: Remain sceptical of unexpected communications
No matter if it appears to be from a company you use and trust, and regardless of whether it is an email, text message, or phone call. If in doubt, double-check by reaching out to a company using contact details from their official website, or their app if they have one.
Tip 4: Use strong passwords
Consider making your passwords a phrase that is unique to you. Typing a few words is easier and can be more secure than most traditional passwords. Never reuse passwords across multiple apps or web sites. You can also use a password manager to help which is an application designed to store, manage, and even generate long, complex and unique passwords for you.
Tip 5: Keep your devices updated
Protect your devices by making sure the latest iOS, MacOS, Android or Windows updates are applied. Many modern devices will automatically check for updates and apply them and do the same for apps downloaded from official app stores – so make sure you have automatic updates turned on.
Tip 6: Be mindful of what you share on social media
Limit the amount of personal information you share online like your birthday, address, or photos that identify your location, or those of family and friends. Scammers often use information they can find out about you online to make their scams more convincing.
If you feel at any time your ID may have been compromised, please reach out to IDCARE – Australia and NZ national identity & Cyber support service – Australia and NZ national identity & cyber support service.
IDCARE is an independent organisation that provides free support for those impacted by scams or fraud. Telstra’s website also has tips on Cyber security and safety or you can go to Telstra.com and search cyber security.
And as always, we are here to help. You can contact us through the My Telstra app, online messaging or call us on 13 22 00.