Cyber hygiene - staying safe online

02 Sep 2025 3 min read

Between January and April 2025, Australians reported over AU$119 million in scam-related losses, marking a 28% increase compared to the same period in 2024.¹

Between 2023 and 2024, identity fraud (26%), online shopping fraud (15%) and online banking fraud (12%) were the top 3 self-reported cybercrime types for individuals.²

While the increase in cyber scams and fraud is concerning, there are ways to improve your cyber hygiene and make it harder for people to access your information.

What’s the difference between cyber scams and fraud?

Scam: Is when someone tricks you into giving away your money or personal information. Scammers often use lies or fake stories to gain your trust.

Fraud: Is when someone accesses your accounts or funds without your permission. In many cases, you may not realise it has happened until you spot suspicious activity on your account.

Here are 3 simple ways you can combat fraud:

1. Use passphrases

Weak or reused passwords are one of the most common ways accounts get compromised. Ideally, you want to use a combination of upper- and lowercase letters, numbers, and symbols. A good way to avoid someone compromising your password is to use a phrase or a combination of words - known as passphrases. Always avoid using personal details such as your name or birthday. These sorts of details can be easily guessed.

How to come up with a passphrase

Think of four random words that have significance to you. For example, “Harry” “magenta” “Aruba” “Thunder”. You could then use those words to create your passphrase. To strengthen your passphrase, add a number and a symbol. Examples of symbols include: & % # @

Learn about passphrases in 30 seconds

2. Enable Multi-Factor Authentication (MFA)

Multi-Factor Authentication, also referred to as MFA, is a security process that requires you to verify your identity in two or more different steps before you can access an account, system, or device. The idea is that even if one layer of security (like your password) is compromised, the attacker would still need the other factor(s) to get in.

By requiring multiple types of proof, MFA makes it much harder for cybercriminals to gain access to your accounts. Even if your password is stolen, MFA can help keep your account secure.

For example:

Step one: enter your password, code or security question.

Step two: a code may be sent to your mobile phone that you then need to enter to access the account.

Tip: Be wary of scammers who may ask you for your password or code. Never share your password or code with others.

3. Keep your devices updated

Your phone, laptop, and other devices regularly receive software updates that do more than just add new features, they often include critical security patches that fix vulnerabilities hackers could take advantage of. Cybercriminals actively look for devices running outdated software because they know the weaknesses and can target them with attacks.

Delaying updates makes it easier for attackers to take advantage of your information. Think of it as locking the door to your house.

You’re likely to receive updates in the form of notifications on your mobile phone, computer, or tablet. These can include:

Operating system updates (e.g., iOS, Android, Windows, macOS).
App updates from the App Store or Google Play.
Security updates are released in between major software upgrades.

To stay safe:

Turn on automatic updates whenever possible.
Restart your devices after updates to ensure changes are applied.
Regularly check for updates manually if you have auto-updates disabled.

By installing updates when they occur, you close security gaps and make it much harder for cybercriminals to get into your systems.

Online safety isn’t about fear; it’s about awareness. By using strong passwords, enabling MFA, keeping your devices updated, and verifying senders, you make it much harder for cybercriminals to succeed. A few smart habits today can save you a lot of trouble tomorrow.

Helpful resources

If you are concerned about your finances, NGS has financial planners and super specialists who can talk to you. Please contact us on Book an appointment with a Super Specialist

If you have any concerns or are unsure if you are being scammed, please contact our team on 1300 133 177

¹ https://www.accc.gov.au/media-release/national-anti-scam-centre-calls-for-stronger-business-role-to-disrupt-scams
² Annual Cyber Threat Report 2023-2024 | Cyber.gov.au

This is general information only and does not take into account your objectives, financial situation or needs. Before acting on this information, or making an investment decision, consider whether it is appropriate to you and read our Product Disclosure Statements and Target Market Determinations. You should also consider obtaining financial, taxation and/or legal advice tailored to your personal circumstances before making a decision. This information has been issued by NGS Super Pty Ltd ABN 46 003 491 487 as trustee of NGS Super ABN 73 549 180 515, RSE Licence L0000567 and AFSL 233 154.

Links to third party websites have been provided for your convenience. Any views expressed on those websites do not necessarily reflect the views of NGS Super. NGS Super accepts no responsibility for the content of third party websites that are linked to this website.

Call us on 1300 133 177 if you would like to speak with us further, or you can discuss matters with one of our NGS Super Specialists, or an NGS Financial Planner.

Discover more

How to protect yourself from online scams