Skip to Content

Cyber Safety

Staying safe online

Web browsing

Protecting yourself by securing your devices, software and connections is important, but making the right choices when doing things on the web can make a huge difference to your safety online.

  • Sites with un-safe pop-ups

    We visit countless websites every day. But not all of these websites are completely safe. Even safe websites can have unsafe pop-ups. These pop-ups can take you to dodgy websites which automatically download viruses. It’s critical that you look out for unsafe websites so you can protect yourself online.

  • Downloading from un-safe sites

    We often download useful software or content from the internet. In our search for the right stuff, we sometimes find ourselves on dodgy sites. It’s important to protect yourself from unsafe downloading sites. Never download files from unsafe sites.

  • Sites with multiple download buttons

    Everyday, we visit a wide variety of websites. It’s important you know if the websites you visit are unsafe. Do they have pop-up windows or multiple download buttons? Avoid these dodgy sites and keep safe.

  • Check site security in Google Chrome

    Check if your website connection via Chrome browser is safe and secure.

  • Check website category

    If you think a website you want to visit might be harmful, check the classification of the website.

  • Apply security on Firefox

    Take a further step and explore a bunch of useful information on how you can apply security features on your Firefox browser.

Remote meetings

With many of us now using Zoom on a daily, if not hourly basis, we have put together some tips to help you keep cyber safe:
  • Consider using a password for private meetings.
  • A meeting co-host is a great idea to assist facilitating large sessions.
  • If you need to record the meeting, verbally announce this at the start.
  • Be aware for Zoom related scams, Monash meetings will always use
  • Ensure you are running the latest version of Zoom on all your devices.
  • In line with the Student General Conduct Policy, meeting invitations or passwords must not be shared with people who are not supposed to be in the meeting.
  • Your lecturer or tutor will invite you to classes with a provided password.
  • At the start of your class, your lecturer or tutor will tell you if the session is being recorded and you’ll be asked for your consent.
  • You can turn off your camera and microphone if you don’t want to be recorded.
  • When setting up your own zoom meetings, use a password.


From time to time, we all received phishing emails trying to deceive us to visit unsafe websites or download a malicious link. Some of these phishing emails even threaten to hold people to ransom by using compromised data they have found online by using target victim's previously compromised online data information.

Learn more about different phishing methods below so you can identify malicious communications.

  • Phishing emails with un-safe links

    We all send emails on a day to day basis. Some emails have links which can take us to unsafe sites. Do you know what a dodgy link looks like? We all need to be wary of dodgy links which can put us at risk.

  • Not all URLs that appear safe really are

    Everyday, we get a torrent of emails. Not every email addressed to us is safe. Some of these emails have URL links which take us to dodgy sites. They can compromise our computer and our personal details. It’s important that we keep a lookout for bad URLs.

  • Bitcoin blackmail

    A popular phishing scam is to blackmail victims demanding the ransom be paid in bitcoins. Do not respond to the scammer in any way. The scammers do not have the information about you that they claim to have.

  • Phishing email to get your university account details for Library / research resources

    Did you know that your library account never expires? If you get an email asking to reset your password for library access, delete it! It is a phishing email trying to scam you into giving potential hackers your login credentials. Monash University will never ask you to verify your account details via email. Check out more on how this recent popular attack has been spreading among targeted universities and how the stolen credentials are being used.

  • 'Are you available?' phishing email

    This type of phishing email is considered as Spear Phishing. The attacker uses the publicly available information such as first, last names and email of Leadership Team members in the faculty from University. Pretending to be the leader of the faculty and asking a favour example; buying gift card for last minute arrangement. It is always worth checking the "from" field of email address to ensure if it is from the legitimate person, as well as verifying from different communication channel such as calling landline directly. Learn here for more real-like email scam and how to avoid them.

  • Deceptive phishing

    Impersonating a legitimate company in an attempt to steal personal information and login credentials credentials. Deceptive phishing is the most common type of phishing. In this case, an attacker attempts to obtain confidential information from the victims. Attackers use the information to steal money or to launch other attacks. This will ask you to click a link and verify your account details in an effort to collect personal information.

  • CEO fraud

    Using stolen credentials to pretend to be an organisation's CEO to authorise the transfer of funds to a financial institution of their choice and pretend as one to authorise funds transfer to financial institution of their choice.

  • Pharming

    Directory Name Server attacked to change the IP address of legitimate website changed to redirect you to an unsafe website without your knowledge redirect user even with correct website name. Only connect to websites with valid HTTPS (the green padlock).

Social media

There are many online platforms or applications that involve the sharing of large amounts of personal information. You can protect your privacy by being aware of, and actively using, the privacy settings of these platforms and your devices, as well as understanding your legal rights.

  • Post visibility

    Do you know who can see what you post on social media? Your social media sharing settings can change without you knowing. Be careful of what you share, and who you share it with.

  • Online activity

    You never know who’s watching you online. Make sure you update your privacy settings every six months to know who is watching.

  • Profile visibility

    Everything you post online can be seen by your virtual audience. Do you know who your audience is? You may have a bigger audience than you think. Check your social media privacy settings often and keep yourself protected.

  • Identity theft

    Learn the type of information you shouldn't share on social media and how they lead to identity theft and fraud.

  • Facebook

    Who do you want to see your posts and comments? Understand the general audience options such as Public, Friends, Custom, Only me. Check and manage your audience on Privacy Settings and Tools. Guard your personal information and control your timeline. Important take-home note is there is no 100% private on Internet even with all privacy settings in place, so be mindful of the sharing information and whom you are sharing with.

  • Twitter

    To keep your account private, check "Protect my tweets" under Settings>Privacy. Keep your location private by un-checking "Add a location to my Tweets". Always re-check your followers. By default, Twitter is a public network and anyone will be able to follow you and see what you tweet. Keep in mind that the main keyword here is “public” – every little thing that you tweet will be available online, for anyone who wants to see it.

  • Instagram

    Keep you photos private. Take note of the geo-location data for posted photos. Recommend to switch off Photo Map at the Center to protect the your whereabouts information. No, you can’t make your Instagram followers “unsee” a photo (oh, if only you could), but you can delete it from your photo feed even after you’ve shared it.

  • LinkedIn

    Do you know that oversharing your career history could lead to tax fraud, social engineering, identity theft and could even lead to leaking sensitive information. Be mindful of the details you publish in your profile and always re-check who can view your contact details, full resume and profile. Recommend to only allow first-degree connections to see your picture.

Passwords and authentication

A strong password is your first line of defence against intruders and imposters. Passwords allow you to protect your personal information and online identity, however they aren't that effective on their own anymore. Here you will learn how to create a strong password, where you can store your passwords and how to enable multi-factor authentication.

  • Creating a strong password

    Can you remember all your passwords? Are they easy to remember? If you’ve answered yes to those questions, chances are, they’re probably easy to crack as well. Make your passwords stronger by using different phrases that are hard to guess. If you're worried about forgetting them, you can use a password manager.

  • Password managers

    We all try to keep our accounts safe by using different passwords. Sometimes this becomes too much, and we forget them, leaving us frustrated and more inclined to smash our keyboards. Password managers help avoid this by storing them all in one easy to use secure location.

  • Multi-factor authentication

    Monash University enforces MFA to keep your account and data safe. What is keeping your personal accounts safe? Have you turned on MFA for Facebook, Gmail, Instagram, WhatsApp, etc? Learn how to turn on MFA for these accounts.

Antivirus protection

A computer virus, much like a flu virus, is designed to spread from host to host and has the ability to replicate itself. Similarly, in the same way that flu viruses cannot reproduce without a host cell, computer viruses cannot reproduce and spread without programming such as a file or document. Learn more about how they work and how to protect yourself.

  • All devices can be vulnerable to viruses

    Did you know, computers aren’t the only devices that can get viruses. Mobile phones can also be vulnerable to malicious software. Downloading apps from outside the app store can lead to viruses. It’s important that we keep our mobiles safe and only download apps from the official app stores.

  • Viruses from third party apps

    Learn about the risks of third party app stores and how you can safeguard your devices from viruses.

  • How viruses can infect your devices

    Learn the risks of jailbreaking, rooting and side-loading of your device and the dangers of not using the official app stores.

  • Malwarebytes

    Learn about this great tool that can clean your laptop or PC of viruses.

  • Windows Defender

    Another great tool to prevent your PC form getting viruses is Windows Defender. It is free so use it and make sure it is up-to-date.

  • Signs of a computer virus

    A computer virus attack can produce a variety of symptoms such as frequent pop-up windows, changes to your homepage, mass emails being sent from your account or unknown programs that launch when you turn on your computer.


Keeping your computer or mobile device and its software up to date is crucial to staying safe and maintaining your security. Here you'll learn about why it is important to allow updates.

  • Get latest software update for your devices

    Everything, from our phone apps, to our computer and laptop software, needs constant updating. We know it can be frustrating to do, and we all put these updates off as long as possible. But these updates are important. Outdated software can leave us vulnerable. Keep yourself protected by making sure your software is up to date.

  • Set software to be updated while you sleep

    Are you bombarded with notifications to update your phone? Can’t find the time to update it? Do it while you sleep. Updating your phone is an integral step to keeping it and your data safe. Find the time to update your phone now and get on with your day, without the worry.

  • Stop putting off software updates

    We all need to keep our computer and anti-virus software up to date. Any time we ignore these updates and put them off for another day means that our computers are put at risk. This means our sensitive details and files are also at risk. Don’t put it off, update your computer now.

  • Make installing updates a top priority

    Learn how you can set auto update for Windows, Apple OS / iOS, Android, Google, Anti Virus and plugins for your different devices.