Cyber safety

Your UniSQ password gives you access to your files and systems such as the Student Centre and StudyDesk. To keep yourself and UniSQ safe, ensure you never use your UniSQ password on any other site, account or app, and never share your password with anyone (we will never ask you to disclose your password).

Passphrases are a stronger, easier to remember type of password and are highly recommended as they are harder for hackers to crack. Passphrases use real words, are very long and often contain numbers and symbols to add to the complexity. The best passphrases are those that use a random mix of words, e.g. PineapplePetaPoursPort3timesaday

DUO Multi-factor Authentication (MFA) helps protect your data by adding an extra layer of security when logging into UniSQ systems. 

Multi-factor is known also as two factor authentication (2FA) as it requires two separate factors to identify yourself.

• Something you know (your UniSQ Username and Password)
• Something you have (code or push notification sent to your mobile, push notification, hardware token etc)

MFA is extremely effective at preventing malicious cyber-attacks as the they do not have the “something you have” factor.

Below are some helpful AskUniSQ articles for students:

What is Duo and Multi-Factor Authentication?

How do I add Duo to my Phone?

How do I enrol for Duo Multi-Factor Authentication (MFA)?

What about my privacy with the Duo mobile app?

For staff please refer to the ServiceHub Knowledge Base article Duo Multi-Factor Authentication.

Portable storage devices like USBs and hard drives are a convenient way to store and share data, however it is important to be mindful of the following: 

• What type of information you are storing on the device? Is it research data, confidential documentation or maybe your Thesis? If you need to save sensitive content, consider an alternative storage solution that cannot be easily lost or stolen by an unauthorised party. 
  
  
• Where are you using the device? Plugging storage devices into multiple computers increases the risk of cross contamination. If you have picked up a virus or malware in one machine, you may infect subsequent devices you connect to.
  
  
• How did you obtain the device? Targeted hacking can occur when USBs or portable hard drives are left in places where students can pick them up, thinking they are lost or unwanted. When these devices are plugged in, a virus or malware can be automatically downloaded, creating a gateway to your data as well as the University's network. Avoid looking at the contents of a unfamiliar storage devices and pass these onto the ICT Service Desk at your campus.

UniSQ offers all students free, anti-virus software called Sophos as Home. This software constantly monitors your computer and mobile devices for threats such as malware, viruses, trojans, worms, bots, and unwanted apps.

Sophos at Home can be installed on up to ten Windows or Mac computers plus Apple and Android tables and phones. 

Phishing is when cyber criminals email, text or phone you with the goal of tricking you into sharing sensitive information or data (such as usernames, passwords, credit card details).

In email and text communication, it can involve asking you to click on a link that will download malware or a virus onto your device if opened. Be aware of the following:

• Anyone asking for your password or asking you to click on a link and enter your password. UniSQ and other reputable organisations (e.g. Banks, Tax Office, Centrelink) will never ask you to disclose your password. If you think the message is legitimate, avoid clicking on the link within the message. Navigate to the website and sign in from there.
• Spelling mistakes. Emails with spelling errors are a common indicator of a phishing attack. If you are unsure, contact the company directly.
• Generic greetings. Be careful of messages beginning with a generic greeting like ‘Dear Customer’. Legitimate emails are likely to use your name which the company will have on record. 
• Email addresses that don’t look right. Any emails sent from UniSQ will end with XXX@unisq.edu.au. Be careful of email addresses that are similar, but not the same e.g. smith@uusq.edu.au etc.

Protect yourself by looking out for suspicious emails, texts and phone calls. If you are ever unsure, check with the ICT Service Desk.

For more information watch our short Don’t Get Phished UniSQ video.   

A simple way to protect your mobile device is to keep it updated. Android and IOS updates often release new security features or fixes and the sooner you update your device, the sooner your device will be more protected.

New scams and cyber attacks are being created all the time which makes it difficult to know what’s real and what isn’t. The Australian Cyber Security Centre (ACSC) Alert Service is free for Australians and provides easy-to-understand online security information about recent online threats and vulnerabilities within an Australian context. The service also provides solutions to manage risk to devices or computer networks.

When an organisation is hacked, cyber criminals can steal customers information which can then be sold to unauthorised parties. This information can then use it to try and break into online accounts and apps. Checking your passwords and emails is a simple, quick way to check how cyber safe your accounts are right now.