see also:

• personal IT security for health professionals

• security for you finances and even your personal identity in the business world is becoming more and more difficult to ensure and more problematic to manage the ramifications such as changing all direct debit billings.
• if one is travelling overseas in tourist destinations there is a HIGH probability that your wallet or purse will be stolen, or at least that your credit card will be compromised.
• here are some tips to help reduce risk

• these became more prevalent in 2022-23
• hackers take the first six digits of a card (called the Bank Identification Number or BIN) then use brute force trial and error methods on online shopping sites to find valid combinations of the remaining 10 card numbers (these have to match a pattern so combinations are not as many as one would think), expiration dates and card security codes to see if that card is active, and then if so sell the details or use it for fraudulent activities
• “Mastercard, the world's second-largest payment processor, said its cybersecurity system SafetyNet — aimed at mitigating large-scale fraud, such as BIN attacks — blocked $13.1 billion in fraudulent transactions across Australasia in 2022” ¹⁾

• these could be scam websites, or the provider may get hacked - either way they get your full credit card details and your billing address
• use PayPal where possible

• to minimise the wasted time and effort, and potential for disrupted services from non-payment, resulting from a stolen card, particularly while you are overseas, it is wise to ensure that the credit card you take with you in person is NOT IN ANY WAY connected with the credit card you use for all your direct billings.
• if you have a credit card stolen, the credit card provider will CANCEL THAT card PLUS ALL OTHER CARDS LINKED to that card such as those in your spouse's name.
• you will also LOSE ALL ACCOUNT TRANSACTION DETAILS on the stolen account!
• thus have a separate credit card for direct debits and keep it physically safe and don't carry it on your person
  • check the various offerings from the banks as to which suits you best in terms of:
    • annual fee
      • in 2014:
        • NAB VISA Low Fee credit card: $30 but no insurance and no rewards points
        • NAB VISA flybuys credit card: $65 (adds warranty, 90day cover plus travel insurance)
        • NAB VISA Virgin Velocity credit card: $150 (also gives Price Protection Insurance)
        • NAB VISA Qantas Rewards Premium credit card: $250 (also you get an AMEX card as well, Price Protection Insurance, Qantas frequent flyer sign up fee of ~$90 is waived)
        • Westpac comparisons
    • credit limit
    • interest-free days
    • interest rate if you are silly enough to actually have to pay these exorbitant interest rates or take cash advances
    • rewards points
      • most VISA cards now only offer 0.5pts per $1 spent (AMEX offers 1.5pts usually but few local services take AMEX and if they do they will hit you with a surcharge)
      • 200 frequent flyer points equate to ~$1 in redeemable purchases, to earn sufficient points to cover a $50 increase in annual fee for the Westpac Altitude card (1pt per $1 spent), you need to spend over $10K per year.
    • 12mth extended warranty and 90 day accident or theft insurance on purchased goods plus travel insurance
      • NAB appear to use Chubb insurance see the NAB insurance document (pdf)
      • see travel insurance
    • other features

• many people rely on their credit card account transactions to assist with their tax return, budgets, etc.
• if a credit card is stolen and you have it cancelled, you will LOSE ALL ACCOUNT TRANSACTION DETAILS available online.
• keep a copy of these transactions to avoid this issue.

• contactless payments such as Visa payWave have increased the incentive for thieves to steal your card then run up big bills using this technology without even needing to know your PIN.
• you can minimise risk by using a prepaid DEBIT card and only have a small amount of cash in it
• of course, this will require frequent topping up of the balance.
• eg. Virgin Velocity Prepaid card:
  • no charges as long as you use it other than ATM fees
  • you load it up in $A via a BPay transaction from your bank account, and can move money into up to 4 other currencies (Foreign Exchange fee of 3%) if travelling overseas
  • purchases in Australia earn 1 Virgin point per $A2 spent (half the usual rate for most cards)

• phishing emails can look very authentic such as from the ATO, your internet provider, banks, etc.
• they usually provide a URL link to a website for you to log in and this looks authentic but will take you to their sites where they can then extract all kinds of critical data from you which will compromise your accounts and even allow them to steal your identity
• only click links within emails if you are 100% sure they come from a safe sender (this will NOT be a bank or the ATO - they NEVER send you emails!) AND when you hover over the link, the destination cue reflects what you would expect it to be and not some overseas URL.
• even then they are becoming extremely well disguised - see Google Docs phishing scam

• your email account password (or your phone with email set up) is all a thief needs to access almost every online account you have including your bank accounts
• keep it safe and make sure it is a secure password
• if you think it may have been compromised, change it immediately
• consider using a separate email account as the password reset account for all your online accounts so you are not constantly using that account and thus limit risk of its compromise
• where possible add extra security measures such as SMS notifications (although this won't help if you lose your phone as well!)

• see personal IT security for health professionals

• if you connect to a public WiFi hotspot you should assume thieves maybe sniffing the network traffic for your passwords being sent to websites to which you are accessing - including your email password, bank passwords, etc.
• this is particularly the case in tourist areas
• protect yourself by either:
  • only access sites that do NOT use your passwords - but even then your email or other apps may automatically check for updates in the background without you realising it
  • only send passwords via either:
    • SSL secure websites as these will encrypt your transactions
    • a VPN you have signed up to as these will encrypt all your network

• thieves will be quick to make the most of your card
• the earlier you notify your credit card provider (eg. Visa) of potential loss or compromise the better chance you will have of limiting your liability and losses BUT they will CANCEL the card and any linked accounts
• if you lose your SmartSalary meals card - hopefully this will happen during normal bank hours (allow 1-2 hours at the bank to get it sorted out and a new card to be mailed to you)
  • if after hours, then it will be a problematic process getting SmartSalary and ANZ getting new cards sorted out for you (2014)

• emailed invoices can be compromised by hackers who can intercept an email, change the banking details of an invoice to a fraudulent bank account set up in a false name and then re-send the invoice
• always double check with the invoice owner via a txt message or some other method, particularly if the transfer is for a large sum of money
• the probability of having this money recalled is very low indeed as:
  • the bank account is usually in a fake name and the money withdrawn rapidly
  • the scammers are generally international and Interpol will only investigate fraud matter in excess of $1,000,000 loss
• see https://www.abc.net.au/news/2020-11-24/business-email-scam-tradies-computer-hacked-costs-51000/12817584 for an example of this hack