ACCOUNT SECURITY 

Maintaining the security of your Ausblock account is crucial. By following the best practices below, you can help protect your digital assets and personal information from potential threats. Here are the essential precautions to safeguard your account: 

Use a Strong Password

Password Complexity 

  • Use at least 8–12 characters, including a combination of upper-case letters, lower-case letters, numbers, and special characters (e.g., !, @, #, $, etc.). Using a password generator can significantly enhance your password security because it automatically creates long, random, and complex passwords that are less vulnerable to brute-force or dictionary attacks. 
  • Avoid predictable strings such as “1234,” “password,” or common dictionary words (e.g., “qwerty”). 

Password Uniqueness 

  • Never reuse passwords across multiple websites or platforms. If one service is compromised, attackers could potentially access all other accounts using the same credentials. 
  • If you suspect your password might have been leaked or used elsewhere, update it immediately. 

Regular Updates 

  • Change your passwords periodically (e.g., every 3–6 months). 
  • Always update your password right away if you notice suspicious activity or if you hear about major data breaches. 

Secure Storage 

  • Use a reputable password manager if you have trouble remembering multiple complex passwords. 
  • Avoid writing passwords down on paper or in unencrypted digital notes.

Enable Two-Factor Authentication (2FA)

What is 2FA? 

  • Two-Factor Authentication (2FA) requires you to enter a second verification factor in addition to your password, which could be a temporary code from an authenticator app or a unique SMS code. 

How 2FA Enhances Security 

  • If attackers somehow obtain your password, they still need access to your second factor (e.g., a phone or authenticator app) to log in. 
  • 2FA effectively reduces the risk of unauthorised logins caused by stolen or weak passwords. 

Types of 2FA 

  • Authenticator Apps: Apps like Google Authenticator, Authy, or Microsoft Authenticator generate time-based one-time passwords (TOTPs). 
  • SMS Verification: You receive a code via text message. Though convenient, SMS can be less secure than an authenticator app due to potential SIM-swapping attacks. 
  • Hardware Tokens (advanced option): Physical devices generate or store one-time codes. This option offers higher security at an additional cost. 

Setting Up 2FA 

  • Navigate to your Security Settings on Ausblock’s website or mobile app. 
  • Select Enable 2FA and follow the instructions to link your authenticator app or set up SMS verification. 
  • Store any backup or recovery codes securely in case you lose access to your primary device. 

Set Up Anti-Phishing Measures

Recognising Fake Emails 

  • Phishing emails often use urgent or alarming language, request sensitive information, or contain suspicious links. 
  • Check if your personalised anti-phishing code is present. If it’s missing or incorrect, do not click any links in the email. 

Reporting Suspicious Emails 

  • Never reply to emails that appear suspicious or request your account details. 
  • Forward them to the official Ausblock support address for verification. 
  • Delete or mark these emails as spam after you’ve confirmed they’re fraudulent. 

Manage Your Devices and Login IP Addresses

Viewing Your Device List 

  • Ausblock’s Security page or dashboard provides a list of devices (e.g., desktops, mobile phones, or tablets) that have accessed your account recently. 
  • Check the device name, the operating system, and the approximate login location. 

Recognising Unfamiliar Devices 

  • If any device or location listed seems suspicious, immediately remove it from your trusted list. 
  • After removing unknown devices, change your password and revoke any active sessions on other devices to ensure nobody remains logged in. 

Login Notifications 

  • Enable notifications (push or email alerts) so you are informed when your account is accessed from a new device or location. 
  • If you receive a login notification that you did not initiate, investigate promptly. 

Keep Your Personal Devices Secure

Antivirus and Anti-Malware Software 

  • Install reputable antivirus software on your computer and regularly update virus definitions. 
  • Run scheduled scans to detect and remove malicious programs. 

Operating System and Software Updates 

  • Keep your device’s operating system, web browsers, and apps updated. Security updates often patch known vulnerabilities that attackers could exploit. 
  • Enable automatic updates where possible to ensure you don’t miss critical patches. 

Safe Network Usage 

  • Avoid using public Wi-Fi for sensitive transactions like logging into Ausblock. 
  • If you must use public Wi-Fi, consider using a Virtual Private Network (VPN) to encrypt your connection. 

Physical Security 

  • Set up passwords or biometric locks (e.g., fingerprint, facial recognition) on your devices. 
  • Always lock your devices when they’re not in use to prevent unauthorised access. 

Beware of Phishing Scams

Common Phishing Tactics 

  • Attackers may disguise themselves as reputable companies, coworkers, or government agencies, often using urgent messages to trick you into clicking suspicious links or sharing confidential information. 

Email Content Inspection 

  • Always review the sender’s email address closely. Scam emails can appear almost identical to official ones except for small typos or unusual domain names. 
  • Be wary of any request that asks for your password, 2FA codes, or other sensitive information. 

Verifying Authenticity 

  • If you have doubts about a link, manually type the official Ausblock URL in your browser instead of clicking on the provided link. 
  • Compare any suspicious message with official communications you have received from Ausblock in the past, especially if the message uses inconsistent branding or style. 

Refer to the ‘Scam Protection’ section below for scam protection guidance and the proper reporting channels.

Watch Out for Suspicious Links and Attachments

Safe Browsing Habits 

  • Hover over links before clicking to see their actual URL. Malicious links often have odd or shortened URLs that don’t match legitimate websites. 
  • Use tools (like browser-based or third-party security scanners) to check if a link is safe. 

Attachments from Unknown Sources 

  • Before downloading any attachments, confirm the sender’s identity. 
  • Use antivirus software to scan files before opening them, especially if they come in unsolicited emails. 

Browsing Vulnerable Websites 

  • Avoid visiting sketchy or suspicious websites. Some may force-download malware or use drive-by download attacks that infect your system without your knowledge. 

Protect Your Personal Information Offline

Secure Physical Documents 

  • Store important account details (e.g., backup codes, recovery phrases) in a locked drawer or fireproof safe if you keep them on paper. 
  • Shred or securely dispose of documents that you no longer need. 

Access Control 

  • Limit who has physical access to your personal devices (e.g., computers, smartphones, USB keys). 
  • Consider using full-disk encryption on laptops or external storage devices to protect data in case of theft. 

Private vs. Public Discussions 

  • Avoid discussing account details, passwords, or other sensitive information in public or on social media. 
  • Scammers may monitor social platforms for clues about your account security practices.

Contact Support Immediately if You Notice Anything Suspicious

Importance of Early Reporting 

  • If you suspect fraudulent activity (e.g., unauthorised trades, password reset notices, strange withdrawals), contacting Ausblock’s Support Team quickly can help mitigate or even reverse the impact of an ongoing breach. 

Gathering Evidence 

  • Save screenshots of any suspicious messages, login attempts, or unauthorised transactions as evidence. 
  • Keep records of dates, times, and any relevant transaction IDs to streamline the investigation process with customer support. 

Updating Security Measures 

  • After any incident, review and strengthen your security steps. This might involve resetting passwords, updating 2FA methods, or reviewing active sessions. 

Scam Protection Protocols

Get in touch 

If you believe your personal details may be compromised, it is recommended to contact your banking provider, healthcare provider, and any government services immediately to report any possible ID takeover. 

Report it 

Report the scam via the Australian Cyber Security Centre or Chain Abuse. Reports may be referred to the police for possible investigation. 

Take control and stay protected 

Change your passwords and PINs straight away if you suspect your security has been compromised. Change these regularly as a preventative measure, and consider enabling multi-factor authentication where possible. 

Seek support 

Contact IDCARE on 1800 595 160. IDCARE is a free, government-funded service that provides support to victims of identity crime. 

Visit the ScamWatch and MoneySmart website for more information on scams. 

Securing your Ausblock account requires proactive measures that span digital and physical practices. By setting strong passwords, enabling 2FA, monitoring your login activity, and staying vigilant against phishing, you can significantly reduce the risk of falling victim to cyberattacks. Always use official Ausblock resources and contact support at the first sign of trouble to keep your digital assets and personal information safe. 

Last Updated: 13 March 2025