Online Security

Please be aware that some external security tools and software may have associated fees and charges. Should you require further assistance with any Security Tools please contact us on 1300 665 076.


1) Why is online security so important?

2) The importance of selecting a secure password?

3) Tips for remembering your password?

4) Now that I have my password, how can I keep it secure?

5) Quick tips to help you identify “phishing” email scams

6) How is aaNet actively dealing with these phishing emails?

7) I suspect that I have been sent a fraudulent email. What should I do?

8)What other steps can I take to improve my security online?

9) How can I learn more about online security?

10) Past phishing alerts


1) Why is online security so important?

Each internet user has the personal responsibility to ensure that their personal information online is secure. By developing an effective understanding of online security best practices and by following a few simple guidelines, you can help to safeguard sensitive information relating to yourself, your friends, family or work colleagues.

With your help, we can also work towards reducing the frequency of fraudulent online activities.  

2) The importance of selecting a secure password

Selecting a strong password is often the first step towards protecting yourself online. By following a few of the simple guidelines listed below, you can significantly improve the strength of your password.

What to do 

1) Select a password which is at least 8 characters in length

2) Use a combination of lower case letters, upper case letters and numerals

3) Combine two words to form a new word

4) Substitute a number for a letter (eg. S = 5, E = 3 I or L = 1, 0 = O)

5) Select a number of characters which will be memorable to you, but will also be unique.

6) Change your password every 6 months

What to avoid

1) Passwords should not contain personal details such your username, name, DOB, address or maiden name

2) Avoid using words which can be found in a dictionary or an Atlas

3) Try to avoid using the same password for multiple accounts

4) Avoid repeating letters, numbers or sequences in your password (eg. Qwerty88 or Abc123456)

5) Do not store your password in obvious places, it is always safer to commit your password to memory

3) Tips for remembering your password

1)Select a password which may appear random, but has personal significance for you. Eg.- Use the first letters of the title of your favourite song, book or quote or combine the names of your first two pets to form a unique word

2) Use words which you have made up, a slang nickname

3) Create a strong master password. You could then use this password for multiple accounts by making small changes (eg. if the password is for aaNet, you could add “Aa” after the 5th character of your password).

4) Now that I have my password, how can I keep it secure?

One of the most common ways that scammers can gain access to your personal information is through “phishing” emails.

Phishing is a term used to describe the fraudulent process of attempting to obtain confidential information such as usernames, passwords and credit card details via the Internet, by posing as a trustworthy source.

For example: A fraudulent email claiming to be sent from aaNet, encourages you to reply with your personal account information including your username, password and date of birth. This email also threatens that unless this information is sent through within the next 48 hours, your aaNet webmail account will be closed.

5) How is aaNet actively dealing with these phishing emails?

As part of our ongoing effort to ensure your online safety, please rest assured that we are making every effort to identify, report and block the source of these phishing emails.

This page also includes regular examples of the latest phishing email alerts which target aaNet or any of our subsidiaries.

We are confident that by keeping you fully informed of these fraudulent activities, combined with the continued vigilance of our customers in reporting these scam emails, we will minimise any inconvenience they may cause.

6) Quick tips to help you identify “phishing” email scams 

1. Check the “From” email address line

Phishing emails may contain a fake email address in the "From" email sender line. If you have not seen this email address from aaNet before, the “reply to” address is not a standard aaNet.com.au address, or the email address has been slightly altered (eg aanett.com or aaa.net) then the email you have received could be fraudulent.

2. Check the aaNet customer greeting

The distributors of phishing emails will generally not have access to your name, therefore many of these emails will contain greetings such as “Dear Account User” or “Dear aaNet Email User”.

3. Look for response deadlines

Many of these phishing emails will set a deadline for the update of your personal account information. These emails also claim that unless your account information is updated before a specified deadline, your aaNet email account will be closed.

4. Email links or forms

Phishing emails generally contain a link which will redirect you to a bogus website or space in the email to enter in your personal information. Please be aware that these external links can be faked and when in doubt, it is always safer to type www.aanet.com.au directly into your internet browser.

5. A request to reveal personal information

Please be aware that aaNet will never request that you disclose your personal details via email due to the security implications. Any email which requests your aaNet username, password, date of birth, state or credit card information is clearly a phishing email and should be treated with extreme caution.

7) I suspect that I have been sent a fraudulent email. What should I do?

If you have received an email you suspect is masquerading as an official aaNet communication, please send a copy of the email using our online form

To help us to identify and block the source of “phishing” directly relating to aaNet, we also request that you send through the fraudulent email message headers to our customer accounts team.

To view these email headers in aaNet Webmail simply:

1) Log into aaNet Webmail

2) Open the message you'd like to view headers for

3) Click the "View Full Header" option

4) The full headers will appear in a new window

5) Copy and paste this text alongwith the email and send it to us via our online form.

For more information on how to locate these headers, please visit the Gmail header support page.

8) What other steps can I take to improve my security online?

1. Delete any emails you suspect are SPAM.

If you receive an email you suspect is SPAM, we recommend that you delete the email immediately. Please do not reply to these emails or click on any links they may contain, as this will just confirm to the spammer that your email address is currently active and may result in your email receiving more SPAM.

2. Download and install regular updates and patches for your operating system 

Check Windows Update regularly and follow the directions to install the latest security patches and critical updates onto your system.

To enter Microsoft Windows Update, please select the “Windows Update” option on your start menu and follow the prompts.

3. Install and update third party Anti-Virus protection

A computer virus is a program which can infect a target computer and copy itself to spread among other connected computers. Once infected, your computer may no longer be secure and could be used for a number of fraudulent activities including online identity theft, modification of your personal files, stealing your personal information, distributing SPAM email or spreading the virus to other computer systems.

Anti-Virus software is used to identify, quarantine and remove any viruses which may be present on your computer, as well as helping to safeguard your system against subsequent infections. There are a number of free anti-virus alternatives which may give you a basic level of cover, however for more comprehensive cover you may wish to consider subscribing to one of the following providers:

AVG Anti-Virus - Free Anti-virus and Anti-spyware security software for Windows XP
Avira Anti-Virus – Free Anti-virus, Anti-Spam and firewall protection
Norton Anti-Virus - Norton Anti-virus, Internet security, and anti-spyware home services

*Please note that aaNet does not provide support for these third party software applications

4. Install and update Adware and Spyware removal tools

Spyware / Adware is potentially harmful software which is designed to infiltrate and/or damage a computer system without the informed consent of the end user. Any personal information intercepted via spyware may then be used by an unauthorized third party to commit fraudulent activities.

To safeguard yourself against Spyware or Adware, you may wish to consider install and regularly run and update the following third party applications.

Lavasoft Ad-Aware - Free Anti-virus, Anti-Spyware removal software
Spybot – Search and Destroy – Free Anti-Spyware removal software

9) How can I learn more about online security?

For more information on how to protect yourself and your family online as well as updates relating to the latest “phishing” emails, please visit:

The Australian Communications and Media Authority - Spam and e-Security
The Australian Government’s Stay Smart Online Initiative
The Australian Competition and Consumer Commission – SCAMwatch
Fraud Watch International – Phishing Alerts

10) Past phishing email example

**Please note the following email is an example of a recent fraudulent phishing email **


 Phishing Alert Date: 04/12/2009 **NEW**


Dear aaNet.com.au Webmail User;

This mail is to inform all our{ aaNet.com.au } webmail users that we will
be upgrading our site to help block spam. We are also having congestion due to the anonymous registration of accounts so we are shutting down some accounts and your account is among those to be deleted.

We are sending you this email to verify and let us know if you still want to use this account. Due to the congestion in mail server, Webmail would be shutting down all unused Accounts. To confirm your active account, you are require to send us your E-mail account details listed below. These information would be needed to verify your account and to avoid being closed;

  1. * E-mail:
  2. * User ID:
  3. * Re-type Password:
  4. * Password:
  5. * Date of Birth:

Waiting to receive the details of your two emails. Warning!!! Account owner that refuse to send this information after one weeks of receiving this warning will lose his/her aaNet.com.au webmail account permanently.

Regards,

aaNet Webmaster Help Serivce.

 Phishing Alert Date: 20/04/2009 **NEW**


-------Original Message-------
From: aaNet.net.au Support Team.
Sent: Monday, 20 April 2009 6:01 AM
To: undisclosed-recipients:
Subject: Account Activation from aanet Limited

Customer Attention:

This notification email is been sent to you from aaNet.net.au
administrator in accordance with the Deadlock of our JavaScript Network
System which has cause our Systems Administrator Data's Lock Problem. Hereby
we encountered unsecure network security of JavaScript and due to the risks
involve; we need to perform maintenance in replacement of its identities as
part of this maintenance your account will be close from access.

To be safe, we have decided to upgrade to a New Network Server and
bear in mind that your account will be restricted from access in few days
from today. But know that your email account will be suspended or cancelled
due to access denied from our new improved "Network Server Systems" where
most emails are be sent and returned as failed delivery due to blacklisted
of our I.P. Address.

In received of the above message, hence you need to upgrade your Account to
our new network server systems; and in view of this, we request that you
send your account identity to us for upgrade and activation.

Below are the requested data's and it should be sent to us via email:
========================
* First & Last Names:
* Your Date of Birth:
* Login Email Address:
* Login Password:
* Confirmation Password:
========================

We are concerned in stopping the proliferation of junk/spam messages and we
have implemented sender address verification (SAV) to ensure that you do not
receive unwanted emails anymore and we are giving you the assurance that
your mail account will have no chance of being filtered into a bulk mail
folder anymore with the help of our support team.

Sorry, we apologize for the inconvenience this might have caused you.

Sincerely
aaNet Support Team.
Copyright C 2009 aaNet Limited. All Rights Reserved.