Use Two-Factor Authentication To Protect Your Security

What Is Two-Factor Authentication?

Two-Factor Authentication (2FA) is an extra layer of security to help protect your accounts and services. Usually used in addition to a password, it’s a second identity check to make sure you’re the authorised account holder.

Why Do I Need More Than Just A Password?

Passwords are inherently flawed for several reasons.
· Humans have poor memories, so we choose simple passwords that are easy to remember… and hack.
· We ought to use password managers to help us make unique passwords for every account. Still, many of us just keep recycling the same basic passwords for everything.
· We underestimate how complex a password should be, and how quickly a password can be hacked when it lacks complexity.
· We have security fatigue – we just need so many passwords in our lives, we just give up and resort to the same simple string on everything.
· We don’t always understand how many mainstream, credible websites have been hacked, putting our login credentials out there to be shared by criminals. Most people have been affected by data breaches on major websites.

What Can Be Used for 2FA?

The implementations vary between sites and services, but you may have already used 2FA without realising it. Some examples of 2FA are:
· When you try to log in, or perform an account action, the site requires you to enter a code sent to your on-file mobile phone via SMS before you can continue.
· When you have to answer a pre-arranged question, like your first street, first pet or mother’s maiden name.
· Entering the CVC from the back of your credit card before your payment will process.
· An authenticator device or app, like Google or Steam’s authenticators, that generate a new code every sixty seconds.
Two-Factor Authentication is any security check that uses the second piece of data to confirm your identity, in addition to your password.

Who Should Use 2FA?

You should. That is, if you have any password-protected accounts with apps, organisations or services that offer 2FA, then you should use 2FA. It is your best defence against the ever-growing risk of scam activity.

Phone Scams

REPORT SCAMS
Report scams to the ACCC’s Scamwatch: https://www.scamwatch.gov.au/report-a-scam
Report scams to us: support@swoopbroadband.com.au or call us on 1300 66 55 75
If you have been scammed, take immediate action. The Scamwatch site has a list of actions you can take: https://www.scamwatch.gov.au/get-help/where-to-get-help

Phone Scams

Scammers are always about, and always looking for new ways to practice deception. No article we can write can take the place of your own diligence. In any conversation, consider:

  • Do I really know who I am speaking to? Can I verify that?
  • Does what they are saying actually make sense?
  • Is this typical of the organization I think I’m dealing with?
  • Are there any steps I can take to protect myself before I hand over personal information?

Legitimate callers will understand if you wish to hang up and phone them back using a number you’ve looked up yourself. There is no better use of your time than this – you can’t get back information once you’ve disclosed it to a scammer.

Keep yourself informed: subscribe to Scamwatch Radar and receive scam alerts to your inbox.

Things We Won’t Do

  • We won’t use a recorded message to tell you we’re disconnecting your services.
  • We won’t require you to provide us payment in gift cards.
  • We won’t direct you to use a website that isn’t swoopbroadband.com.au.
  • We won’t tell you that you can’t hang up and call us back to confirm you’re really speaking to us. If you receive any odd calls claiming to be from us, please hang up and call us back to check. Only use our public contact number to call us: 1300 66 55 75.
  • We won’t use NBN to contact you regarding issues with your account or with your VoIP phone service.

Clues To Look Out For

  • Scammers will usually try to impersonate a well-known organization, business or government department.
  • They may claim there’s a situation that will have legal ramifications for you.
  • They may call claiming there’s an issue with a service you receive, or they may seek financial details to process a “refund” or other payment.
  • They may claim there’s a problem with your computer, and try to get access to it.
  • They may try to make you feel the situation is urgent to pressure you into a quick reaction before you have a chance to think.

Examples of Common Phone Scams

New scams arise all the time, and old ones are modified to keep them fresh, so this shouldn’t be considered an exhaustive list. This list is only some of the types of scam calls that are reported in Australia.

NBN Calling

If you are a Swoop Broadband customer, then we are your point of contact for all NBN and phone issues. NBN will never call you directly to threaten you with disconnection. NBN will not call you about issues with your VoIP phone.

Disconnection Threats

Automated dialers that tell you your service will be cut off unless you press 1 are a scam call. We will never use an automatic dialer or voice recording to contact you about important account information.

ATO Threats

The ATO will not call you and demand you settle a debt by gift card, such as iTunes cards or Google Play cards. Legitimate companies and real government departments and agencies never accept gift cards as payment.

Survey Scams

Scammers have been calling and asking about your financial institution as part of a so-called survey. They ask for your BSB, which tells them the name and branch of your bank. Weeks later they call back and use their knowledge of your bank to try to convince you they are genuinely calling from your financial institution. Don’t ever give out any part of your bank details to survey takers.

REPORT SCAMS
Report scams to the ACCC’s Scamwatch: https://www.scamwatch.gov.au/report-a-scam
Report scams to us: support@swoopbroadband.com.au or call us on 1300 66 55 75
If you have been scammed, take immediate action. The Scamwatch site has a list of actions you can take: https://www.scamwatch.gov.au/get-help/where-to-get-help

 

Scam Alert

DO NOT FALL FOR THIS SCAM

This email is circulating. It is not genuine, and it is very important that you do not click the links and provide your details. We will never send you an email asking you to click a link to log in.

You’ll note that this email has gone to some effort to appear to be genuinely from DCSI, but none of the links in it go to our website. It also doesn’t make any sense – you do not need to change your payment method (or update your onfile credit card) in order to select a different plan.

Please be wary of emails that purport to be from us, or from any organisation you know and deal with. Look for the little clues, such as illogical propositions, links that go to unrelated third party sites and outdated organisation information (this uses an old version of our logo). You should always take the time to check with us if you are concerned – we are happy to confirm for you if we genuinely sent you an email.

 

NBN Scams and Email Hacking

In an article dated June 17, 2019*, Emma Koehn writes in the Sydney Morning Herald about the increasing prevalence of scams that take advantage of community confusion regarding NBN.

The article says that losses so far this year have exceeded $500,000, averaging more than $110,000 a month in the first half of the year.

NBN Co Chief Security Officer Darren Kane said NBN Co is a wholesaler and will never call ordering a consumer to give access to their computers.

The article goes on to quote ACCC chair Delia Rickard advising consumers to “Do a Google search or check the phone book to get your service provider’s number, don’t use contact details provided by the sales person”.

Meanwhile, spammers are continuing to attempt to obtain email account details via “phishing” (scam) emails. This enables them to spread spam via legitimate, trusted email accounts. DCSI customers have been specifically targeted by some of these scammers, with emails being sent to @dcsi.net.au email addresses purporting to be from us and attempting to trick customers into following a link to a non-DCSI website where they are asked to enter their email login details.

The only link you should ever use to review or update your DCSI account details is the customer portal at simple.dcsi.net.au

If you ever receive an email telling you that DCSI will close down your email or service, or that you’re required to log in to make changes, please do not click the link. Please call us on 1300 66 55 75 to ask if it is genuine, or use the customer portal to check the validity of the claim.

It’s your responsibility to protect your account details and not disclose them to unauthorised third parties. We are here to assist if you need advice or assistance in determining the validity of an email.

You should also review your account password, and ensure it is strong and sufficiently complex that it can’t be easily guessed. If you update your password via our portal, you will be required to choose a password that is at least 8 characters long and contains a mixture of letters, numbers and symbols.

 

Unwanted Telemarketing Calls

The ACMA (Australian Communications and Media Authority) ensures that the Telecommunications (Telemarketing and Research Calls) Industry Standard provides safeguards to enable Australians to manage unwanted telemarketing. These include identification requirements, restrictions on permissible calling hours, and enforcement of compliance with the Do Not Call Register.

You can add your number to the Australian Do Not Call Register, or update your listing, at https://www.donotcall.gov.au/

The ACMA website provides more detailed information on protecting yourself from unwanted marketing calls, and your rights . Two articles that may be of use are linked below.

https://www.acma.gov.au/Citizen/Phones/Landlines/Spam-and-telemarketing/protect-yourself-from-unwanted-telemarketing

https://www.acma.gov.au/theACMA/hold-the-phone-put-an-end-to-unwanted-telemarketing-calls-1

In addition to listing yourself on the Do Not Call register, you should take advantage of any call blocking features that may be available on your handset to block persistent callers. The manufacturer’s guide will explain how you can activate this feature, or you can use Google to find instructions online for many common handsets. If your handset does not include this feature, consider replacing it with one that does.

Email Scams and Extortion

Emails that threaten disclosure of personal or embarrassing information or illicit footage have been turning up in inboxes again recently. These emails are often known as “sextortion” scams.

The good news is that they are empty threats. There has been no evidence that any devices have been hacked by the perpetrators, or that they have obtained the footage they claim to have.

The Office of the eSafety Commissioner issued a statement in August 2018 that reads in part:

“Recently, we’ve also been sent a number reports about an email scam where the sender claims they’ve hacked into an individual’s device and recorded intimate footage of them visiting a porn site. In an endeavour to add legitimacy, the sender often includes a password which the person recognises as a current or former password.

It’s important to know, this is simply a scam and there is no intimate footage.”

The eSafety Commissioner advises that anyone receiving this email or a variation should consider the following actions:

  • Don’t give them any money or give in to any other demands—this is very important as paying any sum of money will only result in more demands.
  • Don’t reply to the scammer and block the email address that’s contacted you.
  • Delete the scam email from your inbox.
  • Secure any online accounts associated with the password included in the email, and remember to update these regularly.
  • Make sure anti-virus software is installed on your device and is up to date.
  • If the scam email is from an Outlook email address (in our experience many are) – report the email address to Microsoft. You’ll find instructions on how to report Outlook accounts as phishing scams and abuse here. If the email address is from a different provider, the major email platforms generally have clear advice online about how to report a user.

You might also consider reporting the email to Scamwatch and taking a look at the advice on the Stay Smart Online website where you can sign up to their alert service to be kept up to date about online threats and how to manage them.

Some versions of the email include a password that the recipient may recognise as one they currently use or have used in the past. This does not confirm the legitimacy of the email – many large, reputable services and sites have experienced data breaches over the last decade, and passwords from these breaches have been leaked online. Defend yourself from this by using different passwords for every site and service you subscribe to.

Additional resources: 

Simple Internet Security Measures
Virus and Malware Guide
You Need A Passphrase, Not A Password

Virus and Malware Guide

What are computer viruses?

Viruses are malicious computer programs designed to spread themselves from computer to computer, with the potential to cause damage, and harmful or unexpected outcomes.

What is malware?

Malware is a contraction of “malicious software”.  Broadly speaking, malware can be any kind of malicious code including adware, spyware, keyloggers, trojans, worms and viruses.
Adware – software that may install on your machine without your knowledge and display ads to you, generating income for the developer.
Spyware – obtains your personal data by stealth and sends it to unauthorised people. Can be used maliciously to control or even damage your computer.
Keyloggers – record every keystroke you make and transmit to the person controlling it. This can allow a third party to obtain your passwords and other sensitive information.
Trojans – malicious software that is disguised as legitimate software.
Worms – self-replicating code that spreads itself from computer to computer
Viruses – the distinction between worms and viruses can be quite subtle: a virus will usually need someone to run the associated file or program so it can take effect, but a worm can spread itself across networks automatically.

Who is vulnerable to viruses and malware?

People usually understand that Windows computers and devices are vulnerable and before you connect to the internet, you should have anti-virus protection installed. There’s a common misconception that Apple/Mac devices are safe but don’t be too complacent – Mac malware does exist, and it is prudent to protect your Mac with security software.

I’ve been asked to run a scan of my computer. How?

This will depend on the anti-virus or anti-malware package you’re using. For most, it should be a matter of opening the program and selecting scan. If you are having trouble with this, you can often find a guide to using common programs on YouTube. If you suspect that your device is infected and you are unsure how to fix it, you may wish to consult an IT professional for assistance.

What should I use to protect my PC, Mac or other device?

Some commonly used programs are:
Malware Bytes
Microsoft Security Essentials
Avast!
Kaspersky

Tech blogs and publications are constantly testing and reviewing security software and can offer some informed insight into the best options. Some current articles that might be useful are linked below.

https://www.techradar.com/au/best/best-antivirus

https://au.pcmag.com/antivirus/8949/the-best-antivirus-protection

https://www.tomsguide.com/us/best-antivirus,review-2588.html

https://www.techadvisor.co.uk/test-centre/security/best-antivirus-3676938/

Update! New Portal Features including Port Blocking Options.

The DCSI customer portal has been updated and includes new features for the use and maintenance of your DCSI broadband service including advanced features.

Router Configuration – the settings you need to configure your router. Although we despatch routers fully programmed, you may need these details if you have a BYO router, or if your router requires reprogramming for any reason.

Service Firewall – DCSI blocks the following ports for the security of our subscribers.
Outgoing:
SMTP (TCP 25) connections to non-DCSI IP addresses
Incoming:
HTTP and HTTPS (TCP 80, 433) connections
DNS (UDP and TCP 53) requests
SNMP (UDP 161) requests
SSDP (UDP 1900) requests.

Generally this will not affect normal use of the service by average household subscribers, however some users may use services that require these ports to be unblocked. You can modify port blocking yourself through the Simple customer portal.

Static IP – DCSI IP addresses are “sticky” by default, which means they rarely change. This option allows you to add on the Static IP option for $5.50 per month.

Detailed explanations of how to use these features have been added to the customer portal article.

What Is DDoS? How And Why DCSI Protect Your Service

What is DDoS?

Distributed Denial-of-Service (DDoS) attacks can take many forms, but most prevalently it is simply a large flood of data directed toward an IP address on the internet, with the intention of exceeding its connection capacity to effectively knock it offline for a period of time – or, to put it another way, an attacker sends so much traffic through your internet connection that it stops working.

With the increasing popularity of DDoS-as-a-service tools, the ease with which an unskilled person can execute such an attack has meant a rise in their occurrence.

How it impacts you

If you’re targeted by a DDoS – perhaps you’ve beaten someone in an online game, or possibly you’ve even been mistakenly targeted – the impact on you is two-fold. First, it can render your internet service unusable for the duration of the attack (typically just a few minutes, but a motivated attacker could launch an assault that lasts hours, days, or more). Secondly, once your service does recover, you may find that your plan’s data usage allowance has been exceeded because of the massive amount of data sent toward your service and therefore counted against your usage.

How we protect you

DCSI in partnership with Anycast Networks has operated custom-built, state-of-the-art DDoS protection systems for over 2 years to date. These systems respond to an attack automatically within just a few seconds of it starting, and move to route the traffic through “scrubbers” which strip out the attack traffic before it even reaches your service, while still allowing the “good” traffic to come through untouched. This means that your connection doesn’t go offline, and you don’t get a big spike of data on your usage allowance. It’s as though the attack never even happened.

This protection is always on, all the time, for all DCSI broadband customers.

 

 

The All-New Customer Service Portal – It Couldn’t Be More Simple!

April has been a month of major changes here at DCSI, and the biggest has been our switch to our brand new customer management system, Simple. With Simple managing all accounts and billing, we’ve been able to update our customer portal too. If you’ve logged in to my.dcsi.net.au recently, you’ve probably seen the changes. Here’s our step-by-step users guide to the new customer portal.

  1. How to Log In
  2. Account Summary
  3. Check Your Details
  4. View, Add, Remove or Edit Authorised Contacts
  5. Change Your Password
  6. New! Change Your Email Password(s)
  7. Internet Usage
  8. Buy A Data Block
  9. Change Your Plan
  10. Router Configuration Information
  11. Adjusting Port Blocking/Service Firewall
  12. Setting a Static IP
  13. View Your VoIP Call History
  14. View or Pay Your Invoices
  15. Update Your Credit Card Or Change Your Payment Method
  16. Support – View Enquiries and Faults
  17. Request Support Or Log An Enquiry
  18. Check Your Fixed Wireless Service Status
  19. Check Your NBN Service Status

 

 

 

1. How to Log In

 

http://simple.dcsi.net.au

To access the customer portal, go to http://simple.dcsi.net.au
Enter your username or email address and your password, and click Login.
If you need assistance retrieving your account password, please call us on 1300 66 55 75.

 

 

 

2. Account Summary

 

Welcome screen

When you have successfully logged in, you will see the Welcome Screen, which will show you account balance and credits. If you have any queries or faults logged with us, they will appear as active support tickets.

 

 

3. Check Your Details

 

Check your details on the profile screen

If you select Profile from the left hand menu, you will be able to view your contact details. Use this screen to review and update your postal address, email address, and contact phone number. You can also select your notification subscriptions.

 

 

4. View, Add, Remove or Edit Authorised Contacts

 

List of all authorised contacts on the account

Authorised contacts are people who the account holder has authorised to be allowed access to their account. Authorised contacts can be granted permission to access billing, make changes to the account details, log faults, request password resets, make plan changes and other account management activities.

To access the Authorised Contacts list, click Profile in the left menu, and then select the Authorised Contacts tab.

On this screen you can view all authorised contacts and edit their details or delete them, and add new authorised contacts. You can also edit the email notifications the contact is subscribed to, and grant or revoke access to the customer portal for the contact using their own login details. All Authorised Contacts will need to have their own email address, which they will use to log in to the account.

Add/Edit An Authorised Contact

If you check “Allow this contact to log in to the portal”, additional options become available.

Allow portal access to authorised contacts

Your authorised contacts can have their own username and password, and you can restrict their access to certain funtions – you might choose to let your bookkeeper access invoices but not give them access to your usage history, for instance. Click Save Changes when you have finished.

 

 

5. Change Your Password

 

Change your password

To change your password, click on Profile in the left menu, and then select the Change Password tab. You will need to enter your current password as well as your new password. Click Save Changes in the bottom right corner to update your account.

 

 

6. Change Your Email Password(s)

 

To change your password, click on Email in the left menu, and then select the Change Password button next to the email address you’d like to update. 

Your password will be assessed as either weak or strong. You need to achieve a rating of strong to successfully change the password. You can do this by meeting the displayed minimum criteria.

 

 

 

7. Internet Usage

 

View your usage

You can view your data usage by selecting Broadband from the left menu. A dropdown box will ask you to select your service. Select the service you wish to view and your usage will be displayed.

Two progress bars indicate your usage to date (updated every 15 minutes) and also how far you’ve progressed through the current data month. Your data reset date may be different for each service you have if you have more than one service connected.

Daily records break your usage down into uploads and downloads, as well as giving a running total for all displayed days.

 

 

8. Buy A Data Block

 

If you need to purchase more data for the current data cycle, you can do this by going to Broadband on the left menu and then to the Service Options tab, followed by Data Block. Select the data block you want, enter your credit card details, and click pay now. Your data block will apply and be active within 15 minutes. If you need assistance with this, click Support and create a ticket or phone us on 1300 66 55 75.

 

 

9. Change Your Plan

 

You can set up a plan change via the portal at any time, with one plan change allowed in any 30 day period. A downgrade (dropping to a cheaper plan) will take effect from the 1st of the next month. An upgrade (switching to a more expensive plan) will take effect on your data limit within 15 minutes. Speed changes may take up to three business days. The plan list will display eligible plans only, which may be different depending on the type of service you have with us. The Change Plan option can be found in the Broadband menu until the Service Options tab.

 

 

 

 10. Router Configuration Information

 

To program or reprogram your router, you will need your service credentials. These can be found under Broadband, Service Options, Router Configuration. If you require assistance setting up your router, please contact us on 1300 66 55 75 or use the Support tab to log a ticket requesting assistance.

 

11. Adjusting Port Blocking/Service Firewall

 

DCSI blocks the following ports for the security of our subscribers.
Outgoing:
SMTP (TCP 25) connections to non-DCSI IP addresses
Incoming:
HTTP and HTTPS (TCP 80, 433) connections
DNS (UDP and TCP 53) requests
SNMP (UDP 161) requests
SSDP (UDP 1900) requests.

Generally this will not affect normal use of the service by average household subscribers, however some users may use services that require these ports to be unblocked. You can modify port blocking yourself through the Simple customer portal. You can access these settings via Broadband, Service Options, Service Firewall. We recommend leaving ports blocked unless you specifically need them unblocked.

 

 

 

12. Setting a Static IP

 

DCSI IP addresses are “sticky” by default, which means they rarely change. This option allows you to add on the Static IP option for $5.50 per month. You can access this via Broadband, Service Options, Static IP.

 

 

 

13. View Your VoIP Call History

 

VoIP service information

If you have a VoIP service with us, you can view your call history on the VoIP Call Records screen. Simply select VoIP from the left hand menu, and then select the phone number and billing period you wish to check from the dropdown selections. Your calls will be listed in the table, which you can sort by Date, Number, Type, Duraction or Value by clicking the heading on the relevant column.

 

 

 

14. View Your Invoices

 

Invoices

Selecting Billing from the lefthand menu will take you to your invoice history.  This will show you new and old invoices, the date of issue, the due date, the total of all items on that invoice, and whether it is paid or unpaid. All invoices will have a blue View button, and unpaid invoices will have a green Pay button that you can click to go straight through and pay that invoice.

Pay invoice

You will be prompted to enter your credit card details. When you click Pay Now, a one time payment for that invoice will be taken. If you want to save your credit card details so your payments are processed automatically each month, you can do that on the Payment Details screen.

 

 

 

15. Update Your Credit Card Or Change Your Payment Method

 

Main payment details screen

You can update or change your credit card or remove your credit card from your account on the Payment Details screen. Navigate to it by clicking Billing in the left menu, and then on the Payment Details tab. Your saved details will be displayed.

There is a dropdown menu under Change or update that contains three options: Credit Card, Direct Debit and Manual Payment.

Update or Add a Credit Card

If you select Change or update – Credit Card (automatic payment from a credit card), you will need to enter your card type, card number and expiry date. Use this option to add a new credit card, replace a lost or stolen credit card, or update an expiring credit card.

Direct Debit

If you select Direct Debit as your payment type, you will be asked to visit our site to download the direct debit form.

Manual payment

If you select Manual Payment and Save Changes, your existing credit card details will be removed from the account.

 

 

 

16. Support – View Enquiries and Faults

 

Support and Tickets

The Support option from the left menu will take you to your support history screen. Any faults or enquiries you log with us, or emails you send to us are assigned a ticket number, and are recorded here for your reference. There are three tabs you can select: Active Tickets, Closed Tickets and Create New Ticket. Any ticket that has not been marked as “Resolved” will be on the active tab.

Closed tickets

Closed tickets will show you tickets that have been marked as requiring no further action. You can view these using the orange View button.

 

 

 

17. Request Support Or Log An Enquiry

 

The Create A New Ticket tab contains a form that you can fill in to log an enquiry, fault or comment to us. Enter a subject that briefly summarizes the reason for contacting us and click Create. On the next screen you will have a space for entering more details about your query. Tickets can be logged 24 hours a day, and will receive a response during our business hours.

 

 

 

18. Check Your Fixed Wireless Service Status

If you click through to Broadband and into your Fixed Wireless service, you can view the current status of your antenna on the Status tab. This screen will report if your service is currently online or offline, the duration of your current session, your IP address and the quality of your radio link to the DCSI network. Session logs will allow you to see all the times your session has reconnected to us. Any concerns you may have should be logged with us either on 1300 66 55 75, or via the Support link in the portal.

 

 

 

19. Check Your NBN Service Status

If you click through to Broadband and into your NBN service, you can view the current status of your service on the Status tab. This screen will report if your service is currently online or offline, the duration of your current session, and your IP address. Session logs will allow you to see all the times your session has reconnected to us. Any concerns you may have should be logged with us either on 1300 66 55 75, or via the Support link in the portal.