How can I protect myself online?

Using the internet for things like banking, shopping, emails and social media means you’re often giving out your personal and financial information online. The good news is that improving your digital security is easy – it’s not complicated or expensive to take basic steps to protect yourself and your personal information. Don’t wait until it’s too late. Protect yourself, your family and your friends by following the tips below.

Easy tips for protecting yourself online:

Password protect all your devices

  • Make sure your desktop computers, laptops, tablets, and mobile phones are all secured with different passwords
  • Use strong or complex passwords (by including a range of upper and lower case letters, numbers and punctuation), particularly for your email and online banking
  • Change these passwords regularly


  • Protect your wireless connection with a strong password and encryption settings
  • If you are operating on an unsecured wifi connection, be cautious about what you do. Don’t use unsecured wifi for banking or other transactions
  • Ensure that you have a good password on your hotspot if you are ‘tethering’ a device to a phone.

Secure your computer

  • Install adequate firewalls
  • Keep your anti-virus software up to date
  • Ensure your operating software is up to date
  • Ensure that you have information safely backed-up. If disposing of a computer, make sure you have removed all personal data and take steps to clean the hard drive.

Secure your mobile devices with a PIN or password

  • If you use more than one mobile device, make sure your PINs and passwords are different
  • As with your other internet devices, use anti-virus software and have up to date software
  • Ensure you only download reputable apps
  • Regularly back up your data.

Be cautious with emails

  • Be suspicious of emails from people you don’t know or that look unusual – it may be spam email with malicious software attached
  • Delete any suspicious emails or phishing threats without opening them
  • Never reply with further information. Even if the threat isn’t real, replying confirms to the sender that your email address is legitimate, and it will increase the amount of spam you receive
  • Do not open any attachments if the source of the message is unknown or suspicious – do not enable macros on documents from an untrustworthy sender
  • If you open a spam email or its attachments at work, contact your IT department immediately
  • If the source appears to be from a legitimate New Zealand company, we recommend reporting it to your IT or security team so they can identify the threat and warn their customers
  • Be suspicious of links directing you to unknown websites. If you are not sure, don’t click on them. Hover over links to check if they are legitimate – and only visit trusted or reputable sites. A secure and authentic website will have two e-security symbols: a closed padlock and https:// in the address bar
  • Before giving out your email address online, read the website privacy policy – it will tell you how they will use your personal information.
  • Stop and think before signing up to any online services with your work email address – does your work have a policy in place about using your work email? Would it be better to use your personal email?

Be cautious on social media

  • Be suspicious of links shared to unknown websites – even if they are from your friends. If you are not sure, don’t click on them. Only visit trusted or reputable sites. A secure and authentic website will have two e-security symbols: a closed padlock and https:// in the address bar
  • Limit the amount and type of identity information you share about yourself, friends and family on your online accounts
  • Be aware of, and check your privacy settings, on social media sites
  • Change your password relatively often and ensure it is secure, with a mixture of capital and lowercase letters, number and symbols.

Facebook security tips

  • Be aware of your privacy settings and make sure you are aware of what is publically visible. You can update your privacy settings on Facebook using the privacy shortcut on the top left bar (padlock icon) next to notifications, or in the Facebook App under “more” on the bottom left.  You can limit “who can see my stuff”, “who can contact me?” and “who can look me up” to public, friends of friends, friends or only me
  • Check what apps you have allowed to access your profile information on Facebook. Double check the permissions they are requesting before allowing them to access your personal information.
  • Under Settings > General Account Settings > Password, Facebook tells you when you have last changed your password.  If it says “Password last changed over a year ago” or “never changed” it is recommended you update it
  • Under Settings > Security Settings you can get alerts whenever your account is logged into on a different device, authorise two-factor authentication, create App passwords and manage where you are logged in.
  • Be careful if you receive friend requests from strangers, or if you get message requests from people you don’t know that go to your “Other” folder
  • Be wary if friends are posting links to unusual content or “free” giveaways on their timeline, or inviting you to attend events which direct you to an external website
  • If you receive a friend request from someone already on your friend list they may be impersonating them with a fake account. If this happens, report the imposter account to Facebook as identity theft, and let your friend know they should change their password
  • For more information, visit Facebook’s Help Centre for more information and tips on security

Twitter security tips

  • Check your settings, account, security and privacy, blocked and muted accounts and apps you allow
  • When you login, you can authorise two-factor authentication through requiring a password and a code to be sent to your mobile
  • Always make sure you’re on before you enter your login information
  • In settings you can select that personal information is required to be verified before you are able to reset your password
  • On Twitter – keep an eye out for suspicious links and never give your username and password out to untrusted third parties, especially those promising to get you followers or make you money
  • If you think you have discovered a security issue that could affect many users, report it through Twitter’s HackerOne community program
  • For more information on Twitter’s security, visit

Snapchat security tips

  • Be wary if a Snapchat contact sends you unusual pictures, followed by a chat with links
  • Be wary of clicking links you do not recognise sent through Snapchat
  • If you are sent a suspicious Snapchat message, inform the sender and recommend they change their password
  • If you think you have been hacked change your Snapchat password
  • Report any spam to Snapchat

Skype security tips

  • Public parts of your Skype profile can be seen by everyone else on Skype, so do not put details in your profile that you do not want to be publicly available
  • Update Skype when updates are available, on a Windows PC go to Help > Check for Updates; or if on a Mac go to Skype > Check for Update.  Be wary of any emails pretending to be from Skype saying a security update is available – it is not their practice to do this
  • Visit for more information.
  • Be wary if you receive contact or friend requests from strangers

Be cautious when shopping online

  • When shopping online, use a secure payment method or your credit card
  • Be aware of scams, online frauds and false suppliers
  • Make sure that requests from companies or individuals for identity or financial information are authentic.