Protecting data: privacy and security
Security: spam and phishing
Spam is a term used to describe junk email or text messages—unwanted messages sent to your email account, mobile phone or other electronic address. Spam messages may try to persuade you to buy a product or service or visit a website where you can make purchases—some may attempt to persuade you into clicking on suspect links, paying money or providing your bank account details. Spammers flood the internet with billions of unwanted email messages that clog mailboxes.
Spam adversely impacts your business in several ways. It increases the time it takes to manage your email. In addition to material that is offensive or fraudulent, some spam emails spread viruses and malware that can cause your computer to send spam.
Phishing refers to the practice of criminals sending fraudulent emails that purport to be from a trusted sender (such as a financial institution, friend or relative) in an attempt to get you to reply to the email, or visit a website and provide personal or financial information. The Australian Government’s Stay Smart Online website has further information on how to avoid email and website scams and hoaxes.
Reducing incoming spam
Techniques that will aid in reducing incoming spam include protecting your email address and mobile phone number, using filtering software and boosting your internet security to ensure that spammers can’t send spam via your computer. Further information is available from the Australian Communications and Media Authority (ACMA) website by clicking on the ‘consumer information’ link at www.acma.gov.au/spam.
Reducing spam and phishing security risks
Do not respond to any message that seems dubious. Signs that an email message may not be legitimate include emails sent from a different or slightly misspelt email address, emails that ask you to click on a link or reply to an email to provide personal information or an email that provides few details about a link but asks you to click on it anyway. If you receive an email that seems dubious it is safest to delete it immediately without opening it. Use an email system that scans email attachments for security risks before files are opened.
The Australian Government’s Stay Smart Online website provides further information on the steps you can take to minimise and manage spam.
Avoid spamming others
In addition to reducing incoming spam, you should take steps to avoid spamming others. It is important to ensure that you comply with the Spam Act with any marketing campaigns that your organisation conducts online. If a message is commercial in nature, or contains a link to a website that contains commercial content, it is important to ensure that the message:
- is sent with the consent of the recipient
- clearly identifies the sender and provides a way for the recipient to contact them
- provides an unsubscribe facility that allows the recipient to opt-out of receiving future messages.
Some limited exceptions from certain requirements of the Spam Act apply to particular types of electronic messages. These are messages that are sent by:
- government bodies
- registered political parties
- charities
- religious organisations
- educational institutions in certain circumstances.
These messages are not required to have the addressee’s consent but must still accurately identify the sender. The message must also be in respect of goods or services that are being supplied by one of the organisations listed above. Purely factual messages, such as a product recall notice, are also exempt from the consent requirement.
Further information on the requirements of the Spam Act is available from the Department of Broadband, Communications and the Digital Economy’s website and from the Australian Communications and Media Authority (the Australian legislation that covers spam).
