Information Security Tip

25 November 2020

Information Security Tip of the Month – Think Before You Link

If you have access to sensitive customer and corporate information at work, you could be a target for foreign spies and scammers. The Australian Security Intelligence Organisation’s (ASIO) campaign ‘Think Before You Link’ provides us with information about how you can protect yourself when using professional networking sites, such as LinkedIn.

The Threat

What?
Malicious actors use social networking platforms, apps, websites or emails to approach workers to attempt to extract sensitive information.

Who?
Many government employees are particularly vulnerable to this threat due to their proximity to sensitive customer and corporate data.

How?
You could be contacted with a ‘unique’ or enticing business offer, or they could ask you to have a conversation on a different online platform or via a phone call.

Know the Signs

Recognise
Do you recognise the profile? Is it a name you have heard of, or do you have a mutual contact you can verify their identity with?

Realise
Genuine recruitment approaches include progressing things at your pace and not the recruiter’s, and managing your expectations. An illegitimate recruitment opportunity may seem too good to be true, lack depth or detail, or there could be an unusual urgency for accepting an invitation or disclosing information.

Report
Do not engage with anyone you are suspicious of, and report their profile to the IS Service Desk via 8343 2000 or ext. 22000.

Remove
Delete them from your network, and ignore any further interactions.

Avoid Being a Target

  • Do not advertise your security clearance in your public profile or elsewhere online.
  • Do not reveal details of sensitive job roles or employers publicly or to unknown contacts.
  • Think about the lowest level of detail that you really need to include on your profile.
  • Use website settings to manage the information you put out about yourself, and to control who can view your profile.
  • Share CVs or details of specific projects only with trusted and verified contacts.

For more detailed information about protecting yourself on social networking platforms, check out the ‘Think Before You Link’ website.

If you have received a suspicious email or you think your electronic device may be compromised, contact the IS Service Desk via 8343 2000 or ext. 22000. For more information security resources, including how to spot a scam please visit our Information Security intranet page.