my.UQ

Recover from hacks, scams and data breaches

  1. Home
  2. Information and services
  3. Information technology
  4. Cyber security
  5. Cyber security at UQ

If you become a victim of cybercrime, knowing what to do next can help reduce the risk of further losses and sometimes assist with recovering funds.

Emergency assistance

If there is an immediate threat to life or risk of harm and you are on campus at UQ, call the security team on 07 3365 3333 or use the SafeZone app to request emergency assistance. If you are not on campus and are in danger, call 000.

Follow these steps to contain the risk if you think you have been scammed:

  • Stop communicating with the offender.
  • Contact your bank or card provider immediately to report the scam and stop any transactions.
  • Change your passwords on all accounts that use the affected credentials.
  • Enable MFA on all accounts where possible.
  • Seek support - IDCAREBeyond Blue and Lifeline can assist.
  • Report the scam and be alert to follow up scams.

Support services

Warning signs that indicate your account or device has been hacked include:

  • You're signed out of your online accounts such as banking, social media and email or you try to log in and your passwords no longer work.
  • You receive emails or text messages about login attempts, password resets or multi-factor authentication requests you did not initiate.
  • Your account activity or sign-in logs have logins from devices and locations that you don’t recognise.
  • You receive spam emails that threaten or try to extort you.
  • Your friends and family advise they’ve received strange messages from your email and social media accounts.
  • Your devices slow down, heat up or start to crash more often.
  • You spot suspicious charges on your credit card or bank statements.

If you have been hacked, take action immediately

For a work account or device:

  • Report the cyber concern on Stay Cyber Safe and click on ‘Report a cyber concern’. Complete the short form. This is sent directly to the UQ Cyber Security Operations Centre (CSOC). Don't worry if your concern turns out to be false, CSOC would prefer hundreds of false concerns, rather than missing a real attack.
  • Use the Phish Alert Button to report a suspicious email from your work account. If you use another email client, follow the instructions on how to report a suspicious email.

For a personal account or device:

  • Immediately change your passwords and enable MFA on all accounts using the affected credentials.
  • Do an antivirus software check on affected device.
  • Contact your bank if your account details were breached or you transferred funds to the hacker and need to stop a payment.
  • Check all other accounts for unusual activity including banking and social media.
  • Report the scam.
  • Seek support – IDCARE can assist.
  • Continue to monitor your accounts closely and investigate anything that seems suspicious.

Support services

If an organisation notifies you that your data has been compromised, follow the advice below to ensure you minimise the risk to your personal information:

  • Determine which information has been breached, such as:
    • password
    • drivers licence
    • bank account details
    • personal information such as your home address.
  • Change passwords and enable MFA on any accounts which use the compromised credentials.
  • Replace identity documents that were breached.
  • Apply for a credit ban to freeze your credit file and ensure that applications for credit are not made without your written consent.
  • Check and monitor for unusual activity in your accounts including banking transactions, social media posts and spam sent to your phone or email.

Support services