Guard Against Identity Theft

• Trusted Websites: only make purchases on trusted websites and use reputable payment processors such as Paypal or Google Checkout. Before transacting on any website, make sure the website uses an SSL certificate. If you receive an error or warning message about a website’s “certificate”, do not transact over that website.
• Password: use different passwords for every online account. The password should be unique (recommended random combination of letters and numbers). Change your password regularly (at least every three months).
• Giving out your details: never send your username and password or bank account details by email. Never give out your Bidswamp username and password to websites outside of Bidswamp.
• Computer Security: make sure your computer security (eg: anti-virus, anti-spam) and operating systems are fully up to date.
• Network Security: if you have a wireless network you need to keep it secure. An unsecure network allows hackers to gain access to your files in seconds. The manual for your wireless router should advise how to lock your router and encrypt your information. Your usability will not be affected but it will help to control unauthorized access to your personal information.
• Emails: never download email attachments from persons you don’t know and beware of Phishing (fake emails) and spam (junk emails). Spam can come from Phishers and can also contain viruses called Trojans which penetrate your computer and send your information back to the person who created the virus. To reduce junk emails, you should install spam-filtering software or ask your internet/email provider whether they can add spam-filtering to your email account.
• Monitor Your Credit: keep a check on your online account statements for any suspicious activity. Also, American users can obtain a free annual credit report at AnnualCreditReport.com. Australian Users may obtain a My Veda Alert credit report from Veda Advantage at mycreditfile.com.au for a yearly fee. These reports keep you alerted if there are any changes to your credit file (eg: if someone has opened new accounts under your name).
• Online Organizers: never provide your passwords or account information on/through online applications such as calendars, organisers and to-do lists. These websites don’t provide the same security as banking websites.
• Banking Alerts: ask if your financial institution allows you to set text or email alerts for transactions or certain activities on your account. For example, requiring you to enter a code that has been sent to you via SMS before allowing a transaction to proceed online. These security precautions help prevent, and also help you discover unauthorized access on a timely basis.
• Optional security questions: it’s advisable to use questions that don’t require answers which are available on public record. For example: “what’s your favourite food” rather than “city of birth”.
• Public computers: never save personal information on public computers. If using a private account on a public computer, never save your login information (username and password) and always remember to log out. Do not use these computers for online transactions.

Trading Fraud

• Ownership: All Sellers at Bidswamp are required to either be the legal owners of the Website or be authorized by the legal owner to place a listing. You can use domaintools.com to determine the domain registrant and find out a little more about the domain. However, this will not confirm whether the Seller is the actual legal owner of the Website. There is a chance that the Seller may impersonate the legal owner. To determine whether the legal owner has listed the Ad Space for sale, we suggest you visit the website where the Ad Space is found. We encourage Sellers to display a banner stating that the Ad Space is up for auction at Bidswamp. If no such notice is displayed, you should contact the owner via their “contact us” page on their website to confirm the Ad Space is actually up for auction at Bidswamp.
• Payment Method: only use secure payment methods such as PayPal where transactions are traceable and account information is hidden from Sellers. Don’t succumb to a Seller’s requests to use payment methods outside Bidswamp (particularly Western Union or MoneyGram transfers) as they can be unsecured and untraceable.
• Outside Trading: Never trade with a Seller outside the Bidswamp website. There is no opportunity for you to leave feedback and no opportunity for us to take action against the Seller.
• Seller’s Reputation: always check a Seller’s reputation profile before bidding or buying from that Seller.
• Terms & Description: before making a bid or buying Ad Space, examine the description and the Seller’s terms & conditions.
• Only sellers control their Ad Space: we don’t have any control over a Seller’s Ad Space. Don’t believe a Seller who states that they are waiting on Bidswamp to approve placement of your Advertisement.
• Personal Information: be careful when disclosing personal information to a Seller. Always ask their privacy practices and policies and don’t give out more information than you need to.

• Placing the Advertisement: we suggest you don’t place the Buyer’s advertisement until you receive cleared payment.
• Payment Method: use secure payment methods such as PayPal where transactions are traceable and the Buyer doesn’t see your account details.
• Outside Trading: never trade with a Buyer outside Bidswamp. There is no opportunity for you to leave feedback and no opportunity for us to take action against the Buyer.
• Personal Information: be careful when disclosing personal information to a Buyer. Always ask their privacy practices and policies and don’t give out more information than you need to.

Computer Security

• At least 8 characters long
• Mix upper/lower case characters and numbers and symbols
• Keep all passwords hidden and private
• Change passwords at least every three months
• Never use plain dictionary words, pet or family names or even special dates such as birthdays or anniversaries.
• Remember that hackers can test hundreds of dictionary words per second, making passwords with dictionary words easily penetrated.
• Keep different passwords for separate online accounts.
• If the length is restricted, use something random like “Ah3fBp9”.

• Select automatic updates for your operating system and all other programs you have installed and devices such as routers, phones, PDAs.
• If a program doesn’t offer automatic updates, you should regularly check with the program website for new versions and updates.

• You should use a personal firewall, anti-virus, anti-spam filter and anti-spyware software. Ideally they should be automatically updated. You should also check their signatures or definitions are current.

• You can further protect your computer by using a hardware modem / router. This gives the computer or your home network a private (rather than public) address.
• A modem / router that includes a Stateful Packet Inspection (SPI) firewall is desirable.
• Disabling the UPnP features is recommended.

• When accessing the internet or reading email you should run as a non-privileged user (ie: without “Administrator” access).
• Only use your Administrator account when required (eg: to install software or configure security settings), not for general every day use.

• Be careful and always be on the lookout for suspicious emails.
• If you don’t know the sender, don’t open the attachment.
• Be careful when clicking on a link within an email, it might be diverted to a virus.
• Beware of Phishing (fake emails).
• Never give out your personal details such as bank account details or username and passwords over email.
• Turn off the preview pane.
• View email in plain text.
• If you want to transact over a website, type the URL into the address bar rather than following a link found in an email.

• Disconnect the adaptor when not in use.
• Enable WPA2 encryption (WEP is not adequate).
• Only allow a set of MAC addresses.
• Don’t broadcast your SSID.

Fake Emails (Phishing)

• Look for a generic non personalised greeting;
• Encouragement to take immediate action;
• Grammatical errors;

• If the address of the website is different to the address of the genuine website. Please note that phishers use very similar addresses. For example:

• Do not reply to emails that ask for personal information.
• Do not follow any link on the email. Rather, type the authentic address into your browser to enter the website in question.
• Contact the person who is being impersonated either by telephone or by typing their authentic address into your browser (don’t follow the link in the email and don’t reply to the email).
• If the email is from someone impersonating Bidswamp, forward it to security@bidswamp.com.

• You have provided personal information in response to a fake email or fraudulent website; or
• You feel someone has hacked into your Bidswamp account.

• If you feel your account has been compromised, check with your friends or family if they’ve made any changes.
• Try to log in to your Bidswamp account and change the password immediately.

1. Immediately change your personal email account password (if a hacker has access to your email account, they will have access to your Bidswamp account. So you need to ensure your email account is protected. The email account password must be different from your Bidswamp account password.); and
   
2. Click HERE to retrieve your username/password (we may temporarily suspend your account for your protection. We can also help you remove unauthorized bids and listings).
   

1. Immediately change your personal email account password (if a hacker has access to your email account, they will have access to your Bidswamp account. So you need to ensure your email account is protected. The email account password must be different from your Bidswamp account password);
   
2. Immediately change your Bidswamp password in your Member’s Area;
   
3. Report the details to us immediately so we can take necessary steps to protect your account: security@bidswamp.com; and
4. If you have provided financial information, contact your bank or financial institution to freeze any accounts or credit cards you feel may have been compromised.