May I suggest that the CBA Signals August 19 recommended Zero trust policy as read... (https://www.commbank.com.au/business/support/security/signals.htm)
might extend to include...
Disable Near Field Communication (NFC) (tap and pay-as-you-go apps often use this) and Bluetooth when not in use,
Do not allow kids to play with your phone,
Do NOT trust ANY WiFi (easy to imitate even a known node -unless you know the connection is secure ie WPS button connection established your-self)
use a VPN if unsure.
if you must email private details, use secure email/portal where possible.
Use secure portals like BankVault and its invisible keyboard for banking and online payment sessions (although PEXA signing is not yet available).
Challenge callers/communication to authenticate and verify who they really are. Suggest establishing client/liaison passwords.
Inform the community colleagues and industry of attempts -especially if unique or convincing.
RoboCall (automated/recorded voice call), or Wangiri (literally, "One-(ring)-and-cut") from Japan where it originated. - ring-once-attempts to entice the receiver to call back, they then obtain further details on the receiver-now-caller &/or charge exorbitant $/time.
Don't trust SMS either, they are able to be ploned (phone-cloned) and web-services versions of SMS are often sent via similar methods as insecure email.
Don't trust apps without querying the permissions, Ask the question for each listed permission, Does this app really need access to this, to do that?
Have a reliable backup of your Data.
... View more