MFA and Password Manager Setup for Sydney Individuals: Make Phishing and Scams Stop Working on You

You get a text saying your Linkt toll account is overdue. Or an email from “Australia Post” about a redelivery. Or a call from someone claiming to be your bank’s fraud team. The link looks close enough to real, the urgency feels real, and for one tired second on the train home you nearly tap through. Phishing works because reused passwords work and because single-factor logins work. MFA and Password Manager Setup from Cyber by Exegesis is the hands-on engagement that turns your accounts into ones a phishing message cannot quietly take over.

The problem

ACCC Scamwatch consistently records phishing as the most-reported scam category in Australia, and the National Anti-Scam Centre tracks losses across phishing-adjacent categories that sit among the highest reported each year. The mechanics are the same whether you are a barrister in Surry Hills or a tradie in Penrith: an attacker captures one password — usually because it has been reused across sites or appeared in a previous data breach — and then walks into your email. From your email, they reset your banking, your super, your MyGov, your Apple ID, and your work logins, because those services were all built to send recovery codes to the inbox the attacker now controls.

The ACSC guidance for individuals and families is unambiguous on the fix: use a password manager so every account has a unique, long passphrase, and turn on multi-factor authentication on the accounts that matter most — starting with email. Most Sydney adults know this. Very few have actually done it across every important account, stored the recovery codes somewhere they will not lose, and tested that they can still log in if their phone is stolen.

What MFA and Password Manager Setup does

Cyber by Exegesis runs a fixed-scope, hands-on personal engagement:

• A password manager set up on your phone and laptop, configured properly, with your existing passwords imported and the reused ones flagged for replacement.
• MFA enabled across your most important accounts — primary email, banking, superannuation, MyGov, Apple ID or Google account, and your work login — using an authenticator app, not SMS where avoidable.
• Recovery code storage handled deliberately: printed, encrypted, or stored in the password manager’s secure notes, with a written record of where each set lives.
• A 30-minute walkthrough of what real phishing messages look like in Australia right now, including the Linkt, Australia Post, ATO, and bank-impersonation patterns currently reported to ACCC Scamwatch.
• A short written summary listing every account we hardened, every recovery code location, and what is still outstanding.

Cyber by Exegesis is the cyber consultancy line of Exegesis — the same company behind DRMO. Our scope here is preventive: we set the controls on your accounts and devices, and we leave you with a system you can maintain.

How it works

1. We confirm scope on a short call and send a one-page intake covering which accounts you want hardened and which devices we will be working across.
2. We meet in person in Sydney or over a screen-share for a 90-minute working session. We install and configure the password manager together — we never type or see your master passphrase.
3. We work through your priority accounts one by one, replacing reused passwords, enabling MFA, and capturing recovery codes as we go.
4. We run the 30-minute phishing-recognition walkthrough using current Australian examples, so you know what the next attempted scam will look like.
5. We leave you with the written summary and a 60-day check-in to make sure nothing has slipped.

Why this matters in Sydney

Sydney households concentrate a lot of digital exposure in one place: high property values that attract title and conveyancing scams, dense professional-services employment with corporate logins worth targeting, and some of the highest superannuation balances in the country. ACCC Scamwatch reporting consistently shows NSW residents over-represented in raw scam-loss volume. The single highest-leverage thing a Sydney adult can do this year is harden their email and their password reuse — because every other account they care about ultimately recovers through one of those two doors.

Sources

• ACSC guidance for individuals and families: https://www.cyber.gov.au/protect-yourself
• ACCC Scamwatch (National Anti-Scam Centre): https://www.scamwatch.gov.au/
• OAIC Notifiable Data Breaches scheme (relevant if your credentials surface in a notified breach): https://www.oaic.gov.au/privacy/notifiable-data-breaches
• eSafety Commissioner (for follow-on issues such as account takeover used for harassment): https://www.esafety.gov.au/
• Cyber by Exegesis — MFA and Password Manager Setup (waitlist)

Join the waitlist

Join the waitlist — first access when Cyber by Exegesis opens MFA and Password Manager Setup for Sydney individuals

We are sequencing engagements by device ecosystem (Apple-first households first, mixed Apple/Windows second) and by inner-Sydney availability. Join the waitlist with your device mix and rough suburb — we will tell you when we can take a brief.