If you think you've been scammed
If you think your AustralianSuper account may have been compromised due to a phishing scam, keep calm and follow these steps:
Report it to us
Change your passwords
Contact IDCARE
Protecting your privacy and identity
Identity theft occurs when your personal information is used to carry out fraudulent activity, like accessing your AustralianSuper online account and attempting a withdrawal.
We have secure measures in place to ensure your super is safe. However, there are additional things you can do to reduce the risk of identity theft on your account.
-
Keep up to date with your account
The best way to keep on top of your super and detect any unusual activity is by registering for an AustralianSuper online account. You’ll be able to:
- track your balance
- update your details
- check your employer contributions
- download your annual statement
- review your insurance cover
We’ll send you an SMS confirmation of changes to your personal details you make in your online account. If you receive a confirmation for a change you didn't make, contact us on 1300 300 273.
Haven’t got an online account?
-
How we protect your information
AustralianSuper takes the issue of account security and the privacy of our members very seriously. Protecting our members’ interests is of key importance, with cyber security risk management being a focus area.
We have deployed robust security measures and processes that are designed to keep members’ data safe, and are consistent with relevant legislation and regulation.
Australian Prudential Regulation Authority (APRA), Australian Securities and Investment Commission (ASIC), and other Australian and International regulatory bodies provide direction and oversight on how we operate.
Security measures specific to protecting members include:
- Further authentication for member-critical actions such as registering for an account online or resetting a password within the Member Portal and the Mobile App.
- A comprehensive account and transaction monitoring program, including a dedicated team that analyses any suspicious behaviour.
- Enhanced call security and training to staff to strengthen mitigation controls and monitoring, to combat increasingly sophisticated cyberattacks and data breaches.
- Working with government agencies, regulators and law enforcement agencies to ensure unhindered flow of regulatory advice and direction, and timely intervention in case of criminal activity.
-
Create a secure password and change it regularly
Set up a password on your AustralianSuper account that is:
- Based on a phrase that only you know, and is made up of a variety of letters, numbers and symbols
- Easy to remember, but difficult for someone else to guess
- Unique to your AustralianSuper online account (don’t reuse passwords from other websites or apps)
- Is only known to you, not shared with family or friends
Remember to change your password regularly and keep your AustralianSuper account details confidential.
Make sure to log out of your online banking and super services across all your devices and apps after using them.
Avoid using the same password for your social media or banking accounts.
-
Beware of hoax emails
Fraudster’s may send you fake emails that can contain harmful links or malicious attachments. This is known as phishing. You can identify a phishing email by:
- Misspelling or images and graphics that don’t look quite right
- Unfamiliar sender address
- Suspicious attachments
- Links that take you directly to your online account
- Requests for your personal information
AustralianSuper will never send you an email asking you for your personal information. If you receive an email you’re unsure about:
- Contact us on 1300 300 273 (not on the phone number on the email)
- Don’t open the attachment
If you’ve clicked or opened an attachment from a suspicious email, use your security anti-malware and anti-virus to scan and remove malicious software from your device.
Find out about current security alerts
-
Know what emails and SMSs should look like
Get to know what a real email or text message looks like from your super fund, bank, and other service providers you’re with. AustralianSuper authorised emails include ‘australiansuper.com’ in the link address. You can check this by hovering over the sender address. SMS messages use AusSuper as the sender’s name and will never include a link to click on.
-
Beware of unsolicited calls and SMS
Fraudsters may attempt to obtain personal information and account information over the phone or via SMS. Some things you can do if you suspect you have received a fraudulent call or SMS:
- If the caller claims to be an AustralianSuper employee and you have reason to doubt their identity, make a note of their name and contact number, before ending the call.
- Be aware of voice recorded messages that dial automatically and ask you to call a number back. These are generally fake and designed to get your personal information.
- Report any SMS you receive that has spelling errors, unfamiliar sender address, suspicious links, or requests for personal information.
If you receive a phone call or SMS that you’re unsure about:
- Contact us on 1300 300 273 (not the number within the SMS)
- Don’t click on the links within the SMS or forward the message on
- Delete the message once it’s been reported
If you’ve clicked on a link within a suspicious SMS, it’s possible your security could have been compromised. In such cases, contact us immediately on 1300 300 273.
-
Protect your device when browsing online
Fraudsters have a number of techniques to access your personal information online. Some ways you can stay safe online:
- Avoid sharing your personal information in public forums or social networks
- Regularly manage your cookies and delete your browsing history
- Before providing personal information online, check the browser address is green and secure (https and a closed padlock icon is in the URL bar)
- Make sure your current contact information is up to date, so we can contact you if a withdrawal is attempted on your super account, or we detect unusual activity.
Keep your mobile device secure
- Set up auto-lock on your device
- Sign out of websites when you’ve finished browsing
- Use a strong secret passcode on your devices lock screen
Keep your phone operating systems and apps up to date
- Only install apps from official app stores, such as Google Play or Apple Store
- Avoid installing apps from links received in emails, social media or websites that don’t look genuine.
- Manage the permissions for each app. Many apps collect personal data, like your contacts or location.
- Check the name of the app publisher before downloading
- Protect your device with up to date malware and the latest security updates
-
Our privacy policy
AustralianSuper collects and holds your personal information securely.
Read our Privacy Policy to learn more