Staying safe from cyber security threats
ESSSuper - 31 Oct 2023
Super is the key to a happy and secure financial future, so it's essential to keep your super account safe from threats and scammers.
The super industry is worth billions, which means that super accounts – and the personal information held by super companies – can be major targets for cyber criminals. Constantly evolving technology makes it easier than ever to target people's identities and savings.
Learn more about the basics of keeping your personal information and your super secure.
How we protect you online
ESSSuper takes a comprehensive range of measures to ensure the safety of your super, as well as your personal information.
We keep you safe by:
- Confirming your details, including requesting proof of identity in some cases, when you contact us
- Offering a range of multi-factor authentication methods, and
- Using a range of systems and controls to ensure your data and transactions with us are secure.
How you can help protect yourself
Cyber security is a shared responsibility: there are actions you need to take to keep your personal information and your super protected.
1. Watch out for suspicious messages
Some of the common scams target super by "phishing" for your personal details. The senders of these messages pretend to be someone else to try to trick you in to handing over personal information.
Phishing messages can be sent in a number of ways:
- Email
- SMS
- Social media
- Instant messaging platforms, and
- Phone calls.
While we do use hyperlinks in emails to direct you to information on our website, ESSSuper will never send you an SMS or an email asking you for personal information, such as your account details and password.
If you don't want to click links in an email, you can always visit our website and search for information.
We will never call you and ask you to install software on your computer or device to check your super.
What you can do:
- Find out more about how to spot "phishing" emails and impersonation scams.
- Never provide your account details and password in response to a link in an SMS or an email.
- If you're ever in doubt about communications you receive from us, get in touch with the Member Service Centre using the contact information on our website.
- Monitor your account regularly and contact us about any suspicious activity.
2. Be aware of common scams targeting super
Every day, scams get more sophisticated, and it's increasingly easy for accounts – from social media accounts to bank accounts – to be accessed.
Scammers often take advantage of human nature and our need for financial security.
Common super scams can rely on you wanting to be able to access your super early, or wanting to increase your balance quickly.
Be aware if someone offers to withdraw your super or move it to a self-managed super fund (SMSF) so you can get the money, it could be a scam.
3. Be smart with passwords and multifactor authentication
Strong passwords are one of the most important steps for online privacy and security:
- Never use the same password on more than one account.
- Don't use obvious passwords, like "password", your name or birthday, or the names or birthdays of family members or pets.
Use multifactor authentication where it is available.
What you can do:
- Create unique and strong passwords that are:
- Based on a phrase that only you know, is at least eight characters long, and contains:
- One lower case letter – Example: a
- One upper case letter – Example: A
- One number – Example: 1
- Easy to remember, but difficult for someone else to guess
- Unique (don't reuse passwords from other websites or apps)
- Is only known to you, not shared with family or friends.
- Remember to change your password regularly and keep your ESSSuper account details confidential.
4. Use secure systems
Be careful what you share online (for example, on social media). Use privacy settings to control what you share. If the information you post online is publicly available, anyone can view it and use it to exploit you.
Ensure you're always using a network that is secure. This is particularly important if you are completing a high-risk transaction (for example, making changes in your super).
Public Wi-Fi often is not the best place to connect devices, as it could potentially have malicious users lurking for devices that can be manipulated or penetrated.
Keep your systems up to date. This means:
- Keep your computer's operating system and browser software up to date. Installing the latest updates for devices will ensure the most recent security patches are in place.
- Install antivirus software and update it regularly. Many antivirus programs also include email scanning, which will help you to identify threats and scams.
- Leaving the firewall enabled on your device, even if it is a secure network.
What you can do:
- Stay informed.
- Visit these helpful sites: