BOK logo
CHARTERED ACCOUNTANTS

How secure is your super account?

Share this article:

The past few years have seen significant data breaches from well-known Australian companies both inside and outside of the superannuation sector, exposing a huge amount of consumer personal identity information.

 

The cyber-attacks on superannuation funds reportedly used a technique called "credential stuffing" where cybercriminals used personal information stolen in previous data breaches (like email addresses and passwords) to attempt to access member accounts.

In the wake of recent cyber-attacks on several large Australian super funds, you might be wondering if there are more step to protect your retirement savings.

Here are some practical steps you can take to help keep your super safe:

  • Keep track of your super account: The best defence is regular monitoring. Check your balance periodically, verify employer contributions are coming through, review your insurance cover, examine your annual statement, and ensure your contact details are current.
  • Upgrade your passwords to passphrases: Never reuse passwords across different accounts. Instead, create a passphrase, which is a sentence or mix of four or more words that's easy for you to remember but difficult for others to guess. Include a combination of upper and lowercase letters, symbols and numbers, and aim for at least 14 characters.
  • Enable Multi-Factor Authentication (MFA): MFA adds an extra layer of protection by requiring two or more verification methods to access your account. This typically combines something you know (password/PIN), something you have (mobile device/security token), or something you are (fingerprint/facial recognition). Check if your super fund offers MFA and enable it if available.
  • Protect your devices: Secure all devices you use to access your super account. Use strong passwords or passcodes, set up biometrics where possible, enable auto-lock when not in use, and activate "find your device" services so you can lock or wipe your device if it's stolen.
  • Be wary of unsolicited communications: Take your time to verify the identity of anyone contacting you unexpectedly. Don't click links in suspicious emails or texts. Contact your fund directly using the official contact details from their website.
  • Report suspicious activity: Alert your super fund immediately if something doesn’t seem right with your account or if you receive suspicious communications.

 

 

AcctWeb

Want to know more?

Do you have a question about something you've read in this article? Need more information? Want to book an appointment? Simply let us know below and we'll get back to you ASAP.

Share this article:

Disclaimer

In the preparation of this website every effort has been made to provide accurate and timely information. However, errors can occur and applicable laws and regulations may change.

The information contained in the site is general and is not intended to serve as advice. No warranty is given as to the reliability of any information.

Users are encouraged to consult with professional advisers for advice before making any decisions that affect their own interests.

Bourke O’Brien Kennedy disclaims all and any liability to any person as to the consequences of anything done or omitted to be done by any person in reliance whether wholly or partially, upon any information contained in this website.

Links on this website are to resources managed by other parties over whom Bourke O’Brien Kennedy has no control. As such, Bourke O’Brien Kennedy accepts no responsibility as to the accuracy of any statement, opinion or advice contained in any of the supplied information and readers should rely on their own enquiries before making any decisions affecting their own interests.

Privacy Policy

We will only use the information you provide to us to respond to your requests and provide you with information about Bourke O’Brien Kennedy services.

Whenever you receive information from us electronically, you will always have an opportunity to request not to receive the information again and your wishes will be respected.

If you send us a curriculum vitae (CV) to apply for a position with Bourke O’Brien Kennedy, we will only use that information to consider you for available opportunities.

We do not share personal information with third parties except as necessary to carry out our business or as required by law or other processes. We do not sell personal information. All personnel with access to personal information ensure to maintain its confidentiality.

If you have questions or comments about anything to do with our website, please do not hesitate to contact us at bok@bok.com.au