October 21 2022

Handy tips to help you protect your super online

Help increase the security of your super from online criminals with these simple steps

You don’t need to be a tech expert to know that online criminal activity is on the rise.

You’ve worked hard to build up your super, so keeping your super safe is our top priority at Rest.

But there are also many things you can do to help minimise the risks of fraud and identity theft. This includes ways to keep your personal details safe online and knowing how to spot any suspicious activity.

What is identity theft?

Identity theft is when someone uses your personal information without your permission. They might do this to directly steal your super or create fake accounts using your details. One example of this is if someone tries to access your Rest super account online, or on the phone, and tries to change your details or withdraw your funds without your permission.

What can I do to keep track of my super account?

1. Update your contact details:

It’s important to keep your personal details up to date so that we can always contact you quickly if something serious happens. We encourage you to regularly log in to Rest MemberAccess and check that details such as your phone number and email are current.

2. Check your account for any unusual activity

Regularly checking transactions in your account is a great way to help you spot any unusual activity sooner. Things to look out for include your super balance, employer contributions, and insurance cover.

3. Opt in for digital communications

If you’re worried about the security of receiving paper mail to your letterbox, you can choose to receive digital communications through your email. Not sure how? Contact us and we can help. 

Other great tips to protect yourself from identity theft

1. Limit what you share online.

Set your social media privacy settings to ‘private’ and don’t accept ‘friend’ requests from strangers.

2. Before logging into websites, make sure they’re secure.

You can do this by checking for the padlock symbol in the address bar, and that the URL of a website starts with ‘https://’ not ‘http://’ (the ‘s’ stands for secure). 

3. Avoid clicking on any links or attachments in emails that you weren’t expecting.

Try to avoid entering personal details into unfamiliar websites. You can check to see if links and attachments are suspicious by copying the URL and sender domain details into freely available programs, such as Virustotal.


Cybercriminals often pretend to be well-known organisations to ask you to confirm your personal details via messages or websites. Rest will never ask you to update or confirm your details (like passwords).

4. Set strong passwords that will make it hard for other people to guess and always use Multi-Factor Authentication if available.

  • A minimum of 12 characters (the longer the better, this should even be a sentence)
  • Upper case, lower case, numeric, and special character values  
  • A random, memorable passphrase (but one that’s not easily guessed, such as “Rest”, “Super”, etc.)  
  • No personal information (pet names, street addresses, family names)
  • Use a different password for each online account you use and update them regularly. This includes your account with Rest.
  • Request a credit report to ensure that you have not been impacted by identity theft. If you suspect fraud, you can request a temporary ban, see the Office of the Australian Information Commissioner (OAIC) for more details.

5. Protect your computer by installing firewall software, anti-virus software.

Always make sure to install any new updates to your devices as soon as they become available.

6. Report any fraudulent activity immediately to your super fund.

For more tips, you can go to:

What does Rest do to keep your super safe?

Keeping your personal information and data secure is extremely important to us. Below are some of the many things we do to keep your super safe:

  • When you speak to our customer service team, we run a range of security checks to confirm your identity before we tell you confidential details or move ahead with any transactions.

  • Before withdrawing money to bank accounts, you must either obtain an online verification via GreenID (provider Vix Verify) or provide certified identification, such as passports or driver licences.

    Green ID requires a government ID from you and matches your details against official sources such as the Electoral Roll.

  • We have strict controls in place when releasing money and adhere to the Australian Privacy Legislation.

  • We are required to comply with laws to report and act on suspicious transactions. This includes co-operating with the police, regulators, and other law enforcement agencies in their investigations into fraud or suspicious transactions.

For more information, you can read Rest’s privacy policy


And remember, Rest will not be asking members to provide personal details via text or any social media platforms. 

Want to learn more?