You’ve worked hard to build up your super, so keeping your super safe is important to us at Rest.
But there are also many things you can do to help minimise the risks of fraud and identity theft. This includes ways to keep your personal details safe online and knowing how to spot suspicious activity.
What can I do to help keep my super account safe?
1. Update your contact details
It’s important to keep your personal details up to date so that we can always contact you quickly if something serious happens. We encourage you to regularly log in to the Rest App or MemberAccess and check that your personal details, such as your phone number and email are current.
2. Check your account for any unusual activity
Regularly checking transactions in your account is a great way to help you spot any unusual activity sooner. Things to look out for include your super balance, employer contributions, and insurance cover.
3. Ensure you keep your details secure
Always ensure you keep identification details and passwords private and secure.
4. Opt in to receiving email communications
Ensure you stay up to date with all correspondence from your fund. If you’re worried about the security of receiving paper mail in your physical letterbox, you can choose to receive digital communications through your email. Not sure how? Contact us and we can help.
Super scams to watch out for
According to ASIC’s MoneySmart website, here are a few common scams that you should be aware of:
Opening a self-managed super fund
Scammers might try to convince you to start a self-managed super fund (SMSF), falsely claiming it will help you take control of your super. The aim of this scam will be to get you to hand over your personal details and/or transfer your super balance to them. They may do this by:
offering investment in high-return schemes that don't exist
showing fake investment returns through bogus apps or software
claiming they'll handle everything, so you don't need to consult anyone else
suggesting that you put your super into riskier investments, like cryptocurrency
Be cautious about anyone contacting you out of the blue for personal details or for you to transfer your super balance. If it seems too good to be true, it often is.
Early access of super scams
A scammer may try to convince you that they're trying to “help” you access your super early, but this is likely illegal and puts your super at risk. They’ll often try and do so through ways that do not satisfy a condition of release. This type of scam may look like:
a cold call falsely offering you help to access your super early, or another type of “assistance” that asks for your details over the phone
an email or letter asking you to provide personal details (typically in a form that looks legitimate) to take an action like withdrawing your super early or transferring it to an SMSF.
You can always contact your super fund directly to confirm the details of the communication.
Phishing scams
The scammer may pretend to be a trustworthy organisation, such as your super fund, a bank, or the government. They may:
ask you for your personal information; or
send an email with a link that, if clicked, lets them access your computer and personal accounts.
They may use this information to access your super and transfer your balance to their account.
Some of the common signs of phishing scams include an email address with spelling mistakes or one that doesn’t match the company name.
What is identity theft?
Identity theft is when someone uses your personal information without your permission. They might do this to directly steal your super or create fake accounts using your details. For example, if someone managed to access your Rest super account online, or on the phone, they might try to change your details or withdraw your funds without your permission.
Other tips to protect yourself from identity theft
1. Limit what you share online
Set your social media privacy settings to ‘private’ and don’t accept ‘friend’ requests from strangers.
2. Before logging into websites, make sure they’re secure
You can do this by checking for the padlock symbol in the address bar, and that the URL of a website starts with ‘https://’ not ‘http://’ (the ‘s’ stands for secure).
3. Avoid clicking on any links or attachments in emails that you weren’t expecting
Try to avoid entering personal details into unfamiliar websites. You can check to see if links and attachments are suspicious by copying the URL and sender domain details into freely available programs, such as Virustotal.
If you call Rest, an operator may ask a series of security questions to confirm your personal information. However, this interaction is initiated by you. Rest will never call or text you out of the blue to ask for details like your passwords.
4. Set strong passwords that will make it hard for other people to guess and always use multi-factor authentication if available
Some characteristics of a strong password include:
at least 12 characters long (the longer the better, this could even be a sentence)
a mix of upper case, lower case, numeric, and special character values
a random, memorable passphrase (but one that’s not easily guessed, such as “Rest”, “Super”, etc.)
no personal information (pet names, street addresses, family names)
Consider using a different password for each online account you use and update them regularly. This includes your account with Rest.
5. Protect your computer(s) by installing firewall software, and/or anti-virus software
Always make sure to install any new updates to your devices as soon as they become available.
6. Report any fraudulent activity immediately to your super fund
Contact us on 1300 300 778 between 8am-8pm (AEST/AEDT) Monday to Friday.
You may also report a scam on the Australian Government’s Scamwatch website, or the Australian Taxation Office (ATO) directly on 13 10 20.
Request a credit report to ensure that you have not been impacted by identity theft. If you suspect fraud, you can request a temporary ban on your credit report to ensure no unauthorised loans or applications. See the OAIC website for more details.
What does Rest do to keep your super safe?
Keeping your personal information and data secure is extremely important to us. There are many things we do to keep your super safe:
When you speak to our customer service team, we run a range of security checks to confirm your identity before we tell you confidential details or move ahead with any transactions.
Before withdrawing money to bank accounts, you must either obtain an online verification or provide certified identification, such as passports or driver licences.
Online verification requires a government ID from you and matches your details against official sources such as the Electoral Roll.
We are required to comply with laws to report and act on suspicious transactions. This includes co-operating with the police, regulators, and other law enforcement agencies in their investigations into fraud or suspicious transactions.
Your privacy is important to us. We are committed to protecting the privacy of personal information that we collect and how we handle personal information and comply with applicable privacy laws.
For more information, you can read Rest’s privacy policy.
Was this page helpful?
Want to learn more?
Growing your family
What happens to super when you take parental leave?
Learn what happens to your super when you go on parental leave, whether super is paid on parental leave, and what the types of parental leave are.
