You don’t need to be a tech expert to know that online criminal activity is on the rise.
You’ve worked hard to build up your super, so keeping your super safe is important to us at Rest.
But there are also many things you can do to help minimise the risks of fraud and identity theft. This includes ways to keep your personal details safe online and knowing how to spot any suspicious activity.
What is identity theft?
Identity theft is when someone uses your personal information without your permission. They might do this to directly steal your super or create fake accounts using your details. One example of this is if someone tries to access your Rest super account online, or on the phone, and tries to change your details or withdraw your funds without your permission.
What can I do to keep track of my super account?
1. Update your contact details:
It’s important to keep your personal details up to date so that we can always contact you quickly if something serious happens. We encourage you to regularly log in to Rest MemberAccess and check that details such as your phone number and email are current.
2. Check your account for any unusual activity
Regularly checking transactions in your account is a great way to help you spot any unusual activity sooner. Things to look out for include your super balance, employer contributions, and insurance cover.
3. Opt in for digital communications
If you’re worried about the security of receiving paper mail to your letterbox, you can choose to receive digital communications through your email. Not sure how? Contact us and we can help.
Super scams to watch out for
According to ASIC’s MoneySmart website, a few common scams that you should be aware of are:
Opening a self-managed super fund
Scammers might contact you to suggest you start a self-managed super fund (SMSF) to “take control” of your super. The aim of this scam will be to get you to hand over your personal details and/or transfer your super balance to them.
What they may do:
Offer investment in high-return schemes that don't exist.
Show fake investment returns through bogus apps or software.
Claim they'll handle everything, so you don't need to consult anyone else.
Suggest putting your super into riskier investments, like cryptocurrency.
Remember to be cautious about any “organisation” contacting you out of the blue for personal details or for you to transfer your super balance. If it seems too good to be true, it often is.
Early access of super scams
A scammer may try to “help” you access your super early. They’ll often try and do so through ways that do not satisfy a condition of release. This may look like:
A cold call offering you help to access your super early, or another type of “assistance” that requires you to provide your details over the phone.
An email or letter asking you to provide personal details (typically in a form that looks legitimate) to take an action like withdrawing your super early or transferring it to an SMSF.
Remember to never trust someone who contacts you out of the blue requesting your personal information. You can always contact your super fund directly to confirm the details of the communication.
Phishing scams
The scammer may pretend to be a trustworthy organisation, such as your super fund, a bank, or the government. They may:
ask you for your personal information; or
send an email with a link that, if clicked, lets them access your computer and personal accounts.
They may use this information to access your super and transfer your balance to their account.
Remember some of the common signs of phishing scams include an email address with spelling mistakes or that doesn’t match the company name.
Other great tips to protect yourself from identity theft
1. Limit what you share online.
Set your social media privacy settings to ‘private’ and don’t accept ‘friend’ requests from strangers.
2. Before logging into websites, make sure they’re secure.
You can do this by checking for the padlock symbol in the address bar, and that the URL of a website starts with ‘https://’ not ‘http://’ (the ‘s’ stands for secure).
3. Avoid clicking on any links or attachments in emails that you weren’t expecting.
Try to avoid entering personal details into unfamiliar websites. You can check to see if links and attachments are suspicious by copying the URL and sender domain details into freely available programs, such as Virustotal.
If you call Rest, an operator may ask a series of security questions in which you may confirm your personal information. However, this interaction is initiated by you. Rest will never call or text you out of the blue to ask for details like your passwords.
4. Set strong passwords that will make it hard for other people to guess and always use Multi-Factor Authentication if available.
A minimum of 12 characters (the longer the better, this should even be a sentence)
Upper case, lower case, numeric, and special character values
A random, memorable passphrase (but one that’s not easily guessed, such as “Rest”, “Super”, etc.)
No personal information (pet names, street addresses, family names)
Use a different password for each online account you use and update them regularly. This includes your account with Rest.
Request a credit report to ensure that you have not been impacted by identity theft. If you suspect fraud, you can request a temporary ban on your credit report to ensure no unauthorised loans or applications, see the Office of the Australian Information Commissioner (OAIC) for more details.
5. Protect your computer by installing firewall software, anti-virus software.
Always make sure to install any new updates to your devices as soon as they become available.
6. Report any fraudulent activity immediately to your super fund.
Contact us on 1300 300 778 between 8am-8pm (AEST/AEDT) Monday to Friday.
You may also report a scam on the Australian Government’s Scamwatch website, or the Australian Taxation Office directly on 13 10 20.
Respond to a data breach notification from the Office of the Australian Information Commissioner (OAIC)
What does Rest do to keep your super safe?
Keeping your personal information and data secure is extremely important to us. Below are some of the many things we do to keep your super safe:
When you speak to our customer service team, we run a range of security checks to confirm your identity before we tell you confidential details or move ahead with any transactions.
Before withdrawing money to bank accounts, you must either obtain an online verification via GreenID (provider Vix Verify) or provide certified identification, such as passports or driver licences.
Green ID requires a government ID from you and matches your details against official sources such as the Electoral Roll.
We are required to comply with laws to report and act on suspicious transactions. This includes co-operating with the police, regulators, and other law enforcement agencies in their investigations into fraud or suspicious transactions.
For more information, you can read Rest’s privacy policy.
Was this page helpful?
Want to learn more?
Starting out
Superannuation for Under 18s
Discover whether under 18s are eligible for super and what the super guarantee is.
