- Sponsored
- Money
- Super & retirement
- Super wars
With cyber-attacks on the rise, how safe is your super?
Brought to you by Aware Super
By Katie Cunningham
In 2023, Latitude Financial had 14 million customer records stolen from its system in a cyber-attack. In 2024, a hack on Medibank resulted in the personal details of 9.7 million customers being published on the dark web.
In April, it was Australian Super who became the target of cyber criminals, with a combined $500,000 stolen from four of its members.
Two-factor and multi-factor authentification can help to secure your superannuation.Credit: iStock
Clearly, cyber-attacks on superannuation funds are on the rise – and there’s a big reason why. “Superannuation is a $4 trillion Australian business,” says Kam-Fung Cheung, a lecturer in cybersecurity at the University of New South Wales Business School.
Superannuation represents an attractive pool of wealth to hackers. Which makes taking steps to protect it critically important – for both funds and individuals.
“For many Australians, their superannuation is going to be either the largest or second-largest asset they’ll ever own,” says Jo Brennan, group executive, member engagement, education and advice at Aware Super.
“It’s really super-important to be very vigilant and to protect and be across your super.” So how can you protect your superannuation? Here’s what the experts say.
How your fund can keep your money safe
Hackers typically gain access to super funds by purchasing passwords from data leaks via the dark web, then using those passwords to log into super accounts – a practice Cheung says is called “credential stuffing”.
So the most important piece of security any super fund can offer is two-factor or multifactor authentication. Two-factor authentication sends a notification to your device, for you to confirm or deny, with every login attempt.
It means that even if a hacker can determine your password, they still won’t be able to access your account.“Two-factor authentication is that number one step in the defence layer today,” says Brennan. “It gives an extra layer of security.”
An extra layer of authentication should be switched on for log-ins and every high-value transaction you make.
“Aware Super members [will] be prompted to go through the multi factor-authentication process both when they’re logging in, but also if they’re looking to submit a withdrawal for processing.”
Cheung agrees it’s the best tool we have to fight back against scammers.
“Whenever there’s an option to enable multifactor authentication or two-factor authentication, please do so. This will ward off many of the attacks,” he says.
Aware Super’s Jo Brennan.
What you can do to protect your super
Thanks to the prevalence of credential stuffing, using a strong, unique password also makes a huge difference. “Increase the length and also the complexity [of the password],” says Cheung, and avoid reusing the same password for multiple accounts.
And it pays to ensure your contact details – both mobile phone and email – are up-to-date, so your fund can contact you quickly if they notice any suspicious activity.
“At Aware Super, we have our call centre based in Australia, so that means that we can act super quickly if we need to and be in contact with our members,” says Brennan.
Another reason superannuation can be vulnerable to hackers is that we don’t always check super accounts as regularly as we do everyday banking accounts. That means we might not necessarily notice straight away if something is awry.
Brennan says cyber criminals “are looking for opportunities to find access to money that perhaps people aren’t paying too much attention to.” For that reason, she says it’s vital to regularly engage with your super.
“We really encourage our members to regularly check their balance,” she says, adding that Aware has an app that makes checking balances easy.
“You can check your retirement savings at any time – and that’s a great way of keeping them safe.”
- Advice given in this article is general in nature and is not intended to influence readers’ decisions about investing or financial products. They should always seek their own professional advice that takes into account their own personal circumstances before making any financial decisions.
Expert tips on how to save, invest and make the most of your money delivered to your inbox every Sunday. Sign up for our Real Money newsletter.