While we work hard to protect your account, there are things you can do to prevent people getting hold of your super or personal information. Knowing what to look for and taking some simple security steps means you’re better prepared against online fraud.
Reporting fraud or suspicious behaviour
If you think someone has accessed your account or you’ve received a suspicious email or phone call from someone claiming to be UniSuper, please call us on 1800 331 685 (+61 3 8831 7901 from outside Australia).
How we protect you
These certificates confirm that the website is authentic and that your data is encrypted. When logged in to your account:
- Always make sure the URL is correct. The URL when accessing your online account will always start with ‘https://memberonline.unisuper.com.au’
- Check for a lock icon either at the top or bottom of your browser window. If you click on this, it should display the SSL (Secure Sockets Layer) certificate details.
Login and session timeouts
We restrict access to your online account if there are a number of failed login attempts. Your session will also timeout after 10 minutes of inactivity.
We send our emails through a secure provider.
We may use information like your age, balance (e.g. higher or lower balances), account type, employer or location to ensure we send information that is relevant and useful to you. Other than your first name, we never include your personal information in the body of our emails, nor is it stored with our provider. We will never request financial or personal information from you in our emails.
What you can do
Your online account makes it easier for you to manage your super but online transactions do carry a small risk, so you should take steps to protect yourself.
- Use a password that is difficult for others to guess.
- Change your password regularly.
- Never give your password to another person.
- Avoid doing any transactions or submitting confidential details while using a public Wi-Fi network.
- Use devices you trust and that are protected with the latest anti-virus and security software.
- Log in to your online account from either unisuper.com.au or m.unisuper.com.au (mobile version) or type unisuper.com.au/memberonline or memberonline.unisuper.com.au into your browser.
- Check the security certificate to confirm that the site is authentic. When logged in, the web address should start with ‘https://memberonline.unisuper.com.au’. Also look for a lock icon either at the top or bottom of your browser window. If you click on this, it should display the SSL (Secure Sockets Layer) certificate details.
- Don’t leave your computer unattended while you are logged in.
- Beware of people who might look over your shoulder to watch you enter your password or see your personal information on your screen.
- Don’t share your personal information in public—people may be listening for this information. If you need to call us, for example, make the call from home or a private room.
- Always log out when you’re finished.
Check your balance, login and transaction history regularly
You may not realise immediately if someone has accessed your super account. Checking your balance, transaction and login history regularly will help you to spot any unusual activity.
What to look for
Phishing is the practice of posing as a trustworthy person or business in communications like email, texts or instant messages to gain your personal information, such as passwords and credit card details.
Signs of a phishing communication can include:
- not addressing you by your name, or using unusual forms of address
- misspellings and inconsistent graphics/ images
- asking you for sensitive information such as financial or personal information
- creating a sense of urgency—scammers may try to test your better judgment by stating that something needs your immediate attention
- sender address that looks unfamiliar or peculiar
- unfamiliar or unexpected attachments contained in the email—don’t open them as they may contain malicious software.
We won’t send you emails asking you to confirm, update or disclose your confidential financial information. If you receive an email that you believe may be a hoax, don't click on any links and email it as an attachment to email@example.com.
Suspicious phone calls
If you receive a call from someone who claims to be from your bank or any other organisation, don't give them your details. Call the organisation in question on their publicly listed number to check it’s really them calling.
What to do if you suspect fraudulent activity
- If you think someone has accessed your account, call us immediately on 1800 331 685.
- If you think someone has your account password, change it immediately.
- If you receive a suspicious email or phone call from someone claiming to be from UniSuper, call us or forward the email as an attachment to firstname.lastname@example.org. Don’t click any links in the email.