Social engineering is the art of tricking you into disclosing your sensitive personal or work information (e.g. your passwords, super account information, credit card details) or into providing access to your personal or work computers or devices. Cyber criminals use a variety of different channels – such as email, phone or in person – to try and gain access to or capture your information. This is act is commonly referred to as ‘Phishing’. In this article, we look at ways you can protect yourself from cyber criminals by identifying phishing.

Phishing emails

Cyber criminals use phishing emails containing malicious links or attachments to try and trick you into disclosing your work or personal information or into downloading viruses or malware.​

Phishing emails often look legitimate as if they are from a colleague, group, organisation or friend and they can be received at home or at work.​

Did you know?

When sending phishing emails, cyber criminals not only consider what they look like but also when to send them with research showing that they prefer certain days of the week for certain types of malicious emails. By understanding email habits and by sending well-crafted emails at the just the right time, they hope to have a higher success rate.

How to stay safe

Whenever you receive an email, always remember to ask yourself:

  • Who is the email from? Would you expect an email from this person, group or organisation or is it out of context?
  • What are they asking you to do? Are they requesting personal, sensitive or financial information about you or asking you to do something that is different to the processes or procedures you’re used to?
  • Hover your mouse over any link to see the real URL address behind it. If you’re unsure about an email that appears to be from Qantas Super, please contact us immediately.

Voice phishing

Voice phishing is when a cyber criminal impersonates a legitimate company over the phone to try and trick you into disclosing your personal/financial information. Voice phishing is typically used to steal credit card numbers or other information used in identity theft schemes.

Did you know?

During tax time, cyber criminals try and trick people into disclosing their personal and financial details over the phone. They call saying that you have a tax debt which must be paid immediately, often threatening immediate arrest or court if you don’t pay straight away. They ask for payment using non-legitimate payment methods such as iTunes, store gift cards, or pre-paid visa cards.

How to stay safe

If you receive a phone call claiming to be from an organisation asking for sensitive personal/financial information, never provide your personal, credit card or online account details. Instead, ask for the caller’s name and contact number and make an independent check with the organisation in question to verify the legitimacy of the caller.​

Phishing text messages

Text or SMS phishing is a form of fraud that uses mobile phone text messages to trick you into downloading mobile malware, visiting fraudulent websites or calling a fraudulent phone number.

Did you know?

Cyber criminals send text messages mimicking legitimate, trusted organisations. These messages contain malicious links which if clicked, could lead to a fake website designed to steal your personal/sensitive information or download malware onto your device.

How to stay safe

If you receive a text message that seems to be from your bank, utilities company, a retailer or Qantas Super asking you to click on a link, provide personal information or call a supplied number, verify the text is legitimate by contacting the sender via an independent source (even if it is from a friend, you should verify the message). Never click on links in text messages requesting personal information from unknown senders.

We're here to help

If you receive an email, text message or phone call from someone you think is imitating Qantas Super, please contact us immeditately before providing any information or clicking on any links. We can help you verify if the email, text message or caller is legitimate.