Cyber criminals can use a variety of different channels – such as email, phone or in person – to try and capture your sensitive personal or work information, or get access to your personal or work devices.
This is act is commonly referred to as ‘phishing’. In this article, we look at ways you can protect yourself from cyber criminals by identifying phishing methods and the common scams targeting super accounts.
Types of phishing
Cyber criminals use phishing emails containing malicious links or attachments to try and trick you into disclosing your work or personal information or into downloading viruses or malware.
Phishing emails often look legitimate as if they are from a colleague, group, organisation or friend and they can be received at home or at work.
Did you know?
When sending phishing emails, cyber criminals not only consider what they look like but also when to send them with research showing that they prefer certain days of the week for certain types of malicious emails. By understanding email habits and by sending well-crafted emails at the just the right time, they hope to have a higher success rate.
How to stay safe
Whenever you receive an email, always remember to ask yourself:
- Who is the email from? Would you expect an email from this person, group or organisation or is it out of context?
- What are they asking you to do? Are they requesting personal, sensitive or financial information about you or asking you to do something that is different to the processes or procedures you’re used to?
- Hover your mouse over any link to see the real URL address behind it. If you’re unsure about an email that appears to be from Qantas Super, please contact us immediately.
Voice phishing is when a cyber criminal impersonates a legitimate company over the phone to try and trick you into disclosing your personal/financial information. Voice phishing is typically used to steal credit card numbers or other information used in identity theft schemes.
Did you know?
During tax time, cyber criminals try and trick people into disclosing their personal and financial details over the phone. They call saying that you have a tax debt which must be paid immediately, often threatening immediate arrest or court if you don’t pay straight away. They ask for payment using non-legitimate payment methods such as iTunes, store gift cards, or pre-paid visa cards.
How to stay safe
If you receive a phone call claiming to be from an organisation asking for sensitive personal/financial information, never provide your personal, credit card or online account details. Instead, ask for the caller’s name and contact number and make an independent check with the organisation in question to verify the legitimacy of the caller.
Phishing text messages
Text or SMS phishing is a form of fraud that uses mobile phone text messages to trick you into downloading mobile malware, visiting fraudulent websites or calling a fraudulent phone number.
Did you know?
Cyber criminals send text messages mimicking legitimate, trusted organisations. These messages contain malicious links which if clicked, could lead to a fake website designed to steal your personal/sensitive information or download malware onto your device.
How to stay safe
If you receive a text message that seems to be from your bank, utilities company, a retailer or Qantas Super asking you to click on a link, provide personal information or call a supplied number, verify the text is legitimate by contacting the sender via an independent source (even if it is from a friend, you should verify the message). Never click on links in text messages requesting personal information from unknown senders.
Common superannuation scams
There are a number of common phishing scams that criminals use to fraudulently gain access to superannuation. Here are a few to look out for:
- Fake payment scams: In this type of scam, a cyber criminal will send you a phishing text, email, or call asking you to make a payment via BPAY or bank transfer, which will send a payment to their account. For personal security reasons, Qantas Super will never send you a communication with your personal BPAY details. These details can be found by logging into your secure account online.
- Preservation age scams: Members who are nearing their preservation age are common targets for cyber criminals, because this means they are reaching the age when they can access their super. With this in mind, if you have reached, or are reaching your preservation age, be wary of anyone trying to convince you to roll over your super to another fund.
If you are ever in doubt of something you receive from Qantas Super, or something that states it’s from Qantas Super or another financial or government institution, the safest thing to do is to call the organisation. When calling, it’s safest to Google the official website of the organisation to find their phone number, rather than calling the number that may have been included in the email, text message, or call you received.
Sometimes it’s not just cyber criminals that we need to be on the lookout for; unfortunately, superannuation funds often see cases of financial abuse, particularly with older people. The person perpetrating the abuse could be your partner, carer, friend, or family member.
As MoneySmart explains, financial abuse is when someone takes away your access to money, manipulates your financial decisions, or uses your money without consent, and older people can be more vulnerable to financial abuse because they often depend on others for help with financial tasks and decisions.
You can learn more about financial abuse and how to protect yourself against it via MoneySmart.
We're here to help
If you receive an email, text message or phone call from someone you think is imitating Qantas Super, please contact us immediately before providing any information or clicking on any links. We can help you verify if the email, text message or caller is legitimate.
- If you were impacted by the Optus data breach, the Australian Government has developed a fact sheet to help you understand what you can do to protect your information
- Information from the Australian Cyber Security Centre (ACSC)
- Tips from MoneySmart on how to protect your personal information
- A guide from the Office of the Australian Information Commissioner on how to respond to a data breach notification