Tech

Multiple Super funds targeted as Cyber criminals look to steal your Superannuation

The Age is reporting that multiple Australian Superannuation funds have been targeted in a coordinated attack on the life savings of vulnerable Aussies. While it’s very early days for the reporting of this attack, EFTM can clarify several areas of concern for Australians as it stands.

Was this a Hack?

No. This was not a breach of the security systems at the Super funds, nor did the “attackers” get into the Super Fund networks or IT systems.

In fact, it’s much “simpler” than that.

These criminals have obtained the credentials (login email address and password) of Aussies and are using those to attempt a Super Fund login.

Different to a brute-force attack, in this situation they are relying on the simplicity of people who use the same password across multiple services.

If the password works, they will change the password, likely change the contact information and additionally change the banking information in the hope they can withdraw money.

Where do they get our Passwords from?

Usernames, Passwords, Email Addresses, and much more personal info is available for sale on the Dark Web. However, in this case, it’s likely the attackers were even more intelligent in their approach.

What they have done is looked for people who are older Australians, so where a record exists on the Dark Web that contains a name, email address, a password and a Date of Birth – the attackers have used that information to find people who are older, and more likely to have bulky super funds in the draw-down stage.

Essentially, we don’t have to look too far to consider where that information might have come from. Optus, Medibank, Latitude Financial – all sources of very detailed information, which can now be used and even combined to launch a more sophisticated attack.

In this case, it’s possibly a case of the chickens coming home to roost on the previous breaches that affected so many Aussies

How do they steal money from my Super?

If you are over 60 – your super fund is likely in the phase where you can start to draw down from it. So the attack likely didn’t target anyone under that age, and anyone under that age doesn’t really need to do much.

If you’re over 60 it’s possible they can change your banking information and attempt to withdraw from your super, going to their bank instead of yours.

Hopefully many Super Funds have pauses in place to ensure that funds are not transferred within days of any banking change, to avoid this kind of fraud.

Who should take action?

Every Super Fund holder, especially those with Rest Super, AustralianSuper, Insignia, Australian Retirement Trust and Host Plus should log into their accounts to make sure their passwords are still active.

Those over 60 should be on high alert for any emails from their Super Funds and if they believe there has been any suspicious activity, get in touch with the Super Fund directly.

Do NOT Click any links in emails claiming to be from your Super Fund suggesting you check your account or change passwords.

Additionally, setup two factor authentication, and if it’s not available with your fund – change funds, because that should be a basic addition to any financial product’s online security.

Recent Posts

  • Tech

Corsair announce the Vanguard 96 mechanical gaming keyboards with integrated LCD screen and Elgate Stream Deck

Corsair has announced the new VANGUARD PRO 96 Hall Effect Gaming Keyboard and VANGUARD 96…

1 day ago
  • Tech

Swann announces 2 new cameras in their EVO range

Swann has announced two additional cameras in their popular EVO range. The EVO Wireless 2K…

1 day ago
  • Tech

Anker SOLIX has a new battery-powered portable electric cooler just in time for camping season — the Everfrost 2

Anker SOLIX has announced the Australian launch and availability of the portable electric cooler, the…

1 day ago
  • Tech

Australian pricing announced and pre-orders open for ROG Xbox Ally and ROG Xbox Ally X

After announcing the new ROG Xbox Ally and ROG Xbox Ally X gaming handhelds back…

2 days ago
  • Product News

Samsung Launches Expanded Galaxy Line-Up in Australia covering wearables, phones and tablets

Samsung has announced a new suite of devices heading to Australia from today, expanding their…

2 days ago
  • Tech

Samsung Galaxy S25 FE Review: A good phone at the right price

Samsung recently announced the new Galaxy S25 FE ahead of IFA, bringing a new more…

2 days ago