Tech

Multiple Super funds targeted as Cyber criminals look to steal your Superannuation

The Age is reporting that multiple Australian Superannuation funds have been targeted in a coordinated attack on the life savings of vulnerable Aussies. While it’s very early days for the reporting of this attack, EFTM can clarify several areas of concern for Australians as it stands.

Was this a Hack?

No. This was not a breach of the security systems at the Super funds, nor did the “attackers” get into the Super Fund networks or IT systems.

In fact, it’s much “simpler” than that.

These criminals have obtained the credentials (login email address and password) of Aussies and are using those to attempt a Super Fund login.

Different to a brute-force attack, in this situation they are relying on the simplicity of people who use the same password across multiple services.

If the password works, they will change the password, likely change the contact information and additionally change the banking information in the hope they can withdraw money.

Where do they get our Passwords from?

Usernames, Passwords, Email Addresses, and much more personal info is available for sale on the Dark Web. However, in this case, it’s likely the attackers were even more intelligent in their approach.

What they have done is looked for people who are older Australians, so where a record exists on the Dark Web that contains a name, email address, a password and a Date of Birth – the attackers have used that information to find people who are older, and more likely to have bulky super funds in the draw-down stage.

Essentially, we don’t have to look too far to consider where that information might have come from. Optus, Medibank, Latitude Financial – all sources of very detailed information, which can now be used and even combined to launch a more sophisticated attack.

In this case, it’s possibly a case of the chickens coming home to roost on the previous breaches that affected so many Aussies

How do they steal money from my Super?

If you are over 60 – your super fund is likely in the phase where you can start to draw down from it. So the attack likely didn’t target anyone under that age, and anyone under that age doesn’t really need to do much.

If you’re over 60 it’s possible they can change your banking information and attempt to withdraw from your super, going to their bank instead of yours.

Hopefully many Super Funds have pauses in place to ensure that funds are not transferred within days of any banking change, to avoid this kind of fraud.

Who should take action?

Every Super Fund holder, especially those with Rest Super, AustralianSuper, Insignia, Australian Retirement Trust and Host Plus should log into their accounts to make sure their passwords are still active.

Those over 60 should be on high alert for any emails from their Super Funds and if they believe there has been any suspicious activity, get in touch with the Super Fund directly.

Do NOT Click any links in emails claiming to be from your Super Fund suggesting you check your account or change passwords.

Additionally, setup two factor authentication, and if it’s not available with your fund – change funds, because that should be a basic addition to any financial product’s online security.

Recent Posts

  • Tech

2026 will be the battle of “RGB” in TV technology – what. the. heck. is. that?

If you're still catching up on Quantum Dots, OLED, Mini LED and are thinking that…

8 hours ago
  • Tech

NBN gets set for the final roll out of Fibre upgrades to another 600,000 homes

The NBN is getting ready to lock in the final stage of the Fibre to…

13 hours ago
  • Motoring

The stunning new BMW iX3 is a vision for the future realised as Neue Klasse comes to market

BMW has revealed the first new model to be designed and engineered under their 2025…

16 hours ago
  • Tech

Best in Smart Home – The SwannBuddy 4K Video Doorbell with AI wins at the IFA Innovation Awards

The SwannBuddy4K Video Doorbell with SwannShield™AI Voice Assistant has been given an Honouree accolade for…

24 hours ago
  • Tech

360 degree security camera coverage and smart AI capabilities come to Reolink security lineup at IFA 2025

Reolink is a bit of an upstart when it comes to home security but having…

1 day ago
  • Lifestyle

LG unveil its AI plans for your home appliances at IFA 2025

LG has announced its vision for AI-powered living at IFA 2025 under the moniker “LG…

1 day ago