Once you’ve left the workplace it’s virtually impossible to replace savings you’ve taken years to build up. But that’s what happened to Lee who lost $180,000 from his super last year [As reported on ABC news]. No one wants to go through this experience, so here are some ways of minimising your own risk of cyber theft.
Recent cyberattacks in the superannuation industry have sent a clear message that our digital assets remain under constant threat. Alarmingly, two-factor authentication (2FA), a fundamental security measure that could significantly reduce the likelihood of such breaches, is not yet standard practice across all platforms.
There are a few essential steps you can take to further safeguard your personal information by securing the devices you use every day – your phone and computer. Taking these precautions can significantly decrease your risk.
Securing your phone and tablet
Your phone holds a lot of personal data. Here’s how to make it safer:
- Strong Lock: Use a complex passcode or biometrics (fingerprint/face).
- Keep Updated: Regularly update your phone’s software and apps for security patches.
- Public Wi-Fi Caution: Avoid sensitive actions on public Wi-Fi or use a VPN.
- Think Before You Click: Don’t tap on suspicious links or download from unknown sources.
- Enable Find My Phone: Activate the feature to locate, lock, or wipe your phone if lost.
- Review App Access: Check which permissions your Apps have and revoke any unnecessary ones.
Fortifying your computer
Your computer is another key target for people who want to get their hands on your money. Follow these security basics:
- Strong Passwords: Use complex passwords for your computer and online accounts.
- Antivirus Protection: Install and keep updated antivirus software.
- Firewall On: Ensure your computer’s firewall is enabled.
- Software Updates: Regularly update your operating system and applications.
- Email Smarts: Be careful with email attachments and links from unknown senders.
- Regular Backups: Back up your important data to prevent loss.
Why Two-factor Authentification Matters
Think of your online accounts like your home. Your password is like the key to your front door. While a strong lock (password) is important, adding a second layer of security makes it significantly harder for unwanted guests to enter. That’s where Two-factor Authentification – or 2FA – comes in.
2FA works by requiring a second verification step in addition to your password. This second step is usually something only you have access to, like a unique code sent to your phone, a fingerprint scan, or a security key. So, even if a cybercriminal manages to steal your password, they still won’t be able to access your account without this second piece of the puzzle. This drastically reduces the risk of unauthorised access and helps keep your sensitive information safe across various online services, from email and banking to social media.
You are probably already required to use 2FA by your bank. It may feel like a pain, but it’s a very useful way of narrowing the possibility of having your account – and therefore your savings – compromised.
Protecting Your Retirement Essentials Account
The security of all Retirement Essentials members remains our top priority.
That’s why we’ve implemented phone verification as the required 2FA method when you log in to your account. This means that after you enter your password, you’ll receive a unique code via SMS on your trusted phone. You’ll need to enter this code to complete the log-in process.
While we understand this might feel like an extra step, it’s a vital shield to protect your information. By requiring this second layer of verification, we’re adding an additional safeguard against unauthorised access. Even if someone were to obtain your login password for Retirement Essentials, they would still need access to your specific phone to get that unique verification code.
By securing your data, we can then provide you with our free tools, which include the Retirement Forecaster, Life Expectancy Calculator and Disaster Scenario Calculator.
What do you think?
Should 2FA be a minimum requirement for all superannuation fund accounts?
Would you consider switching superannuation funds if yours doesn’t provide this level of security for your account?
> Should 2FA be a minimum requirement for all superannuation fund accounts?
Absolutely! 2FA typically relies on a code sent by SMS to a phone .. and it’s scary how easy it is to have your phone number ‘stolen’ through illegal porting. 2FA/MFA (multi-factor) can provide other safer options, e.g. a USB FIDO2 security key. Regrettably Australia is far behind the security 8-ball when it comes to MFA.
> Would you consider switching superannuation funds if yours doesn’t provide this level of security for your account?
Yes – I came close to doing that when my enquiries were blown off with bland and patronising ‘we care about the security of your account’ statements – coincidentally, my fund’s 2FA implementation came along before I took the plunge to switch.
I believe authenticator apps are more robust than a code sent by SMS. The text can be intercepted or read in real time by hackers whereas authenticator apps require passcode or face ID to unlock. It worrying how much is sitting in super accounts… a honey pot for hackers.
The other issue I am seeing now is clients getting frustrated when wanting to make a lump sum withdrawal and the lengthy process or delays involved, its not as straightforward or easy to access one’s own funds
2factor authentication is essential but too many organisations just have SMS to your phone. That has been a problem for me volunteering overseas in developing country. Some won’t use WhatsApp message as an option so I can’t get effective notifications while I have an in country SIM and phone number here. There’s got to be options as not 1 size fits all when it comes to 2fa
What about us poor suckers who don’t own a mobile ?
Can they not be programmed to send a code to your home phone?
well i hope if my super is left in the hands of ART i should not have problems so you
need to protect transactions from your end as well the retirement faze of life is becoming
a mine field for ordinary mums and dads of Australia we all should have poured money into real-estate at least we can see what we own and not effected as much as global uncertainty
we get brain washed by government so they don’t need to keep us in our old age