Security

How QSuper protects you online

At QSuper, we take your privacy and security seriously, and we work hard to keep your information and super safe.

• To access Member Online or our app, we ask you to set a username that’s unique to you.
• All communications from Member Online are encrypted.
• If you want to reset your password, we use multi-factor authentication via SMS or email to make sure it's really you.
• We use a variety of methods to protect your privacy when we collect data from you.
• We complete independent security audits, check your accounts, and monitor your high-risk transactions. We’ll let you know about suspected fraud and investigate it for you.
• We collaborate with governing bodies such as ASIC (Australian Securities and Investments Commission) and APRA (Australian Prudential Regulation Authority) to ensure we have the right systems and processes in place.

How you can protect yourself

Avoid scams

Never reply to or click on a link in an email that you're suspicious of. Only log in to Member Online from our website.

We recommend you remove emails that contain your personal details from your email 'sent' and 'deleted' folders, and dispose of unwanted documents securely.

You can also review your browser settings (such as IE, Chrome, Safari) and enable fraudulent website warnings.

If you get any suspicious emails, phone calls, or text messages about your QSuper account, or if you've clicked on a suspicious link or given your details somewhere you shouldn't have, please call us. We will never email you asking you to provide the personal details of your account.

During events such as a natural disaster or pandemic, there is a high chance of seeing scams, so keep up-to-date by checking ACCC Scamwatch for the latest scams to be aware of.

For more information about common online scams and what to do if you think you've been scammed, visit the Australian Cyber Security Centre.

Know your numbers

Checking your super balance regularly and updating your personal details in Member Online can help you keep track of your super.

Regularly check your super balance in our mobile app or Member Online.

Protect your password

Use a Member Online password that’s easy to remember, but difficult for others to guess. It should be at least 8 characters long, a mix of numbers and letters, contain a special character, and not based on personal information that others may be able to identify.

• Don’t use the same password for every website or email account you use.
• Change your password regularly and don’t record it anywhere or share it with anyone - including your family, accountant, or financial adviser. We will never ask you for your password.
• Use a password manager, such as Password Safe or KeePass, to store and retrieve passwords.
• Opt in to 2-factor authentication or 2-step verification for emails, online storage, and social media.
• If you need to reset your password, you can change it quickly online or call us on 1300 360 750.

You can also contact us to activate additional security checks on your account.

Update your financial adviser's authority

Make sure your financial adviser's authority to access information about your QSuper account is up-to-date. Your financial adviser's authority to access your account will expire if you have set an expiry date, but it's also worth cancelling any authority when you stop working with an adviser or firm.

Use social media responsibly

Review your social media account settings regularly to ensure you are not sharing any data (including photos) publicly. Always consider what a hacker might be able to find out from a public post.

Never give out your full name, date of birth, or address unless legally required. Some organisations want it, such as Facebook or Spotify, but don’t need it.

Keep your mobile devices and computer up-to-date

It’s important to keep your smartphone, tablet, computer, software, and apps updated to protect your personal details.

• Set your devices to automatically update its security against the latest threats, or set a regular reminder in your phone to check for updates.
• No more security updates are being issued by Microsoft for Windows XP, so if you still use XP, think about upgrading. For your mobile phone and other devices, install security and antivirus apps such as:
  
  • Sophos Mobile Security for Android.
  • Sophos Mobile Security for iOS.
  • Lookout Personal Mobile Security for Android and iOS.
• For your computer, use up-to-date antivirus software, spam filters, and security software to protect against viruses and other malicious software that hackers use to steal your personal information.
• Use wireless network security (WPA2 with a long password) and a personal firewall to protect your home network from being accessed by others.

Avoid using public wi-fi

Avoid using public wi-fi, and be cautious if you ever have to use public internet facilities (like internet cafes or libraries). They may contain hacking viruses or software designed to capture your username and passwords.

• Make sure the website address (URL) starts with https:// and check the web security certificate is valid (you can usually do this by clicking on the padlock near the website address).
• Don’t leave your computer unattended while you’re logged on, and never leave your personal information in open view in a public place.
• Remember to always log off - your personal information is very valuable to fraudsters who commit identity theft.
• You can also use a VPN (virtual private network) to create a private network when using a public internet connection.