Protect your account


No one likes being the victim of a crime. But whilst we take action straight away if our home is broken into or if our bank cards are missing or stolen, we may not always realise immediately if someone has tapped into our super or accessed our personal information online.

Email fraud - "phishing"

Most people are aware of spamming, but a lot of people may not be so familiar with phishing.

Phishing describes cybercriminals’ attempts to fraudulently acquire your personal information, such as passwords and credit card details, by masquerading as a trustworthy person or business in electronic communications including email, texts or instant messages.

  • Signs of a phishing communication can include:
  • not addressing you by your name, or using unusual forms of address
  • misspelling and inconsistent graphics/ images 
  • asking you for sensitive information
  • creating a sense of urgency—scammers may try to test your better judgment by stating that something needs your immediate attention.
  • sender address that looks unfamiliar or peculiar, or
  • unfamiliar or unexpected attachments contained in the email—don’t open them as they may contain malicious software.

We won’t send you emails requesting you to confirm, update or disclose your confidential financial information. If you receive an email that you believe may be a hoax, forward it as an attachment to us and we’ll look into it.


How we secure our communications

Electronic communications 

You may receive electronic direct mail (EDMs) from us from time to time with important updates about UniSuper and your account. We use a secure, digital provider to send emails and only use general information about you (such as your first name and the email address we have on file) within them.  

When we send more personalised emails, we draw from information such as a member’s age, balance amount (e.g. higher or lower balances), account type, employer or location. This allows us to provide relevant and useful information to specific groups of members. We never disclose this information within the emails sent, nor is it stored with our EDM provider.
We also have a robust privacy policy that sets out how and why we use and collect personal information in more detail.


Your secure online account makes it easier for you to manage and keep track of your super. 

From your account, you can:

  • access detailed super or retirement income transaction information
  • review your current investment strategies
  • review and update your insurance cover
  • update your beneficiary details (except for a binding nomination)
  • update your personal details, such as address, telephone and email address
  • make personal contribution payments. 

Accessing your online account

If you’re accessing your online account for the first time, you’ll need to set up your user details.

You can do this online; all you need is your member number and date of birth. You then set up your account with your own unique user name so that it is easy for you to remember in the future.

You’ll need the latest versions of Internet Explorer, Firefox, Chrome or Safari to use the site, or you can use your smart phone or tablet.

Protecting your retirement savings online

Online transactions carry a small risk and you should take steps to protect your privacy and access to your online account:

  • Use a password that is difficult for others to guess.
  • Change that password regularly.
  • Never give your password to another person.
  • Think twice before conducting any transactions or submitting confidential details online using a public Wi-Fi hotspot.
  • Use devices you trust and that are protected with the latest anti-virus software.
  • Before logging in to your online account, always make sure the website you are logging in from is either or (mobile version). If in doubt, go directly to or 
  • Check the security certificate to confirm that the site is authentic and to confirm your data is encrypted. When logged in to your account, the web address should start with ‘https’. In addition, look for a lock icon either at the top or bottom of your browser window. If you click on this it should display the SSL (Secure Sockets Layer) certificate details.

    Phishing-MOL-1 Phishing-MOL-2 Phishing-MOL-3
  • Do not leave your computer unattended while you are logged in to your account.
  • Always log out after finishing.
  • Ensure you have up-to-date security software installed on your computer before performing online transactions.

What can I do to protect my account?

When it comes to your super, which is likely to be one of your biggest assets one day, what are some things you can do to help protect it?

  • Check your balance regularly. While we send you two statements each year, you can check your balance at any time online. Making a habit of monitoring your account and checking the latest superannuation news or changes on a regular basis can not only help you understand how super works, but also give you added reassurance about your balance. 
  • Keep it personal. If you receive a call from someone who claims to be from your bank or any other organisation, don't give them your details. Call the organisation in question on their publicly listed number to check it’s really them calling. Never click on a link or call a phone number in an email - use a phone directory to look up the correct number.
  • Ensure your computer, tablets and phone have quality security software and are password protected.

You can check out the MoneySmart website for some more tips. 

Get in touch

If you receive an email that you believe may be a hoax, email us with the attachment and we'll look into it.