Protecting your privacy and identity

Your privacy is our top priority and First State Super takes all possible security precautions to make sure your super is safe and to protect your confidential information. But we need your help to ensure you minimise the risks of identity theft and other breaches of privacy. Identity theft is when your personal information is used to conduct fraudulent activity, like another person accessing your First State Super account online and attempting to withdrawal your funds.

Here are some simple steps you can also take to ensure your privacy and identity is protected from theft.

Report fraud

Contact us

Are you keeping track of your account?

Updating your personal details with us is important.  If a breach of privacy does occur, we want to be able to contact you quickly to verify your identity and manage the security risk as swiftly as possible.  In particular, make sure your mobile number and email address are current, so that we can send you regular updates.

Keeping up to date with your account in other ways is also the best way to recognise any unusual activity on your account. It’s important that all transactions on your account match what you believe should be occurring, so:

  • Check you super balance regularly
  • Track your employer contributions
  • Download your annual statement
  • Review your insurance cover (if you have it).

The easiest way to update your personal details and keep track of your account is to log in to your online account. You can update your details here. If you do not have an online account you can register here. Alternatively, you can download our mobile app to update your personal details and manage your account.

When you register for an online account or download the mobile app, you will receive an SMS or email security code to confirm your identity.  If you receive a confirmation for a change you did not make, please contact us immediately on 1300 650 873.

Other tips to protect your identity

  • Most fraud in superannuation is linked to compromised email addresses. The single most important thing you can do is to protect your personal email mailbox. You can do this by ensuring you use a strong password, change your email password regularly and turn on additional security verification options such as multifactor (also known as two factor) authentication on your mailbox. All mainstream email providers, such as Microsoft and Google, provide this functionality for free, you just have to turn it on.
  • Avoid storing any copies of identity documents in your email or cloud storage such as copies of your passport, driver’s licence or birth certificate.
  • Keep an eye on your letterbox and try to keep it secure. Mail theft is a common starting point for identity fraud. Consider locking your mailbox with a padlock.
  • Be cautious about giving detailed or identifying information to you about your super accounts to third parties. Keep your Tax File Number (TFN) confidential at all times.
  • Be wary of offers to release to superannuation benefits to you before retirement. These offers could be illegal, and you may end up paying heavy tax and legal penalties.
  • Consider what you do with your old benefit statements and other documents containing your personal details. Shredding documents may prevent someone wanting to commit fraud, or a scammer, accessing information about you from your rubbish bin.

To receive your statement electronically, log in to your account, go to your profile and and change your communication preference to ‘by email’.

  • Avoid using generic work-related email such as manager@yourcompany.com.au as this will make it difficult for us to contact you, in the event of a privacy breach.
  • If something seems odd, report it! If you receive an offer to access your super through an illegal scheme, contact ASIC or the ATO to report your concerns. If you think an unauthorised withdrawal from your account has occurred, contact us on 1300 650 873 immediately.

Create a First State Super password that is:

  • Difficult for others to identify but easy for you to remember.
  • Is unique to your First State Super account, and not used for any other accounts you may have with other organisations. Avoid reusing passwords.
  • Consider using a passphrase (a sequence of words or other text) rather than a password as this will be easier to manage and much more secure.

It’s important that your password is not shared with anyone (including family and friends) and that it is regularly reviewed and updated. We recommend updating it at least every 6 months.

Learn more about good password and passphrase hygiene

There are a number of techniques people who engage in fraudulent activity use to access your personal information online. To stay safe online, there are a few things you can do.

  • Avoid using public computers to access your First State Super account online.
  • Keep your device up to date by regularly applying security updates as they are released. This includes updates to your internet browser, such as Google Chrome. 
  • Ensure your device has anti-virus / malware protection installed and its kept up-to-date. Perform some basic checks on websites before you login to them:
    • Avoid logging onto sites marked as “Not secure”, for example. http://firststatesuper.com.au
    • The URL should always begin with https – the ‘s’ stands for secure.
    • There should be a padlock symbol in the browser’s address bar
  • Don’t click on links or attachments in emails you weren’t expecting.
  • When you have finished what you were doing on secure sites, such as our member or employer portals, make sure you log out.
  • Enter website addresses straight into your browser’s address bar. Don’t rely on links in emails as they could be fake.

We will never ask you to click on a link that asks you to change or update your personal details from an email. The best way to do this, is to access your account online by following the steps below:

  1. Go to the First State Super home page by entering https://www.firststatesuper.com.au into your web browser.
  2. Log in to your account by clicking on the pink Log in button on the top right-hand corner of the page.
  3. Go to Profile and then Contact Information to update your Contact details.

Each and every time you access the internet you are at risk of various threats and hoax websites are becoming increasingly prevalent.

How to spot a hoax website

  • Always look for https at the beginning of the URL – the "s" stands for secure.
  • Check for the padlock symbol in your browser’s address bar.
  • Make sure the URL is genuine. Phishers often create fake websites with URLs similar to the real one.
  • Enter site URLs straight into your browser’s address bar. Don’t rely on links in emails as they could be fake.

How to protect yourself against hoax websites

  • Always access secure sites, such as our member or employer portal, by typing the web address into a new browser window.
  • Ensure that the address bar has the padlock symbol and includes the organisation name in green, for example First State Superannuation Scheme, as this tells you the site has extended validation certificates.
  • When you have finished what you were doing on secure sites, such as our member or employer portals, make sure you log out.

Reports from the media and the police signal that criminals are deliberately targeting superannuation fund members through illegal early access to super benefits and unauthorised withdrawals from member accounts using identity fraud.

How to protect your computer

  • Install firewall software - You should install or configure a personal firewall on your computer to create a security barrier between your computer and the internet, for example if you are using a Windows operating system, you could enable the Windows Firewall.
  • Install anti-virus software - You should install anti-virus software to protect your computer against malicious software and ensure you keep it updated. You should regularly scan your computer for viruses.
  • Updating your operating system - Computer operating systems are complex and vendors frequently release patches to fix security weaknesses. You should regularly update your computer's software, including your web browsers, from the vendor's website and if possible enable automatic updates.

How we are helping to protect you

We go to great lengths to protect your privacy and funds. Below are some of the ways that we safeguard your information when you are online with us.

Encrypting your data

When you access your account your information is protected by the latest industry standard SSL encryption technology. Simply look for the green padlock and our fund name 'First State Superannuation Scheme' in green when you access our sites.

Additional authentication

For some functions performed online, we may send you an authentication code to your mobile number or email address (this process is called two-factor authentication). Once you get the code, simply enter it into the screen and you can proceed. This extra layer of security is to help ensure that other people can’t login as you.

Please contact us immediately if:

  • you receive an SMS or email security code sent from us and don't know why
  • you receive a request for your account or member number and/or password by email or SMS
  • your access to the secure portal has been suspended.
Session timeouts and lockouts

If you're signed on to one of our sites and haven’t used it for several minutes, your session will time out. To resume your online activity simply re-enter your login details.

We'll automatically disable your online access to our sites if 3 incorrect login attempts are made. This is to stop fraudsters making repeated attempts to get into your account.
 

First State Super collects and holds your personal information securely. Read our Privacy Policy to learn more

For more information about online safety visit the esafety website.