Phone 1800 444 396
Web brightersuper.com.au
Email [email protected]
Post GPO Box 264, Brisbane QLD 4001

Protecting your account from fraud

Keeping your data safe is our highest priority.

We use multiple layers of security systems and processes to detect and prevent fraudulent activity. Examples of how we safeguard Member Online and our mobile app include:

  • Using a password and Multi-Factor Authentication to secure logins.
  • A limit on failed login attempts, locking access after three failed attempts.
  • Monitoring and oversight of online withdrawals.

These are some of the measures in place to protect your account against unauthorised access and activity.

Stronger account protection with Multi-Factor Authentication

Whenever you log in to your Brighter Super account in Member Online, you must confirm a code we send to you by SMS or email.

This is known as Multi-Factor Authentication, which gives your account two layers of protection – your password and a one-time code.

This security feature is a mandatory setting for all members’ accounts in Member Online.

To log in to our mobile app, you’ll also need to confirm a code sent by SMS or email – unless you’ve already set up PIN, fingerprint or face ID authentication.

To access Member Online or our mobile app, you must have a valid email address or mobile number registered on your account. If your contact details are missing or out of date, call us on 1800 444 396 to update them. We're available Monday to Friday, 8.00 am to 5.30 pm (AEST).

Latest scam updates and alerts

May 2025

The Australian Taxation Office (ATO) is warning the community about false information being spread by fraudsters regarding changes to the superannuation preservation age – the age at which you can access your superannuation savings when you retire.

There has been no change to the preservation age, which is 60 for anyone born after 1 July 1964.

For accurate information, refer to the ATO’s warning about fake news on changes to the preservation age. You can also find details on our website about when you can access your super.

We urge our members to remain vigilant. Scams targeting superannuation accounts are on the rise and are becoming increasingly sophisticated. If you notice any unusual activity or have concerns about your account, please contact us immediately on 1800 444 396.

April 2025

Brighter Super is aware of reports of a cyberattack affecting some Australian superannuation funds and is actively monitoring the situation. At this time, we have seen no indication that Brighter Super systems or member accounts have been impacted.

The security and privacy of our members’ information is of utmost importance. Brighter Super maintains robust cybersecurity measures, including mandatory Multi-Factor Authentication (MFA) and account lockout protocols that automatically disable accounts after multiple failed login attempts. Members must then contact our team to verify their identity and reactivate access.

We understand the attackers are using previously compromised username and password combinations sourced from unrelated data breaches (e.g. social media or ecommerce platforms) in attempts to access accounts.

Brighter Super has proactively put in place safeguards to protect members from these types of intrusions. We continue to work closely with cybersecurity specialists to ensure we remain vigilant and responsive to any emerging threats.

We also encourage members to regularly update their passwords, use unique credentials for each online account, and enable MFA wherever available.

Protecting yourself from scams

Scammers keep finding new ways to trick their unsuspecting target, whether it be over email, social media, websites or telephone. Superannuation is a particularly attractive target, so below are some examples of common scams and tips on how to protect yourself.

The Australian Securities and Investments Commission (ASIC) has recently released information about the top 10 ways to spot a crypto scam and the types of crypto scams that exist.

ASIC’s Moneysmart website also has information for investors on how to avoid crypto scams.

ASIC has also published information about self-managed super fund rollover scams.

Pretending to be a financial adviser

Scammers often offer to help people withdraw money from their superannuation, often through self-managed funds or for a fee. They may do this by pretending to be a financial adviser, gaining your trust to access your superannuation account on your behalf. In many cases they will set up fake companies and attempt to transfer super balances into their own account.

Remember, you are unable by law to access your superannuation unless you satisfy a condition of release. Anyone who is advising you otherwise is acting illegally.

Tips on staying safe:

  • Never give any information about your superannuation to anyone who has contacted you.
  • Never share your password for your superannuation account, or any other secure services such as your bank account or myGov account (for ATO and Centrelink).
  • Financial advisers must have a license, which you can check on ASIC’s website.
  • You can also check to see if someone has had their license disqualified on APRA’s disqualification register.
  • Stay ahead of the scammers and find out more about conditions of release in our accessing your superannuation info sheet, or refer to your account’s Product Disclosure Statement.
Phishing scams

Phishing scams are attempts to request personal information, by email, online or phone. They may pretend to be from your superannuation fund, bank or other financial service providers that you know.

These scams can look genuine, with the correct logo and branding. They can take you to a fake website whose web address is very similar to the real organisation’s website.

Tips on staying safe:

  • Stay clear of emails and messages promoting ways to access your superannuation and invest it in lucrative investment opportunities, such as property and self-managed funds.
  • Do not click on links or attachments in emails or messages claiming to be from a trusted organisation and asking you to verify or update your details.
  • Be wary of websites asking for information which do not have the secure padlock symbol or ‘https’ in the web browser bar – both are needed if you are entering personal information.
  • Look for mistakes in emails and messages claiming to be from trusted organisations. You may spot one of these warning signs:
    • Not using your name in the greeting at the start of the message.
    • Grammatical errors and spelling mistakes.
    • Slight differences in email address and website address.

Scamwatch also has information on how to Spot the scam signs.

Stay informed

There are a number of Australian Government websites that provide information and resources to help protect yourself from scams:

Reporting scams or fraudulent activity

If you have any concerns about your account, or identify any unusual activity, please contact us on 1800 444 396 as soon as possible. You can also report any scams you receive to the below Government agencies. Information on how to do this is available on their websites.

  • Report cyber – if you think you have been a victim of fraud or cybercrime
  • Scamwatch – to report to ACCC a scam.

OSZAR »