Last year Australians reported a total of $2.3 billion in losses due to scams. While this is a decline on the previous year, bank accounts and superannuation funds remain a prime target for cybercriminals.

A recent cyberattack compromised several major superannuation funds, including AustralianSuper, Rest, Hostplus, and Insignia Financial. The breach involved credential stuffing, where hackers used previously leaked passwords to infiltrate accounts, resulting in the theft of $500,000 from AustralianSuper members.

These incidents underscore the critical importance of cyber vigilance in safeguarding your financial well-being.

Here are five tips on how to protect online information and keep yourself and your finances safe from a cyberattack:

1. Monitor financial accounts regularly

Check superannuation, bank accounts, credit cards, and investment accounts often for any unusual or unauthorised activity. Sometimes this could look like a zero spend, when really what’s happening is the account or card is being checked to see if it works. Many services now offer alerts for suspicious transactions, so turn these on – early detection against cyber threats is key to stopping fraud before it causes damage.

2. Strengthen and separate passwords

Never use the same password across multiple financial accounts. If one gets compromised, scammers can easily access the rest. Use strong, unique passwords for your banking, superannuation, and investment accounts. A password manager can help you manage them securely so you don’t need to write them down. And if you and your family members all use the same passwords? Change them – it’s too easy for hackers to pick up on.

3. Turn on two-factor authentication (2FA)

Most financial institutions now offer 2FA – a feature that adds a second layer of security (like a code sent to your phone) to your login. It’s one of the most effective ways to keep hackers out, even if they manage to get your password.

If you’re using SMS-based 2FA, consider switching to an app-based option, like Google Authenticator, Authy, or Microsoft Authenticator to stop cyber theats. SMS is easier for hackers to bypass so be sure to talk to your financial institution.

4. Be alert to phishing scams

Scammers may try to pose as your fund or bank to trick you into giving up personal information. Be cautious of unexpected emails, texts, or phone calls requesting account details or login credentials. Always contact your institution using their official website or customer service number and never click a link or give out details via unsolicited messages.

This is one of the easiest ways for scammers to gain access to your accounts. It’s as simple as asking for your information.

5. Keep your devices and apps up to date

Cybercriminals exploit vulnerabilities in outdated software. Make sure your phone, laptop, banking apps, and antivirus software are always updated. Enable automatic updates where possible – it can often fix critical security flaws.

And if you are targeted by a cyber threat? Notify your affected service provider as soon as possible so they can help you to secure your account and investigate the breach.

The AustralianSuper breach is a wake-up call showing that even large, secure systems can be vulnerable. Staying vigilant, informed, and proactive is your best defence in today’s digital financial world.