Skip to main content

We use cookies to better deliver personalised content. Read about how it works.

Security Update: While Aware Super is not affected by the recent cyber incident impacting other superannuation funds, we've added an extra security step at login to further protect your data. We also provide a range of security features and services, including fraud prevention technology to help keep your account safe. Read more here aware.com.au/security

Search aware.com.au

Suggestions

Cybersecurity update

Several super funds have experienced unauthorised access to a small number of their member accounts.

Aware Super is not one of these funds.

Is my account at risk?

Aware Super has strong protections in place to secure your account and prevent unauthorised access.

We were aware of an increased threat from cybercriminals in recent weeks and have put in place additional measures to secure your account and personal information. You may notice changes to your log-in process as a result.

We are committed to protecting our members’ retirement savings and personal information from cyber, fraud and financial crime, and we actively monitor the external environment and continually assess our security measures to safeguard your superannuation and information - and we will update that protection when we think it’s necessary.

What extra steps do you have in place to keep my account safe?

We have introduced an extra step in the login process to help keep your account secure.

After you enter your member number and password, we will send a code to the mobile number you have registered with us. Enter that code on the login screen to complete the login process.

Do I have to take this step every time I log in?

Yes.

What happens if I have received a code to my mobile but am not trying to log into Aware?

Please contact us if you have received a code but have not tried to log in. Your account remains secure, but we are taking extra precautions to ensure your security.

How to keep your super safe from scammers and thieves

Our Financial Crime and Risk expert shares these practical steps that you can take to help protect your super and keep your personal information safe online.

Multifactor authentication

We have introduced an extra step in the login process to help keep your account secure.

After you enter your member number and password, we will send a code to the mobile number you have registered with us. Enter that code on the login screen to complete the login process.

Please contact us on 1300 650 873 if you do not have a mobile phone on your account or want to change your registered mobile number.

We already had multi-factor authentication switched on for sensitive transactions, we have just added an extra security step at log in to help keep your account secure.

Yes, this additional step is to ensure that your account is safe and is required each time you try to log in.

No. We actively monitor the external environment and continually assess our security measures to safeguard your superannuation and information, and we will update that protection when we think it’s necessary.

You can visit aware.com.au/security for up-to-date information on how we protect your super and your personal information.

Yes, this will work from most countries. If you are having trouble logging in from overseas, please call us on +61 3 9131 6373.

If you use a biometric method like facial recognition to log into the app you won’t need to enter a code.

If you log into the app using a username and password, you will be sent a code to your mobile phone and prompted to enter it.

You will get be asked to re-enter it. If this doesn’t work, you can ask to resend a new code. If you enter the incorrect code too many times your account will be locked for ten minutes and then you can retry.

There can be multiple reasons why you can’t log in. We recommend:
 

  • Try changing your internet browser from the one you are using to Microsoft Edge or Google Chrome
  • Try logging in from a mobile device if you can’t log in via a desktop/laptop computer using or vice versa if using a mobile
  • Try clearing your browser history in Settings. Here’s how:
    • Google Chrome: Click the menu icon in the browser upper right corner, then click Clear browsing data.
    • Microsoft Edge: Click the menu icon in the browser upper right corner, then click Settings and Privacy, then click Clear browsing data.
    • Apple Safari: Click the Safari menu, then select Empty Cache

Tell us

Please get in touch immediately if something’s not right.

Call us on 1300 650 873.

Change your password

If you think someone has your account password, log in and change it immediately.

Report it

If you’ve been the victim of identity theft, contact IDCARE on 1300 432 273.

Encrypting your data

When you access your Aware Super account, your information is protected by the latest industry encryption technology, which safeguards any sensitive data being sent between your computer and our systems. Simply look for a padlock in the address bar before the URL, or website address, which indicates that the website has a valid security certificate issued by a trusted authority.

Additional authentication

For some tasks you complete online, we may send you an authentication code to your mobile number or email address - this process is called two-factor authentication. Once you get the code, simply enter it on screen and you can proceed. This extra layer of security is to help make sure other people can’t log in as you.

Please contact us immediately if:

  • you receive an SMS or email security code sent from us and don't know why
  • you receive a request for your account or member number and/or password by email or SMS
  • your access to the secure portal has been suspended
  • your mobile phone can’t make phone calls and after contacting your mobile phone provider you find out your number has been ported, or transferred, to another provider without your knowledge.
     

Session timeouts

If you're signed on to one of our sites and haven’t used it for several minutes, your session will time out. This is designed to prevent unauthorised users from accessing your private data on a device that has been left unattended. To start your online activity again simply re-enter your login details.

Keep your personal details up to date

Making sure your personal details are correct is important because if a privacy breach does occur we want to be able to contact you as soon as possible, confirm your identity and quickly manage the security risk. In particular, make sure your mobile number and email address are current, so we can always get in touch with you. 

We’ll never ask you to click on a link in an email or SMS to change or update your personal details. The safest way to do this is:

 

On a computer

  1. Go to the Aware Super homepage by entering https://aware.com.au into your browser.
  2. Log in to your account by clicking on the log in button in the top right-hand corner of the page.
  3. Go to Profile and then Contact Information to update your contact details.
     

On your phone or tablet

  1. Download the Aware Super mobile app
  2. Log in to your account.
  3. Go to Profile and then Update details to update your contact details.

Responsibly disclose a security vulnerability

If you have discovered a possible security concern in one of our applications, systems, or services, and would like to share this, please email us.

Please include:

  • anything beneficial to help an investigation (eg: date of incident, desktop/mobile screenshot), and
  • your preferred contact method if you would like to be contacted.
     

If you request so, one of our security team can get in touch.

At Aware Super we are committed to the security of our customers' data, our information systems, and our services. Despite our very best intentions, sometimes there may be something we missed.

Although we don’t pay compensation for any reported security vulnerabilities, know that you have the gratitude of over 1 million Australians who entrust their retirement with us.

If something seems odd or suspicious, let us know right away. If you receive an offer to access your super through an illegal scheme, contact ASIC or the ATO to report your concerns. If you think an unauthorised withdrawal has been made from your account, contact us immediately on 1300 650 873.

You can report a scam to ACCC or the Australian Cybercrime Online Reporting Network (ACORN). If you have been the victim of identity theft, contact IDCARE on 1300 432 273. IDCARE can guide you through the steps to reclaim your identity. Find out more about fraud prevention on the ACCC website and identity theft on Scamwatch.