Online security
The security of your data and funds is our priority and we are continuously taking measures to protect our online systems so your information and super stays safe. This includes:
- Sophisticated network and data protections
- Advanced threat detection
- Multi-factor authentication for access to your account
As scams and frauds continue to rise, it’s more important than ever to protect yourself online.
There are some important steps you can take to help protect your privacy and identity.
Setting up MFA
MFA is a two-step security check we use to confirm your identity when you log in and request any changes to your online account.
It is designed to make sure that only you can access and make changes to your account, to help protect your account from fraudulent activity.
- When you log in using your username and password, or submit a request to make a change to your account once logged in, we'll ask you to complete a second identity step to check it's you
- You'll then need to confirm it's you by providing the additional form of verification, before you can log in or request the change
There are a few different ways you can complete the identity check when logging in, including:
- Using a passkey
This verifies your identity by using something unique to you and your device, like your fingerprint, face, unlock pattern or PIN - so it's the most secure option - Using an authenticator
This generates a one-time security code from your device that's valid for short periods
Take precautions
Here are some important steps you can take to help protect your privacy and identity online.
Login to your online accounts regularly or set regular reminders to make sure your details are up to date and that any transactions are accurate. You can access your accounts with us through Member Online.
A strong password is at least eight characters long with a combination of numbers, letters and symbols. It’s important to use different passwords for different accounts and keep your passwords protected – don’t share any details.
Make sure you have the relevant security software and keep it up to date. Enable security options like multi-factor authentication (MFA) on as many devices as possible.
When you use your online accounts such as Member Online, don't use a public computer or public wi-fi internet connection if you can help it. Always log out of your account and close your browser when you've finished.
For the best web browser security, use the latest versions of supported web browsers to access and log in to Member Online. Find out more about Member Online system requirements.
Don’t click on unsolicited emails, engage in telephone calls with someone you don’t know or can’t verify their identity, or respond to suspicious SMS messages.
You can identify a scam, or ‘phishing’ email by:
- Misspelled words or incorrect grammar
- Links that take you directly to your online account
- Unfamiliar sender or company
- Suspicious attachments
- Requests for your personal information, login credentials or payment information
- Messages ordering you to act urgently or within a limited time
- Offers that are ‘too good to be true’
If you receive emails that seem legitimate, go to the company website without clicking any links, or call them directly using numbers listed on their website.
GESB won't send you an email or SMS containing a link to Member Online unless you've requested a change such as a change of password or email address.
We will never contact you asking for personal information or login credentials.
Check your privacy and security settings on all your accounts, including your social media accounts.
Whenever a site asks for your email address, read their privacy policy or statement first.
Our Privacy Statement explains how we protect the privacy of your personal information.
Be scam aware
Here are some red flags that are worth investigating1:
- Despite having good credit, you are refused a service, credit card or loan
- A phone contract has been set up in your name without your knowledge
- You are notified of unauthorised activity on an account
- You apply for a government benefit but are told you are already claiming
- You have not received any mail from your bank, or expected mail has not arrived
- Items appear on your bank or credit card statements that you don’t recognise
- You receive invoices or bills for goods or services you haven’t purchased
- You receive letters from debt collectors or solicitors for debts that aren’t yours
Report a scam
We encourage you to report any suspicious incidents to the police and/or the Australian Cyber Security Centre:
- Report a cybercrime through the ReportCyber website
- Submit an online form through SCAMWatch
If the incident is related to GESB or your super more broadly, please report it to us by calling 13 43 72.
Important note
Important noteIf you receive a SMS from us confirming super money withdrawal or a rollover that you haven't requested, please call us as soon as possible on 13 43 72 so we can stop the transaction.
Help and information
If you're worried about your account
If you believe you’ve been a victim of online identity fraud in relation to your super account, or if there’s been a change to your contact details that you didn’t request:
- Call your Member Services Centre on 13 43 72. We can flag your account and provide additional support and guidance
- Change your passwords as soon as possible
GESB resources
We have a range of resources to help you use our online services, access information and make changes to your super account securely.
Other resources
There are several organisations that can provide resources, support and guidance about staying safe online.
- The Australian Government's Act now, stay secure cybersecurity campaign aims to educate Australians on simple cyber safe actions.
- The Australian Cyber Security Centre's cybersecurity basics provides steps and tips to protect yourself online
- The Australian Competition & Consumer Commission's ScamWatch shares resources and information about current scams
- Australia and New Zealand's national identity and cyber support service IDCARE offers support and a guided response plan to help people experiencing a scam or cyber incident
1 Financial crimes member guidance, Link Group, March 2023.
Thank you for printing this page. Remember to come back to gesb.wa.gov.au for the latest information as our content is updated regularly. This information is correct as at 12 June 2026.