Email is a great way to receive updates and information about your accounts, including your super. It’s fast, convenient and generally saves a lot of paper – but there are, of course, some risks involved.

You might have read our 5 simple steps to help protect your cybersecurity, where we outlined some of the risks of managing your accounts online, and how you can reduce those risks. We also explained some steps you can take to secure your email account, such as setting up a strong password and installing up-to-date security software on your devices.

One of the most common risks is the scam of ‘email phishing’. This is where scammers might try to contact you to gain access to your personal information and financial accounts.

Here are our top tips to help you avoid email scams and use email safely.

Be careful about giving away your email address

Scammers often send emails to a large number of addresses, hoping that someone will reply and fall victim to their scam. These emails are known as ‘spam’. If you only share your email address with people or organisations you know and trust, you can stop some of these emails from reaching you.

Try not to post your email address on social media or other public websites. These websites usually allow you to change the settings of your account, so only those you trust can see your details.

It’s also a good idea to set up separate email accounts to use for business and personal reasons. You might even set up a completely different email address to use for online shopping, email newsletters or certain forms.

Whenever a site asks for your email address, be sure to read their privacy policy or statement first. Our Privacy Statement explains how we protect the privacy of your personal information.

Watch out for unusual emails

Phishing emails are not always easy to spot, as they are often made to look like they are from well-known organisations. The scammers might use logos or fake contact details or email signatures to try to convince you that the email is from an organisation you know.

The Australian Securities and Investments Commission (ASIC) has a list of warning signs to help you identify a phishing scam.

If you have requested a change to your personal details, for example, your password or email address, we may send you an email asking you to confirm the change. However, we will always send you a link to our secure Member Online service to do this.

If you need to verify that a GESB-branded message you have received is legitimate, please call us on 13 43 72. We can give you details of any genuine emails we have sent you.

Check the email sender and subject line

Watch out for emails from people or companies you don’t know or that you aren’t expecting. These can be genuine emails but it pays to check carefully.

Our emails always display our name ‘GESB’ as the sender. We send all general communications to our members from the address, ‘gesb_noreply@members.gesb.com.au’.

If we need to contact you directly about your account, for example, if we are responding to an enquiry or request you’ve made, then we use the address ‘memberservices@gesb.com.au’.

Check links before you click

Here’s an easy trick to help you check whether a link provided in an email is legitimate.

Simply hover your mouse over the buttons and links in an email without clicking. You’ll see the destination website address appear. If this does not include the company’s real website address, do not click.

Links in our emails will always contain our website address: member.gesb.com.au.

Emails from us will only ever include a link directly to Member Online when you have requested a change. For example, you may have changed your password or email address.

If you have a Member Online account, always login by typing ‘gesb.wa.gov.au’ in your browser and then clicking the ‘login’ button. You can ensure that the website address is correct by checking that it starts with mol.gesb.wa.gov.au.

What to do if you receive a scam email

If you’ve received a phishing email or you think you’ve been scammed, visit the ASIC MoneySmart website for information on what to do next.

If you think someone has accessed your personal information or accounts with us without your consent, please call us immediately on 13 43 72.

For more information

Visit Stay smart online or Scamwatch.