Superannuation Scams in Australia — How Criminals Are Stealing Retirement Savings

Superannuation scams are among the most financially devastating crimes in Australia because they target retirement savings that have taken decades to accumulate and cannot easily be replaced. Australia's compulsory superannuation system — combined with relatively high average balances and a large proportion of Australians approaching retirement — makes super an extremely attractive target for criminals.

Common Super Scam Types

Early access schemes: Criminals contact Australians claiming they can help access superannuation early through legal loopholes or special arrangements. They collect upfront fees and detailed super fund information, then make unauthorised withdrawal requests using stolen credentials. SMSF fraud: Victims are convinced to set up a self-managed superannuation fund and roll their entire super balance into it, where criminals then direct the investment into fraudulent schemes — often cryptocurrency or property. Credential-based attacks: Criminals steal myGov credentials through phishing and use them to access ATO-linked super fund details, changing banking details to redirect future contributions and potential refunds. Fake super consolidation: Scammers claim to help consolidate superannuation accounts but actually redirect consolidated funds.

The COVID Early Access Hangover

The 2020 COVID early access to super scheme demonstrated that many Australians would take action on their super based on digital communications. Criminals used this period to launch super-themed phishing attacks, and some variants continue to circulate years later — fake messages claiming "a second early access scheme has been approved" or similar.

Why Super Scams Are Particularly Damaging

Super losses are often unrecoverable. Unlike credit card fraud which can often be reversed, fraudulent superannuation withdrawals or fund transfers may not be identified until the victim checks their balance — potentially months later. By that point, funds have typically been moved through multiple accounts and are unrecoverable. The lifetime financial impact of losing significant superannuation savings in middle age can be severe.

Protecting Your Super

Enable MFA on your myGov account and any super fund member portal — this is the single most important protection. Never give your super fund details, myGov credentials, or TFN to any third party claiming to help with super management unless they are a licensed financial adviser you have independently verified. Check your super balance at least quarterly and report any unexpected changes to your fund's member services team immediately. Be extremely suspicious of any unsolicited contact about your superannuation. The ATO's mySuperSearch tool allows you to check for any lost or unclaimed super through myGov — use this official tool rather than third-party services claiming to find your super for you.

What to Do If You Suspect Super Fraud

If you believe your superannuation may have been affected by fraud — unexpected changes to your fund, contributions not appearing, or notifications of transactions you did not authorise — act immediately. Contact your super fund's member services team directly using the number on your most recent statement or their official website. Check your super balance and transaction history through myGov. If you cannot access your myGov account, contact the OAIC and call the ATO on 13 10 20. Also contact IDCARE on 1800 595 160 for specialised support with the recovery process.

The myGov Super Consolidation Scam

Scammers specifically target the ATO's legitimate super consolidation service, which allows people to consolidate multiple superannuation accounts through myGov. Fake emails and SMS messages direct people to fake myGov pages that capture credentials — then use those credentials to initiate super consolidations to fraudulent self-managed super funds controlled by criminals. The ATO has invested significantly in detecting this fraud, but stolen credentials remain the primary entry point. MFA on your myGov account is the most important protection. IntrusionX can help you and your family set up myGov MFA — contact us for assistance.