Protecting Your SMSF: Impersonation Scams and Cyber Safety

June 28, 2024

As the landscape surrounding identity fraud and investment scams continues to evolve, it’s imperative for Self-Managed Super Fund (SMSF) trustees and advisers to remain vigilant against potential risks.

In May 2024, the Australian Taxation Office (ATO) reported a significant uptick in ATO impersonation scams, with 1,688 reported incidents, marking a 31% increase from the previous month^.

To mitigate against scams, the ATO has introduced several initiatives:

  • Removal of hyperlinks in SMS (text messages): To counteract SMS phishing scams.
  • Alerts via text and email: The ATO will send alerts when certain actions are taken, such as when a rollover is requested.
  • Removal of bank account details from ABN registration: This change aims to disrupt fraudsters from directing money into their accounts.
  • Utilising authenticated channels: The ATO will provide SMSF bank account details through authenticated online services, for example Online services for business or Online services for agents.

Class remains committed to protecting customer data against security threats. Recent security enhancements include:

  • DocuSign Two-Factor Authentication: Class has enabled optional Two-Factor Authentication within DocuSign, providing an additional layer of verification for signers. Class recommends all customers enable Two-Factor authentication to enhance security within DocuSign.
  • Multi-Factor Authentication (MFA): Class solutions have MFA enabled using authenticator apps or SMS on login to secure customer accounts.

There are also several steps you can take to protect yourself online, including:

  • Know who you’re dealing with. Verify the identity of anyone you communicate with regarding your SMSF. Be cautious of unsolicited communications, especially if they request personal or financial information. Cross-check contact details with official sources and confirm any requests directly through official channels before taking any action.
  • Be aware of links and attachments. Do not open suspicious texts, pop-ups, links, or attachments.
  • Be alert to requests for computer access. Do not respond to phone calls asking for remote access to your computer.
  • Be aware of early access to superannuation scams. Promoters may contact you, claiming they can help you access your superannuation early for personal expenses, which is illegal and can lead to identity theft. For more information, refer to the ATO’s fact sheet on illegal early access to super. If you’ve been contacted by a promoter, call the ATO straight away on 13 10 20 to get advice.
  • Enable MFA where possible. MFA provides an additional layer of security, reducing the risk of credential theft by requiring two methods of authentication: the password and the MFA factor, making it significantly more challenging to gain access.

For further information, visit Scamwatch’s Protect Yourself Online.

If you’re concerned that you may have been affected by a scam, please contact Class Support at 1300 851 057 (Press 1) Monday to Friday 8.30am to 5.30pm AEST, or via email at

More information on scams can also be found on the Australian Consumer and Competition Commission’s (ACCC)  Scamwatch website, or by visiting the ATO website for the latest scam alerts.

^ – at 14 June 2024