MLC is committed to helping you transact online confidently and securely, no matter where you are or what computer you use. There’s a range of things we do every day to keep your personal information and investments safe, including:
We use unique identifiers so we know it’s you logging in to your account.
These are used to verify the identity and authenticity of our websites. To see it, click on the padlock icon on your screen in the address bar.
Session timeout facility
This means we will automatically log you out if you‘ve been inactive for a while.
For your security, MLC will automatically block access to MLC Online after a number of failed logins.
Here’s some simple things you can do to help stay safe online:
Always type www.mlc.com.au into your browser
By typing the website address straight into your browser, you minimise the risk of going to a fraudulent website that looks just like the legitimate one.
Use strong passwords
Use a different password for each of your online accounts. Choose strong passwords that are difficult for other people to guess. Don’t share your passwords with anyone.
Your MLC Online password must be between 6 and 12 characters long and contain at least one numeric and one alphanumeric character.
Take care when logged in
Where possible avoid using computers in public places, such as Internet cafes, hotels and airport lounges to log into MLC Online. If you are in a public area, also check that no one is looking over your shoulder when you log in.
Remember to log off
Make sure you log off MLC Online when you’re done to help prevent someone else accessing your account.
MLC strongly recommends that all software on your computer/device is kept up to date to help protect it from malicious software, which may allow unauthorised access to your online accounts or information.
Keep your operating system up to date
Ensure your computer’s operating system is up to date by turning on automatic updates. For more information visit the Microsoft Safety and Security Website or the Apple Product Security Site.
Keep your security software up to date
Free anti-virus software for Microsoft Windows computers
Windows 10 has built-in protection with Windows Defender Antivirus.This free anti-virus program gives comprehensive, ongoing and real-time protection for your system, files and online activities from viruses, malware, spyware, and other threats.
Older versions of Windows
If you’re looking to protect a personal computer running an older version of Windows, like Windows 7, you can download Microsoft Security Essentials for free, real-time, comprehensive malware protection that’ll help guard against malicious software.
Phishing emails are fraudulent emails that pretend to be from MLC or other legitimate businesses to attempt to trick you into providing information such as your MLC log in details, date of birth, or credit card information.
MLC will never send you an email asking for your password, or with a link asking you to log in to MLC Online.
If you receive a suspicious email, do not click on any links or attachments, or provide any information.
If you have responded to a phishing email, contact us immediately on 132 652 (or +61 3 8634 4721 from outside Australia) between 8 AM and 6 PM AEST Monday to Friday.
You can report suspicious MLC emails by forwarding them to firstname.lastname@example.org.
We investigate every email reported. Where possible, please send the suspicious email as an attachment on a new email.
If you receive a suspicious email not related to MLC, you can report it to ACSC, the Australian Cyber Security Centre.
If you receive a call requesting personal or banking information, hang up and call the company back on a publicly listed number.
Protect yourself by securing your letterbox to help prevent mail being stolen. Ensure documents containing personal information are shredded before you dispose of them.
Australian Government | Australian Cyber Security Centre and Stay Smart Online
The Australian Cyber Security Centre (ACSC) brings cyber security capabilities from across the Australian Government together into a single location. It is the hub for private and public sector collaboration and information-sharing to combat cyber security threats. ACSC’s Stay Smart Online provides topical, relevant and timely information on how home internet users and small businesses can protect themselves from, and reduce the risk of, cyber security threats such as software vulnerabilities, online scams, malicious activities, and risky online behaviours.
Australian Government | ReportCyber
ReportCyber is a secure reporting and referral service for cyber crime and online incidents which may be in breach of Australian law. The ReportCyber website provides a cyber crime reporting mechanism as well as helpful information about cyber crime.
Australian Competition and Consumer Commission | Scamwatch
Scamwatch provides information to consumers and small businesses about how to recognise, avoid and report scams using publications, videos and other online resources.
Australian Government | Office of the eSafety Commissioner
The Office of the eSafety Commissioner provides online safety education for Australian children and young people, a complaints service for young Australians who experience serious cyberbullying, and address illegal online content.
Australian Government | Attorney-General’s Department
The Attorney-General’s Department website provides helpful information and resources about your rights and protections in regards to identity security, freedom of information and cyber security. The Department has developed a range of resources to assist people protect their identity and recover from the effects of identity crime.
We take the security of our systems seriously, and we value the security community. The responsible disclosure of security vulnerabilities helps us ensure the security and privacy of MLC and our customers.
If you believe you have found a security vulnerability with any of our services, we would like you to let us know right away via our Responsible Disclosure Program.
MLC does not condone any malicious or illegal behaviour in the identification and reporting of security vulnerabilities.
Our Responsible Disclosure Program is managed by Bugcrowd.
To see the terms of the program, and to report a security vulnerability, please refer to bugcrowd.com/nab
Please note all disclosures must be made via Bugcrowd, not directly to MLC.