1. Personal
  2. Security

Security

Here's some useful information regarding how MLC protects your online security, and some practical tips to help you stay safe online.

If you believe your online security has been compromised, contact us immediately on 132 652 (or +61 3 8634 4721 from outside Australia) between 8 AM and 6 PM AEST Monday to Friday.

You can report suspicious MLC emails by forwarding them to phish@mlc.com.au.

  • MLC is committed to helping you transact online confidently and securely, no matter where you are or what computer you use. There’s a range of things we do every day to keep your personal information and investments safe, including:

    Session Tokens
    We use unique identifiers so we know it’s you logging in to your account.

    Digital certificates
    These are used to verify the identity and authenticity of our websites. To see it, click on the padlock icon on your screen in the address bar.

    Session timeout facility
    This means we will automatically log you out if you‘ve been inactive for a while.

    Lockout
    For your security, MLC will automatically block access to MLC Online after a number of failed logins.

  • Here’s some simple things you can do to help stay safe online:

    Always type www.mlc.com.au into your browser
    By typing the website address straight into your browser, you minimise the risk of going to a fraudulent website that looks just like the legitimate one.

    Use strong passwords
    Use a different password for each of your online accounts. Choose strong passwords that are difficult for other people to guess. Don’t share your passwords with anyone.

    Your MLC Online password must be between 6 and 12 characters long and contain at least one numeric and one alphanumeric character.

    Take care when logged in
    Where possible avoid using computers in public places, such as Internet cafes, hotels and airport lounges to log into MLC Online. If you are in a public area, also check that no one is looking over your shoulder when you log in.

    Remember to log off
    Make sure you log off MLC Online when you’re done to help prevent someone else accessing your account.

  • MLC strongly recommends that all software on your computer/device is kept up to date to help protect it from malicious software, which may allow unauthorised access to your online accounts or information.

    Keep your operating system up to date
    Ensure your computer’s operating system is up to date by turning on automatic updates. For more information visit the Microsoft Safety and Security Website or the Apple Product Security Site.

    Keep your security software up to date

    Free anti-virus software for Microsoft Windows computers

    Windows 10

    Windows 10 has built-in protection with Windows Defender Antivirus.This free anti-virus program gives comprehensive, ongoing and real-time protection for your system, files and online activities from viruses, malware, spyware, and other threats.

    Older versions of Windows

    If you’re looking to protect a personal computer running an older version of Windows, like Windows 7, you can download Microsoft Security Essentials for free, real-time, comprehensive malware protection that’ll help guard against malicious software.

  • Phishing emails

    Phishing emails are fraudulent emails that pretend to be from MLC or other legitimate businesses to attempt to trick you into providing information such as your MLC log in details, date of birth, or credit card information.

    MLC will never send you an email asking for your password, or with a link asking you to log in to MLC Online.

    If you receive a suspicious email, do not click on any links or attachments, or provide any information.

    If you have responded to a phishing email, contact us immediately on 132 652 (or +61 3 8634 4721 from outside Australia) between 8 AM and 6 PM AEST Monday to Friday.

    You can report suspicious MLC emails by forwarding them to phish@mlc.com.au.

    We investigate every email reported. Where possible, please send the suspicious email as an attachment on a new email.

    If you receive a suspicious email not related to MLC, you can report it to ACSC, the Australian Cyber Security Centre.

    Identity Theft
    If you receive a call requesting personal or banking information, hang up and call the company back on a publicly listed number.

    Protect yourself by securing your letterbox to help prevent mail being stolen. Ensure documents containing personal information are shredded before you dispose of them.

  • Australian Government | Australian Cyber Security Centre and Stay Smart Online
    The Australian Cyber Security Centre (ACSC) brings cyber security capabilities from across the Australian Government together into a single location.  It is the hub for private and public sector collaboration and information-sharing to combat cyber security threats.  ACSC’s Stay Smart Online provides topical, relevant and timely information on how home internet users and small businesses can protect themselves from, and reduce the risk of, cyber security threats such as software vulnerabilities, online scams, malicious activities, and risky online behaviours.

    Australian Government | ReportCyber 
    ReportCyber is a secure reporting and referral service for cyber crime and online incidents which may be in breach of Australian law.  The ReportCyber website provides a cyber crime reporting mechanism as well as helpful information about cyber crime.

    Australian Competition and Consumer Commission | Scamwatch
    Scamwatch provides information to consumers and small businesses about how to recognise, avoid and report scams using publications, videos and other online resources.

    Australian Government | Office of the eSafety Commissioner
    The Office of the eSafety Commissioner provides online safety education for Australian children and young people, a complaints service for young Australians who experience serious cyberbullying, and address illegal online content.

    Australian Government | Attorney-General’s Department
    The Attorney-General’s Department website provides helpful information and resources about your rights and protections in regards to identity security, freedom of information and cyber security. The Department has developed a range of resources to assist people protect their identity and recover from the effects of identity crime.

  • We take the security of our systems seriously, and we value the security community. The responsible disclosure of security vulnerabilities helps us ensure the security and privacy of MLC and our customers.

    If you believe you have found a security vulnerability with any of our services, we would like you to let us know right away via our Responsible Disclosure Program.
    MLC does not condone any malicious or illegal behaviour in the identification and reporting of security vulnerabilities.

    Our Responsible Disclosure Program is managed by Bugcrowd.

    To see the terms of the program, and to report a security vulnerability, please refer to bugcrowd.com/nab

    Please note all disclosures must be made via Bugcrowd, not directly to MLC.

Get in touch

Call us

Talk to us on 132 652 between 8am and 6pm AEST/AEDT, Monday to Friday

Email us

Complete our contact form

Locate an adviser

Find an adviser near you

Connect with us

Facebook  Twitter  LinkedIn  YouTube

Download the MLC app

IOOF Holdings Ltd ABN 49 100 103 722.

MLC Limited uses the MLC brand under licence. MLC Limited is a part of the Nippon Life Insurance Group and not part of the IOOF Group of Companies.