Read More

Don’t Let Your Retirement Account Be A Cybersecurity Risk

Don’t Let Your Retirement Account Be A Cybersecurity Risk

As the pandemic continues into 2022, the Federal Trade Commission (FTC) is keeping a close watch on fraud. According to the most recent FTC data, fraud and identity theft increased from 3.24 million cases in 2019 to 4.72 million cases in 2020— the highest recorded number in the past decade.

Needless to say, financial and medical information have never been more at risk. Many workers are still in a remote environment, which increases the risks of ransomware and spyware and gives cybercriminals an easier platform for identity theft.

Not only do retirement accounts hold huge amounts of wealth, but they are also not always consistently monitored by users. Additionally, automatic enrollment into retirement plans poses an extra cybersecurity risk because a participant may never set up online access to their account, leaving it exposed to hackers.

In general, automatic enrollment is a great benefit for employees because it encourages more workers to start saving earlier, which can put them on a path to a comfortable retirement. Yet, it’s still important for participants to take an active role in their retirement account and planning. So often we hear that participants only log onto their accounts just one or two times per year -- if at all.

Your retirement account is the largest concentration of wealth that you have, and it takes a long time to build up, so an attack can be extremely harmful to your financial outlook as a whole.

During this Cybersecurity & Identity Theft Awareness Month, we wanted to share some best practices so that you can protect your personal information and hard-earned savings.

Tips To Prevent Your Retirement Account From Hackers

  • Even if your account is automatically set up through auto enrollment, be sure to register your account and create a strong password.
  • Check your account regularly. Conventional wisdom says that you should not check your retirement account too frequently or risk making rash decisions in a volatile market. But you should check your account every so often as a way to make sure that no fraud has occurred.
  • Avoid using public Wi-Fi when it comes to banking and personal information and set up a VPN to protect your personal information.
  • Set up two-factor authentication for an extra layer of security.
  • Periodically change your password and make it unique from other passwords that you use. It can be difficult to remember dozens of long, complex, and unique passwords for every account, so set up a personal password management tool to take the pressure off.
  • Beware of phishing emails that request any personal information.
  • As a preventative step, make sure you lock your credit on all three major credit reporting companies so that potential hackers cannot open new accounts in your name.

What To Do If Your Account Has Been Compromised

If you notice that your account has been hacked, contact your record keeper and HR department, and file a police report immediately. Then, update your passwords on any other accounts that use the same email or password information.

Mutual fund companies may reimburse funds lost to fraud, but unlike stolen credit funds, losses to retirement theft aren’t limited by federal law. It’s critical to take all the preventative measures in place and choose a trusted benefits service provider.

The Department of Labor (DOL) recently released a list of best practices for recordkeepers and service providers responsible for plan-related IT systems and data, and for fiduciaries making decisions on which service providers to hire.

Check out our webinar  Security in the Cyber Age, featuring one of our CFP’s Keith Huber, to learn more about cybersecurity measures we take here at OneDigital and how you can protect yourself and your online profiles.

Click here to watch the Coffee Break video featuring Jania Stout.