Important Message

Keep Your Retirement Account Safe from Fraud

Saving enough for retirement is one worry – but ensuring those funds stay put is another. Keep your online retirement account safe from hackers: Follow these guidelines to stay one step ahead of fraudsters.

The FBI has alerted us that retirement fraud is on the rise. They're seeing an increase in the number of confirmed victims reporting retirement and spending account data breaches.

We spoke with our Cybersecurity Program Manager Robin Garrett-State to get her insight. Garrett-State broke down a top four checklist for all members, no matter where they are in their retirement planning:

Step One: Change Your Passwords

Hackers can easily access personal information because we almost make it too simple for them. "Every account should have a unique password," said Garrett-State. "Especially your retirement account."

Don't invest years of saving only to have it be stolen due to a mediocre password. For practically foolproof password tips, check out this article1 about setting strong passwords.

Step Two: Avoid Free Wi-Fi

Complimentary Wi-Fi offered in restaurants, coffee shops, libraries, hotels, airports and the like make it easy to surf the web and flip through news. But end your use of public Wi-Fi there. Don't be tempted to shop (entering credit card info) and never, ever log in to a site using a password. Odds are, you use that same password elsewhere.

Wait to do any banking or shopping until you're connected to a secure Wi-Fi (such as your home network or a trusted friend) and use a known, protective firewall.

"Work offline whenever possible," instructs Garrett-State. "If you need to connect to the internet in public, use your smartphone's hotspot." New to using your phone as a hotspot? Read this great how-to article from PCMag2.

Step Three: Know How to Spot Phishers

Your email and social feed are flooded daily - how do you know when to click and when to delete? Do not click on a link without first understanding the wide range of phishing tactics: Phishing is when a fraudster poses as a friend, relative or legitimate company and interacts via email or social media. These types of fraudsters can easily steal your personal information and eventually use it to access retirement accounts.

Be on the lookout for link and email addresses that are similar to but slightly different from a trusted sender.

Phishing Forensics:

Check the "from" address

  • Is it from or That "1234xyz" indicates it may be fraud. Call the business or check the address against their website to double-check before sending any payments on odd-looking addresses.

Use your mouse to hover over any link

  • It reveals the web address. What was promised as a contest-entry form may be a link to a virus.

  • Example: contestentry.companyABC.zooprize vs. rando639//user903.clickme.

Avoid offers of free goods or cash with little effort from you

  • If it sounds too good to be true, it is

Don't click links from unusual emails or links, even from trusted sources

  • Delete immediately

Step Four: Check Your Accounts

When it comes to making contributions to your retirement account, it's common for younger individuals to "set it and forget it." However, with the increase in 401(k) fraud, you'll want to check in on that retirement account with more regularity. Be sure that you immediately notify your financial provider if you notice anything is awry.