Cyberattacks on 401k assets are on the rise! Is your 401k safe? How often do you check? Do you just make contributions and think that it is growing? Or, do you pay it no mind, and never check?
Because of a potential cyberattack, your money could be gone. Your account could be empty! Not only is it not growing, but you have become a victim.
Here, we will discuss cyberattacks and what you could do to prevent the potential of you losing your hard-earned money.
Is Your 401k Safe?
Many folks make contributions to their 401k and in some cases, their employer also may make a contribution on their behalf. Quite often they do not know how much is going into their account or what they are investing these funds in. That is a story for another day. They assume they are accumulating for a comfortable retirement, but maybe not.
They believe they will have a nice nest egg building. But they do not check regularly. They hear that the markets are up and 401k balances are growing. So, with this information in mind, they check their account. In some cases, it has been many months.
To their surprise, the account shows a balance of $100. What! That can’t be right. So, they begin to review their account, going back several months. In April, it shows a balance of $100,000. In May, it shows a balance of $102,000. Then in June, the balance is $52,000. What! Why? Oh, there is a withdrawal of $50,000. A withdrawal for what? I did not withdraw any money. This is for retirement. Then in July, another withdrawal, bringing the account down to $100.
Something is wrong, this makes no sense. They become angry but don’t know why because they don’t know what happened. So, they begin to make a few phone calls and it is determined that somebody somewhere in the world helped themselves to their retirement funds. Ouch!
You may think, no, this can’t happen! But it sure can and does every day.
Cyberattacks on a 401k
What is a cyberattack? It is an attack via cyberspace. Simply put, it is an attack on an entity’s or individual’s computer, restricting the ability to continue business. Or, it is the theft of data or the transfer of money in a bank account, investment account or retirement account.
There have been attacks on credit bureaus, like the Equifax data breach in 2017.
Many healthcare organizations have had their IT systems rendered useless and held for ransom.
How about identity thief?
These are a few examples. But what about your 401k? Is it safe? Let’s explore and find out.
How Often Do Cyberattacks Occur?
Cyberattacks have become more frequent as the use of the internet and cloud computing has grown. Just about everyone is connected to cyberspace. Many use it to bank, check balances, invest and buy stuff. The list goes on.
There are more than 80,000 cyberattacks a day; that is more than 30 million a year! About every 39 seconds. This affects one in three Americans per year.
How Can This Happen to You?
The most common way is for you to receive an email. The email asks you to verify your information with XYZ Retirement. So, you click on the link. Then you are asked to give your social security number, current mailing address, phone number, date of hire and perhaps a couple of other pieces of information.
Then, they ask you to verify your password.
The criminal now has enough information to access your account. He or she goes in and makes the necessary changes to claim the account. The thief changes the address and phone number, so it will give him or her access.
Once completed, a withdrawal of some sort is requested and your account is now compromised.
This is the most common method known as Phishing (pronounced “fishing”). Many fall victim to this method.
If you ever get such an email for any one of your accounts, just delete it. If you feel something is up, call the retirement manager or the bank.
Never, Ever Give Out Any Information via an Email or a Phone Call
But, you say, people don’t really give out their personal information. Well, I will put it to you this way. If this method were not effective, the thieves would not still be doing it. So, apparently it is effective.
Do not be a victim! Guard your information and do not give it to anyone.
What Can You Do?
Protect your personal information. Make sure it is safeguarded. Do not share it with anyone.
Go online and set up access to your account. Guard your sign-in and password. Many are now requiring a second level of authentication tied to your cell phone or email. Set it up.
If you receive a letter in the mail that your address has been changed and you did not request a change, call immediately. Sometimes change notifications can come via email.
Check your account periodically. Quarterly may be enough, but monthly is better. I check mine daily, but that is me.
Will You Get Your Money Back?
If your account is compromised, will you get your money back? The short answer is maybe. You may not get your money back, but most retirement providers are insured. So, there is a good chance you will get your money back. But why chance it? Put safeguards in place.
You work hard for your money; make sure it stays your money! QCBN
By Steven Calabrese, CPA
Steven Calabrese, CPA, is the CFO of West Yavapai Guidance Clinic. He also is the owner/operator of a website known as thebiweeklyadvisor.com, where such topics as budgeting, investing, paying off debt and goal setting are discussed.
Leave a Reply