5 Ways to Protect Your Retirement Account from Fraud and Identity Theft

Updated: August 8, 2023

Key Points

• Cyber attackers are starting to set their sights on retirement accounts due to a lack of cybersecurity defenses
• Unlike credit card theft, there isn’t a similar federal law that outlines if you’re protected from theft liability when it comes to your retirement accounts
• Below are 5 ways to protect your retirement savings from potential cyber-attacks and identity theft

According to research conducted by the American Bankers Association in 2022, there were over 450 million open credit cards in the U.S., representing a significant chunk of the population. If you’ve had credit cards for a while, you’ve probably also been a victim of credit card fraud or identity theft.

This might be the only time I say this, but take it from Dwight – identity theft is no joke. The upside for that credit card charge is that Federal law limits your liability for unauthorized charges to $50 and a majority of credit card companies will waive that meaning you’re pretty much covered.

What About My Retirement Savings?

Those accounts that will support your retirement for 30+ years? It’s scary to think about someone stealing from them.

Unfortunately, there’s no federal law protecting your retirement accounts from theft liability. And, for most, the value of your retirement account far exceeds that of your bank account or credit card limit. There’s an article in the Wall Street Journal that talks more on these issues.

Interestingly, the most common culprits in retirement account theft are family members. They often know the answers to your security questions, making it easier for them to access your accounts.

5 Ways to Protect your Retirement Savings

So, what can you do? Here are 5 steps you should take to protect your investments:

1. Adopt a multi-factor authentication. While it may add 15-30 seconds per login, each layer of authentication you add, will provide an additional level of security for your information and life’s savings.
2. Update your password reset questions.Your answers don’t have to be honest, just memorable to you. For example, you could use the same answer (e.g., Smith) for every question like your mother’s maiden name, the street you grew up on, best friend’s name, etc.
3. Check your account on a regular basis. No need to become a day trader, but ensure your money is still there and your contact information is up-to-date. Avoid checking your accounts on public computers or at work to reduce the risk of hackers.
4. Use unique passwords. Don’t use the same password for every site. In other words, using the same password for your 401(k), Netflix, wifi, AT&T, Facebook, etc. is an invitation for disaster. Another good tip is to use a passphrase instead of a password. It’s harder to guess an entire phrase vs one word.
5. Consider consolidating your accounts. When you leave an employer, consider moving that account to your new employer’s plan or rolling it over to an existing IRA provider. The fewer the accounts, the fewer opportunities to become a target.

I hope this didn’t scare you into withdrawing your savings to hoard under the mattress and in tin cans. I just don’t want you to fall victim to internet fraud or identity theft. Adopting these precautions will take some time, but they’ll also give you peace of mind. Some basic common sense and good internet “hygiene” will go a long way when it comes to protecting you and your retirement accounts.

More on retirement:
What Happens if I Don’t Name a Beneficiary? Who Gets My 401(k)?
Required Minimum Distributions are Back. Tell a Friend.

At Odyssey Advisors, we stay up-to-date with current and future plan design options and the latest IRS, DOL, and ERISA regulations to keep our clients and partners informed. If you have questions, please reach out an Odyssey consultant for more information.