A retirement account is often thought of as one of the most secure places to keep your money. In most cases, this is true, as FDIC insurance protects your account against firm failure and federal law generally protects retirement accounts from creditors. However, as we move further into the electronic age, retirement accounts are coming under threat from a new source: cyberattacks.
With most banking transactions being conducted online these days, hackers may be able to electronically gain access to your account. Fraud continues to occur in “more traditional” ways as well, such as tricking account holders into giving up private information. But if you remain vigilant in defending your account, you can help thwart these attacks. Here’s a list of steps you can take to help keep your retirement assets safe.
Change Your Password Frequently
The idea that you should change your password frequently isn’t a new concept. However, with cyberattacks on the rise, it’s more important than ever. In fact, this simple idea is not only one of the best ways to defend your accounts, it’s also one of the easiest to implement. Make an entry on your calendar to change your password at least once a month, or even more frequently if you’re so inclined. If you can keep one step ahead of the hackers, you won’t have as much to worry about when it comes to account security.
Make Your Username Different From Your Real Name
When you set up an online account, you need to provide a username. While most people put in at least a bit of effort to secure their passwords, usernames are usually not given a second thought. When creating a username, it’s certainly easy to remember if you use your own real name, but it’s also a security risk. Entering your actual name as the username means that if a hacker already has access to your personal information, they are halfway home to hacking your account. Don’t make it easier for thieves by being lazy when it comes to your username.
Never Give Your Password Over the Phone
Even in the electronic age, the simplest way for a hacker to get your information is to get it directly from you. Your bank or financial institution will never ask for your account password over the phone, so if for some reason you’re speaking to someone who does ask, hang up and call your bank directly. Sometimes, hackers will send out phishing emails with bogus bank phone numbers asking you to call to verify some information on your account. Don’t fall for this. Always call the bank directly with a number you know to be correct.
Set Up Multifactor Authentication on All of Your Accounts
Strong passwords used to be an effective deterrent against hackers, but as cybercriminals have gotten more adept, a good password alone is no longer all you need to protect your account. Multifactor authentication isn’t exactly a new idea when it comes to account protection, but it’s still effective. With multifactor authentication, any time you log in to your account, you’ll get a text message or email to confirm that you are trying to access your account. This can seem like a bit of an inconvenience, but the reality is that multifactor authentication makes your account that much more difficult to hack. Even though it’s far from foolproof, it may be enough of a deterrent to send a hacker off in search of an easier target.
Call Your Financial Institution Directly If You Receive a Phone Call or Voicemail Asking for Information
Sometimes, your bank may call you or leave you a voicemail regarding your account. In most cases, this will be a valid phone call that you should return. However, hackers have begun calling people and impersonating bank employees in an effort to get them to reveal sensitive account information. If you’re asked to provide any account information over the phone, politely respond that you are not comfortable giving that information on the call and that you will call back and speak to your banker directly. Then, call a bank number that you know is valid. The same is true if you’re left a voicemail with a callback number. Always call a direct bank number that you know is valid, rather than a random number left on your voicemail.
Use a Password Manager, Not a Pen and Paper
Setting up strong passwords is an important step in account security, but keeping those passwords safe is also critical. If you write down your passwords, even in your own home, you may be putting your accounts at risk. Sure, the odds of a home burglary where thieves access your passwords may be remote, but it’s not impossible. The risk/reward simply isn’t there, and if your password sheet gets stolen, all of your accounts may be raided. Consider instead using a secure password manager that requires extra verification steps to access your passwords. This is much safer than keeping your passwords written down at home, or even worse kept in your purse or wallet. Just remember that while password managers are safe they are not 100% secure, so continue to change your passwords frequently.
Don’t Discuss Your Account Information in a Public Place
You might think this one would go without saying, but many people still discuss sensitive personal or financial information over mobile phones while in public places. If you sit and think about it, you might even remember times you’ve overheard people giving things like account numbers or even passwords over the phone, oblivious that those around them can hear every word. If you really need to provide this type of information over the phone — which isn’t recommended in the first place — be sure to do it in a private area, or go to your car.
Don’t Log In to Your Accounts on Public Wi-Fi
Just like you shouldn’t discuss secure information on the phone while in a public place, you should also avoid using public Wi-Fi to log in to any of your accounts. On an open Wi-Fi network, hackers can easily gain access to what you’re typing on your computer. If you’re logging into your financial accounts, you’re essentially just handing them the keys to your assets. If you must use a non-secure public network, either use a virtual private network, or VPN, for security, or simply avoid logging in to any of your accounts. This includes your email account, which is a treasure trove of information about your personal life and financial accounts.
Provide Fake Answers to Your Security Questions
Security questions are used to provide access to your account if you log in from an unfamiliar location or otherwise can’t seem to get into your account. Typically, these questions ask things like, “Where were you born?” or “What is your favorite pet?” To give your account an extra layer of security, provide fake answers to these questions. For example, if you were born on Mulberry Street, say that you were born on Maple Street instead. Since hackers can often access information such as where you were born, they could use that knowledge to correctly answer your security questions. However, it’s unlikely that they would have any knowledge of any fake answers you use to set up your account.
Don’t Get Complacent
Even if you take all of the security steps listed above to protect your retirement account, never get complacent. Although the percentage of retirement accounts hacked is still low, never think that it couldn’t happen to you. Rather, be proactive in protecting your accounts. Check your statements regularly, change your passwords often, only speak with legitimate account representatives and always remain vigilant. The small level of inconvenience this requires is far outweighed by the protection you’ll gain, as the consequences of a hacked retirement account are enormous. Stay alert and don’t let yourself be a victim.