The U.S. Department of Labor’s Employee Benefits Security Administration has cybersecurity guidance that can help retirement account holders reduce the risk of fraud. While retirement plan accounts are fairly secure due to the rules, systems, and processes related to accessing money, these tips can help you remain diligent with any online accounts you hold.

• Register, set up and routinely monitor your online account
  • Failing to register online by setting up a username and password may make it easier for cyber criminals to assume your online identity
  • Regular logins ensure you’re monitoring and managing key details, like your beneficiary designation, contribution rate, and account activity
• Use strong and unique passwords
  • Mix letters (upper and lower case), numbers, and special characters
  • Don’t use letters and numbers in sequence (i.e., “abc,” “123,” etc.)
  • Use 14 or more characters
  • Consider using a secure password manager to track passwords
  • Don’t share, reuse, or repeat passwords
• Use multifactor authentication: This requires a second credential to verify your identity, like a code sent in real time via text message or email. Many retirement plan providers prompt for this when you set up your account.  
• Update personal contact info as needed: This includes your address if you move
• Close or delete unused accounts: The smaller your online presence, the more secure your information.
• Be wary of free Wi-Fi: Public Wi-Fi in airports, hotels, or coffee shops pose security risks that may give criminals access to your personal information.
• Beware of phishing attacks:
  • They aim to trick you into sharing sensitive information (i.e., passwords)
  • They may look like it comes from a trusted organization to lure you to click on a dangerous link or pass along confidential info
  • Be wary of messages or emails with spelling errors or poor grammar, offers that seem too good to be true, scare tactics, aggression, or a great sense of urgency
  • Hover your mouse over a link without clicking it to view the actual destination
  • Be wary of messages regarding offers, prizes, or services that you didn’t request or are surprised by

See the complete list of the DOL’s tips here.