How to Protect Your Retirement Savings from Identity Theft and Internet Fraud
I cheered when Lisbeth Salander, the fictional uber-hacker in Stieg Larsson's wildly popular The Girl With the Dragon Tattoo book series, easily stole billions online from the bad guy. Then I started feeling uneasy -- could this happen to my online retirement and investment accounts? Mind you, I don't have billions to steal, but I have enough to make me worry!
If you're like many people, you like the convenience offered by mutual fund institutions and banks to view your accounts and execute transactions online. But is your hard-earned money at risk to hackers, identity theft or online fraud?
To find out just how safe my investments might be, I investigated three institutions -- Fidelity Investments, Schwab, and Vanguard -- to learn about their online fraud policies. I started by visiting their websites and searching on the words "online fraud policy." This quickly brought up their policies and recommendations for protecting your accounts. I also called all three institutions to see if there are any additional precautions investors should take.
It turns out that all three companies will reimburse you in the event of unauthorized activities or transactions. To earn this protection, however, you have certain responsibilities, and you'll need to pay attention to how each institution defines an "unauthorized transaction." There's a chance you might lose the institution's protection unless you take certain precautions.
When it comes to the security of the financial resources that will fund my retirement for 30 or more years, I'm paranoid -- kinda' like the guy who wears suspenders and a belt to keep his pants up. As a result of what I learned from my investigations, here are nine steps you should take to protect your hard-earned investments:
- Become familiar with the online fraud policies and recommendations of your financial institution (Here's some info from Fidelity, Schwab, and Vanguard, for example). Don't forget to read the fine print!
- Check your accounts every week or two, if only just to make sure your money is still there. If there's a problem, you're much better off catching it early.
- Use strong and unique usernames, passwords, and security questions. Change them every six to 12 months. Be mindful of common answers to security questions; for example, how many people might list "Rusty" or "Snowball" as the name of their first pet?
- Maintain up-to-date anti-virus, anti-spyware, and firewall protection. These types of protections might be offered by your operating system in combination with purchased software. Update them every six to 12 months.
- As much as possible, don't check your accounts at work, from public computers, or by using a public wireless network. Only use wireless networks that you trust. If you have a home wireless network, install passwords. When you're finished with a session, make sure you log out of your account, and close the browser when you're finished.
- Don't give your user name or password to anybody, including financial advisors. If you give this information to another person and that person executes a transaction, it's usually considered an authorized transaction that invalidates any protection the institution might offer.
- Never provide personal information, such as your name, account number, or Social Security number, in response to an email.
- Between your IRAs, 401k, and other retirement savings, consider spreading your accounts between two or three different institutions. Think of it as another form of diversification.
- If your institution offers additional protection features, use them. For instance, Schwab will send you a free token that, in effect, changes your password every time you log in. And Vanguard will set up your account so that it can only be accessed by your home computer.
Image from IStockphoto contributor kkiller
More on MoneyWatch: