A new report reveals your investments may not be as protected as you think — and hackers know it.
If someone steals your credit card number or uses your identity to open fake accounts, you're usually not liable for those losses, but your investment accounts may not share the same regulatory protections. Most people hold far more assets in stocks, mutual funds and retirement accounts than in bank accounts, making them prime targets for hackers.
“We've seen activity, now, involving scamming 401(k) accounts,” Cyber Scout CEO Adam Levin said.
That fraud can go undetected for months because people aren’t paying a lot of attention to the accounts.
“The reality is, this is not the thing that a lot of people watch,” Levin said. “They buy funds and they forget about it. It's kind of like the ol' set it and forget it.”
A recent survey of 15 leading online brokers and mutual fund investment companies may encourage you to pay more attention.
“A lot of these companies really don't have firm protections in place for their customers, and they're not really interested in advertising that,” said Kevin Brasler of Washington Consumers’ Checkbook.
Checkbook requested interviews from all 15 firms, but none agreed.
Checkbook researchers looked at the companies' web sites and found six of them don't mention any policies about theft protection, and the firms that do promise fraud protection might not cover the total loss. In some cases, companies have a long list of requirements you must meet to prove you're closely watching for fraud.
“If someone has stolen money from your account, in theory that company can say, We're not going to reimburse you because you didn't follow our policies and one of our 80 different requirements is that you log into your account once a week,” Brasler said.
Here's what you can do to protect your money:
- Check your accounts regularly.
- Set up multifactor authentication for logins if it's available.
- Sign up for transaction alerts.
- Ask the investment firm about any other free security tools.