NEW YORK (MainStreet) — Many Americans assume their money is relatively safe regardless of where the account is located. As hackers have moved from retailers to banks, the likelihood of retirement accounts being the next target is increasing.
While having access to financial accounts, including banking and retirement portfolios, has increased accessibility to consumes, it has also increased the risk of fraud “significantly,” said Paul Martini, CEO of iboss Network Security, a San Diego network security provider.
The recent attack on the IRS used personal data such as Social Security numbers stolen in previous breaches and cyber attackers are now “monetizing insight from personal information aggressively,” said Ben Johnson, a chief security strategist of Bit9 + Carbon Black, a Waltham, Mass. security company.
“Retirement accounts are squarely in their crosshairs,” he added.
IRA and 401(k) accounts are even more attractive targets for hackers, because most people do not track them the way they do their credit cards or checking accounts. The thefts could wind up being undetected for months.
Even cyber criminals who are “semi-skilled” can access a victim’s 401(k) or IRA account easily using stolen personal information and social engineering tactics, Johnson said.
“Once they have access to the account, it can be emptied in a matter of minutes, but the victim may not realize it until they do their annual review of their retirement accounts months later,” he said.