Seeing an unknown charge on your credit card is so common these days that many people shrug it off. When money is stolen from your 401(k) account, there is less recourse and more cause for concern.
Federal law limits consumer liability for fraudulent credit- and debit-card charges. But there is no similar protection for retirement accounts, where many people have saved a lot more money than in bank accounts.
When it comes to theft from retirement accounts, 401(k) record-keepers say family members are often the perpetrators. But about three years ago, the industry noticed a rise in online theft from such accounts by strangers, said Tim Rouse, executive director of Spark Institute Inc., which represents the retirement industry. “That set off huge alarms,” he said.
Recent court cases, in which hundreds of thousands of dollars were allegedly stolen from three people in separate 401(k) plans, highlight the risks to workers and retirees. While record-keepers generally promise to reimburse consumers for such losses, there are no guarantees.
“Cyber theft from retirement accounts is a growing concern,” said Steven Silberstein, chief executive of the Financial Services Information Sharing and Analysis Center, which combats cyber fraud in the finance industry. With more than $20 trillion in individual retirement accounts and 401(k)-type plans, they “are relatively high-value targets,” he said.