With cyber theft on the rise, cybersecurity has become a huge concern among businesses and individuals alike.  It is therefore very important to understand how to protect your investment accounts from becoming an easy target.  Read on for the guarantees already in place to protect you against fraud and tips to safeguard your account from cyber thieves.

Guarantees and Protections in Place

Many reputable custodians that hold investment accounts offer automatic security guarantees and full reimbursements against unauthorized access to your accounts, like Fidelity, TD Ameritrade, and Charles Schwab, so you don’t have to worry about keeping your accounts at multiple custodians and can take advantage of the benefits that come with account consolidation.


Schwab Security Guarantee

TD Ameritrade Protection Guarantee

Fidelity Customer Protection Guarantee


In addition to the protections offered by the custodians themselves against fraud and cyberthieves, there is another form of protection offered by the SIPC, the Securities Investor Protection Corporation, that kicks in if the brokerage firm fails financially.  The SIPC does not cover fraud and does not regulate the custodian or broker dealer.  The SIPC is a non-profit corporation that was created by Congress about 50 years ago and provides up to $500,000 of reimbursement per customer (including a limit up to $250,000 for cash only – money market mutual funds are not considered cash).   You can read about the SIPC by clicking here.


10 tips to protect yourself:

  1. Do not share your passwords. If you do share them, those individuals will be considered to have authorized access.


  1. Be sure to use a strong password for your account and make sure that you are not saving the password to your browser. Change your password frequently and do not recycle them.  Close your browser after you log out of your account.


  1. Use the two-factor authentication that is offered by your custodian, which means that you must input a code sent to your device to be allowed to finish logging into your account.


  1. Sign up for instant security alerts on your mobile phone when certain transaction or profile updates take place. You can do this at the custodian website.


  1. Use the voice recognition feature that custodians offer when you call them for extra security.


  1. Do not log into your account from a public computer.


  1. Check the activity in your account on a regular basis and make sure it is familiar to you.  If you see transactions that do not match your requests and your advisor cannot explain the activity, notify the custodian’s compliance department immediately.  For example, Schwab asks that you call them at 888-3-SCHWAB, Fidelity at 800-544-6666, and TD Ameritrade at 800-669-3900.


  1. When you log into your account, there is often a record of the last log in posted near the top of the web page. Check to make sure that the date of the last log-in on your account matches the date of your last log-in.


  1. Do NOT click on any links sent to you in emails that appear to be from your custodian, even if there is legitimate looking logo within the email. Hackers are getting very good at sending emails that look reputable.  If you decide to log in for some reason, don’t use the link.  While it is not foolproof, check the actual email address from the sender to see where it came from.


  1. Use antivirus and anti-malware software and keep it updated. You can purchase software with automatic updates.


As always, let us know if you have any questions or concerns by reaching out.


–Michelle Gessner, CFP®

This article was referenced in MarketWatch and Michelle was quoted in their related article:

How to Keep Your Retirement Accounts Safe