Copy of AI...Friend or Foe?
SUITE(k) - Retirement Plan Division of S.E.E.D. Planning Group
Helping employers with retirement plan administration, fiduciary oversight, and employee education for a flat fee.
Technology is an amazing tool, until it isn’t. There is so much noise about AI, how great it is, and how it can increase productivity, provide solutions, and drive results for well-intentioned users. Unfortunately, it is also a new tool to enhance criminal activity that increases the opportunity for retirement plan attacks on financial institutions, employer information, and employee accounts.
We have all heard the messages encouraging us to be diligent, check sources, confirm senders, use multifactor authentication, etc. But the criminals are becoming craftier and AI is helping. With the evolution of AI, opportunities for fraud, cyberattacks, phishing and smishing are becoming increasingly concerning. Financial institutions, businesses, and individuals are all targets.
AI is creating a more realistic voice to impersonate images, voice recordings, or personalized emails from either pirated or public sources. Jeffrey Wu, managing partner in DOL Cybersecurity LLC, reports that ‘Retirement plans are in the process of becoming more prepared for the surge of AI fraud’.
Both employers and service providers for retirement plans are dedicating resources to enhancing their security protection to prevent fraud. Most retirement plan service providers have dedicated technology teams to protect employees accounts from any fraud or security breaches. For example, Fidelity Investments technology team will also surf the ‘dark web’ searching for any employee data breaches. If any are discovered, they will freeze the participant’s account on their platform and notify the employee of any potential exposure. It is a full-time commitment to circumventing the creativity of cyber criminals.
For employers, Jeffrey Wu suggests a three-pronged approach: people, process and technology. He emphasizes that businesses need proper internal and external resources, best practices, continuous compliance training and vetted technology providers.
For employees, the message is to remain diligent. Unfortunately, this is not a threat that is going to go away. Cyber criminals will become more sophisticated and crafty. They are finding ways to gather information any way they can to access your accounts and AI is on their ‘team’.
What should you be doing? Monitor frequently. Use strong passwords and change them often. Enable two-factor authentication where possible. Be aware. Be smart. If it looks or feels suspicious, you are probably correct. Call your retirement plan provider immediately and confirm questionable transactions, even if they are very small. Any access is simply a gateway to larger attacks.
Kerstin Driscoll-Witt
Senior Retirement Plan Navigator, Suite(k)