Cybersecurity Alert: Retirement Accounts Targeted by Cybercriminals; Google Chrome Browser Vulnerability

March 8, 2019

This alert contains information about a recent rise in criminal access to retirement and health savings accounts, as well as information about a security vulnerability in the Google Chrome Internet browser.

Retirement Account Access Threat

On March 7, the FBI’s Cyber Division issued a Private Industry Notification that warned of a rise in cybercrime related to retirement and health spending accounts. The increase in these attacks has been noted since September of 2017, with particularly high levels of confirmed attacks occurring toward the end of 2018.

Bad actors have used stolen personally identifiable information (PII), login information gained from phishing or related schemes, or breached access to company networks to either create or access 401(k) pension plans, health savings accounts, and flexible spending accounts. After gaining access, they have attempted to deposit funds into their bank accounts by transferring and withdrawing funds, initiating distributions, initiating loans, etc.

The FBI views these threats as ongoing and likely to increase in the future, and recommends heightened vigilance from employers and plan administrators.

ACA Aponix Guidance

ACA Aponix recommends taking the following precautionary measures:

  • Enhance and refresh company training regarding phishing and social engineering schemes.
  • Educate employees to refrain from providing log-in credentials or related PII in response to email or telephone requests.
  • Enable multi-factor authentication methods for establishing new online accounts or making account changes.
  • Enact company policy to verify any account changes via direct contact of account owners.
  • Maintain particular vigilance toward unusual activity related to retirement and health savings accounts, both from an administrative and consumer perspective.

Chrome Browser Vulnerability

On March 7, Google announced that a security vulnerability has been exposed in versions of its Chrome browser, and that the browser must be updated to a later version to protect against attack.

The previously unknown “zero-day” vulnerability was discovered by Google’s security team. The vulnerability allows malicious users to exploit the “use-after-free” application program interface element included in the browser. Malicious users can potentially access the contents of files on the browser’s computer, change user privileges, and use private data for criminal purposes. Reports of this vulnerability being actively exploited have been noted.

ACA Aponix Guidance

ACA Aponix recommends taking the following precautionary measures:

  • Upgrade to the latest version of Chrome: 72.0.3626.121 (Official Build). This will automatically install a patch and protect users against this security threat. To upgrade to the latest version of Chrome:
    • In the Chrome browser address bar, enter: chrome://settings/help
    • If the version is not the latest build (72.0.3626.121), follow upgrade prompts.
  • If not in place, consider implementing automated company-wide security patch deployment programming.
  • Educate staff on the need for personal patch protection for home equipment.

How ACA Aponix Can Help

ACA Aponix offers the following solutions that can help your firm protect itself from breaches, vulnerabilities, and related cybersecurity risk:

For More Information

If you have any questions, please contact your ACA Aponix consultant or email us at