May 2026

Cybersecurity threats across the financial services industry continue to grow in volume and sophistication. Retirement plan participants are increasingly being targeted through phishing, social engineering and credential theft. Because many of today’s attacks are aimed at individuals rather than systems, participant awareness is an important part of protecting retirement accounts.

Our Commitment to Security
Safeguarding participant retirement assets and account information is a top priority. Milliman undergoes rigorous security audits each year and maintains a strong focus on protecting systems, data, and participant accounts. At the same time, cybersecurity is a shared responsibility. Even with strong technical safeguards in place, many attacks today are aimed directly at end users. That is why participant education and awareness are essential.

What We're Seeing Across the Industry
Cyberattacks are on the rise in 2026, and financial institutions remain a frequent target. Identity theft and account takeover attempts continue to affect consumers across many sectors, including retirement and financial services. A significant percentage of cyber incidents are caused by participant error, which makes participant awareness and education especially important. While organizations continue to strengthen their systems and controls, bad actors are increasingly focused on manipulating individuals through phishing, social engineering, and credential theft. Among the trends we are seeing:
  • Email accounts are a major target. Large email providers such as Gmail and Hotmail are common points of attack because of their broad user base.
  • Phishing remains the leading method of attack. The vast majority of cyberattacks begin with deceptive emails or messages aimed at users rather than systems.
  • AI-powered phishing is becoming more convincing. Fraudulent emails and messages are increasingly polished, personalized and difficult to detect, even for experienced users.
  • Poor practices increase risk. Reused passwords, weak passwords, and unsecured storage of login credentials can make participant accounts more vulnerable.
  • Text-based scams are increasing. We are seeing a rise in malicious text messages containing fraudulent links designed to steal credentials or prompt harmful actions.
  • “Text bombing” is becoming more common. In these attacks, individuals receive a flood of messages in a short period of time, making it easier for an important legitimate alert to be overlooked.
  • Participants may underestimate the pace and persistence of threats. In some cases, users store passwords in unsecured locations (like in the Notes section of a mobile device), respond to phishing attempts, or fail to act quickly when account changes or suspicious notifications occur.
What We Can Do Together
Plan sponsors play an important role in helping participants recognize and respond to cyber threats. We encourage you to:
  • Include personal cybersecurity awareness in your employee education efforts. If your organization provides cybersecurity training, consider expanding it to include guidance on securing personal email, mobile devices, and online financial accounts.
  • Encourage prompt reporting of suspicious activity. If you become aware of activity that may involve participant accounts, please report it to Milliman immediately.
  • Reinforce strong digital habits. Remind participants to use unique passwords, secure their devices, avoid clicking unknown links, and carefully review account notifications and alerts.
We are also expanding participant cybersecurity education within our broader financial education efforts to help individuals better recognize threats and respond quickly if suspicious activity occurs.

By working together, we can help participants better protect their personal information and retirement accounts.

On-Demand Participant Communications
Following are resources that you can use to help educate participants about cybersecurity best practices. Click the images to download or hyperlink within your internal communication channels.


Copyright ©2026 Milliman, Inc. All Rights Reserved