Security | Capital Group

Security

The security of your personal information is critically important to us. That’s why we have a robust security program and infrastructure, including a team of cybersecurity and risk management professionals, to help monitor and protect your personal information 24/7.
We review each report of unauthorized access thoroughly, and file appropriate notices with law enforcement agencies. See Report Fraud or Suspicious Email for more information.

What We Do

We use a variety of controls to detect and prevent unauthorized access to our network and sensitive information. Our cybersecurity response program fulfills the requirements of federal and state laws and includes appropriate notifications to investors and advisors when warranted.

Our security program also features safeguards for your account. To help keep your information safe, we:

  • Regularly refine and update security features. We review industry security standards and perform system testing on an ongoing basis to help identify and implement the most up-to-date techniques and technologies, and verify that our system is performing as expected.
  • Actively monitor threats. We communicate with financial industry security groups and government agencies to monitor the threat landscape for emerging and active threats.
  • Educate employees. American Funds associates receive ongoing security training, including how to handle sensitive data and be aware of security risks.
  • Offer image verification during login. Before you enter your online password, we ask that you verify your personalized security image. That way you can be confident that you’re accessing our website, as opposed to a fake site that may be attempting to “phish” for your personal information. 
  • Challenge questionable website access. If we’re uncertain about a login attempt on your account, we’ll challenge the user to answer security questions in addition to requiring their password.
  • Display last login information. The date and time of your most recent login will display in your account information.
  • Mask confidential information. You’ll see asterisks or similar symbols in login fields and in place of your Social Security number. We’ll never mail your chosen password or answers to your security questions.
  • Enforce website timeouts. Your online session will automatically time out after 20 minutes of inactivity.
  • Use encryption to secure your data. We use industry-standard security protocols that leverage encryption to create a secure online environment. The green bar in the browser helps identify that you are on the official Capital Group and American Funds websites.

How You Can Help

Use our Account Security Checklist (PDF) to quickly assess the security features you have in place. More detailed information about each item and other best practices can be found below.

Security is a joint effort. Here are some steps you can take to help protect your sensitive information.

  1. Customize your password and do not share it. You are responsible for protecting your account information. Don’t share usernames, account numbers, passwords or answers to security questions; this information could be used to access your account inappropriately. Be wary of unsolicited requests for your personal information online, by email or by phone. Inquiries may seem innocent, but they could be part of a complex fraudulent scheme. American Funds will never ask for your password in an email.

    Create smart passwords and usernames. Make your password and username hard for others to guess by using a combination of letters, numbers and symbols that are meaningful only to you. Avoid using the same password and username for multiple websites, particularly financial websites, and be sure to change your password often.

    If you haven’t done so already, we encourage you to access your account online and customize your login information. First-time login

    If you want to change your existing username or password, log in and click on “Profile & Settings,” then go to the Profile tab. Returning login  

  2. Sign up for e-delivery. When you turn off paper delivery of transaction confirmations, quarterly statements and tax forms, we’ll notify you by email as soon as your documents are available to access online through secure account login. Current and prior year quarterly statements and tax forms are always accessible in the same location on the Statements and Tax Forms web page. There are no documents to shred or to worry about getting lost or delivered to the wrong address. We recommend that you take advantage of e-delivery from all of your financial institutions that offer this service.

    Learn more
    Sign up now

  3. Keep your email address up to date. If you’ve set up online access to your account, sending you an email is the fastest way for us to inform you if a change to your personal information (Security Notification) or certain transactions are initiated online (Account Activity Notifications). We will let you know immediately when a change is initiated and again when the change is processed.

Be Observant

  • Promptly review confirmations and statements. If you spot unauthorized activity on your American Funds transaction confirmations, quarterly statements or email notifications, contact us immediately.
  • Think before you click. Be cautious about clicking on links, especially in emails, and be sure they link to a trusted website. Get in the habit of hovering over links to see the underlying web address. If you’re unsure about a link, you can go to the firm’s website by typing the correct address in your web browser.
  • Pay attention to time stamps. Look for the “last login” date/time stamp when you log in to americanfunds.com and other sites that provide such a stamp. If the stamp doesn’t correspond to your most recent visit, follow up.
  • Sign up for a credit-reporting service. Stay on top of who’s requesting access to your information — and why.

Keep Your Computer Secure

  • Keep your operating system and software current. When possible, use the latest operating systems available for your computers and devices. Also, be diligent about responding to software updates to help ensure the highest level of security for your devices.
  • Activate security features. These include pop-up blockers and other features provided in the range of products you use.
  • Use antivirus software. Consider installing antivirus software designed to detect and remove malicious software (malware) from your computer. Keep your software up to date to help protect your computer from the latest viruses and malware.
  • Set up a firewall. Make sure your personal computer and home network are properly protected from malware. Check to see that the firewall has been properly installed — or enabled if it came bundled with your operating system.

Avoid Public Computers and Wi-Fi

  • Skip the use of public computers. Access financial and other sensitive personal information online using a known device, such as your personal computer, with the necessary protections and security features in place.
  • Be wireless-wise. Don’t use public Wi-Fi to access websites with sensitive information such as financial records, banking transactions, business-related documents or other personal information. When setting up your home network, follow the manufacturer’s security recommendations to be sure your wireless signal is properly encrypted.

Protect Physical Documents

  • Promptly retrieve and secure incoming postal mail after delivery. Place outgoing mail in a U.S. Postal Service mailbox instead of your home mailbox to reduce the chance of mail theft. Report all suspected mail theft to a Postal Inspector.
  • Look out for paper confirmations. We mail a confirmation to your address of record following address changes and website password updates. Make sure that you made or authorized the change.
  • Protect your Social Security number. Store your card in a safe place, avoid giving the number to others and take measures to keep any other documents containing the number confidential.
  • Shred documents. These include credit card offers, bank statements, junk mail and any other documents that may reveal personal information about you.

 

 

Report Fraud or Suspicious Email

Report Account Fraud

1. Contact us

Contact us immediately in the event of fraudulent activity. We’ll take the appropriate steps to monitor your accounts.

2. Contact a consumer credit company

We recommend that you place a fraud alert on your accounts by contacting one of the following three consumer credit companies:

  • Equifax: www.fraudalerts.equifax.com
    (800) 525-6285
    Equifax Credit Information Services, Inc.
    P.O. Box 740241, Atlanta, GA 30374-0241
  • Experian: www.experian.com
    (888) EXPERIAN (397-3742)
    P.O. Box 9532, Allen, TX 75013
  • TransUnion: www.transunion.com
    (800) 680-7289
    Fraud Victim Assistance Division
    P.O. Box 6790, Fullerton, CA 92834-6790

Please note: You only need to inform one consumer credit company since it’s required by law that they share your fraud alert request with the other two.

3. Review your credit report

Once you’ve requested a fraud alert, you’re entitled to free copies of your credit report. Review them for suspicious activity and inaccuracies. If you find unauthorized accounts or charges, take the appropriate steps to get them corrected.

Report Suspicious Email, Phone Call or Text Message

We’ll never ask for account or personal information, including passwords, via email or text message.


Job candidates may be contacted via email (with emails ending in @capgroup.com or @jobs2web.com), phone, or possibly via message from a professional networking social media platform, such as LinkedIn.


Before receiving any job offer, candidates must apply and interview for a position. Candidates will never be initially contacted by text message or direct Twitter message, and candidates will never be solicited by Capital Group for payment related to job searches.  

If you suspect that you’ve received a fraudulent email, text message or phone call, please contact us immediately:

OR

  • Call us and tell us about the situation. For calls about suspicious emails, please write down the title of the email you received, along with the sender’s name or address and the file names of any attachments.

Fraud Basics

Phishing

Phishing is the most widely known form of fraud. It typically involves someone sending an email that appears to be legitimate from a reputable source. It may contain real information, including a company logo and branding, or even personal information gleaned from your social networking site. These emails then urge you to take action — e.g., click on a link, open an attachment or respond to a message.

There are two primary types of phishing: broad phishing, where the attacker casts a wide net and hopes to “hook” one or more victims, and spear phishing, where the attacker carefully researches their victims using publicly available information in order to make the message appear more legitimate.

Phishing attempts typically:

  • Pretend to be from banks and other financial institutions, entities that process payments or individuals with an offer that’s “too good to be true”
  • Appear convincing due to copycat logos, fonts and other graphic elements
  • Include a link to an illegitimate webpage where you’ll be asked to enter your personal or account information

Phishing attacks may also occur over the phone.

Malware

Malware includes spyware, viruses and other types of malicious software that are installed on your computer, smartphone and other devices without your authorization. Malware typically collects information about you — the passwords you use, the websites you visit — simply by watching you type or surf the web. Malware may also take over your computer for nefarious purposes such as sending email you didn’t write or spreading computer viruses.

Malware is typically installed through:

  • Malicious websites that attack computers with out-of-date operating systems or antivirus software
  • Links in pop-up ads
  • Shareware and other downloadable software
  • Deceptive security software offers

Computers with malware may:

  • Operate slowly
  • Be inundated by pop-ups
  • Redirect users to URLs different from those entered
  • Include unknown toolbars and icons
  • Display out-of-the-blue error messages

If you suspect your computer has been infected with malware, take the necessary steps to remove the unwanted software from your computer.

Identity Theft

Identity theft involves the impersonation of an individual through the fraudulent use of his or her personal and account information — e.g., driver’s license, Social Security number, bank account and other numbers, as well as usernames and passwords.

Identity thieves obtain information in a number of ways:

  • From the trash
  • By stealing mail, purses and other personal items
  • By copying credit card or other information during a transaction
  • Through phishing attacks
  • By submitting false address changes

More information on identify theft and protecting your identity can be found at these websites:

Learn More

Learn more about fraud and how you can spot it at OnGuardOnline.gov.

Social Media

Please see Twitter Terms of Use.


Investments are not FDIC-insured, nor are they deposits of or guaranteed by a bank or any other entity, so they may lose value.

Investors should carefully consider investment objectives, risks, charges and expenses. This and other important information is contained in the fund prospectuses and summary prospectuses or the collective investment trust's Characteristics statement, which can be obtained from a financial professional, Capital or your relationship manager, and should be read carefully before investing.