alt Hacker NewsI almost posted something this morning about this, because I received an email that really frustrated me. I have a 401k with Guideline from an old employer. The email was from Accrue <[email protected]>, and said, in part:
> Login: Please visit my.accrue401k.com to log in. You’ll find that the 401(k) dashboard and user experience remain familiar. If you’ve set up your account, your same login credentials will provide you access into the dashboard. (Please note, Accrue does not currently offer a mobile app).
The my.accrue401k.com part was a hyperlink to that site. I've independently done some digging (and contacted my old employer to verify!) but this is precisely how a targeted phishing attack would work. Asking someone to enter their financial account credentials into a site they've never used or heard of, based entirely on an unsolicited email, is INSANE.
This email was the first time I've heard of Gusto, of Guideline being acquired, or of Accrue 401k (which apparently is the company created to hold Guideline's 401k accounts that are NOT affiliated with Gusto). Nice.
Replies
This whole space is littered with bizarre security practices that make my hacker senses tingle.
I know my 401k is provided by company ABC, but then they host all of their web content and ask you to log in to myretirementplan.com. and then they do a redesign and then ask you to log into yourretirementplan.com. and there's basically no communication from company ABC directly if these sites are legitimate or illegitimate
I wonder if this acquisition update today is caused by the recent lawsuit alleging Guideline was performing corporate espionage. Seems like weirdly coincidental timing?
https://techcrunch.com/2025/10/27/new-corporate-espionage-cl...
Something broke down somewhere ... I got emails a while back about the acquisition and giving options about whether to go along with the move or not.
Since Gusto is our payroll provider, I didn't see a reason not to do that... hopefully there will be less finger pointing the next time something goes screwy with the 401k transfers.
I got an unsolicited call from Fidelity once and they asked for a bunch of financial info. I told them I'd call back on their official number and they said that's not possible, I had to answer right away. So I told them to pound sand. Afterward found out it was legit when they sent the same form by mail.
On a completely unrelated note: I don’t understand why people keep money in prior companies’ 401K plans. I always role mine over to my Vanguard account.