In recent months there has been an increase in incidents in wire fraud, identity theft and phishing scams. Emails from compromised email addresses of clients are being sent to their financial firms in an attempt to gain access to the client’s financial accounts. So far the FBI and FINRA have estimated the losses of the victims to be $6 million.
This Website Is For Financial Professionals Only
Your client may receive an email from what appears to be their Internet service provider asking them to log into their account to view an offer or utilize a service. And so the scam starts, these cybercriminals now obtain access to your client’s email account and are able to comb through for financial information. They then send you, the financial advisor, an email posing as your client requesting an unauthorized transaction in the form of a wire transfer. Should you email your client back; the cybercriminals modify your client’s email settings so that your email will go to their spam folder. This provides them with more time to transfer the money out of the account it was wired to before the victim realizes the fraudulent transaction.
You may be the first and best line of defense in protecting your clients from this kind of fraud. Here are some recommendations to help keep your clients safe:
1. Safeguard account information. Your client should never send account information or personally identifiable information over any insecure communication channel.
2. Be suspicious of unsolicited information requests. Be suspicious of all emails requesting your personal information, most businesses will have no need to get your information that way. Do not click on a link in an email that is requesting information, instead type the web site’s URL into the browser.
3. Protect your information on social networks. Limit the amount of personal information you post of social networking sites. You should never post your social security number, not even just the last four digits. You may not want to post birth date, home address or home phone number either.
4. Review financial statements. Your clients should review all of their credit card and financial statements as soon as they arrive. If anything looks suspicious they should contact you right away.
You should also take steps to protect yourself from falling victim. Here are some ways we recommend:
1. Separate sensitive information. If an ID and password are used, send the ID through email and the password by phone. It is slim that both forms of communication will be intercepted, and separately the information is not useful.
2. Change your passwords. You should change your password every 90 days, and don’t use the same password for everything.
3. Update your systems. Your anti-virus needs to have the most up-to-date definitions and your operating system should have all the latest updates. Also make sure you are updating your plug-ins such as Adobe.
4. Security systems. You should have an effective firewall that the configuration is as restrictive as possible.
5. Be careful when traveling. Avoid using unprotected networks in airports, Internet cafes and Wi-Fi hotspots. These offer opportunities to the cybercriminals to gain access to your information.
Read more on this: