Chances are you or someone that you know has been the victim of an email hacking scheme or identity theft.
Recently there has been an uptick in the number of incidents of identity theft, wire fraud and phishing scams. In January of this year, the FBI issues a fraud alert regarding cyber criminals who were compromising the email accounts of U.S. individuals and businesses by using slightly altered variations of legitimate emails addresses associated with the victim’s accounts to request and authorize overseas transactions. The victims of these schemes are individuals and businesses that invest significant amounts of money with a financial advisor or financial firm. According to FINRA, individual unauthorized wire transfers range from $17,500 to $183,000 with a total of $6 million in losses to victims thus far.
These email scams tend to follow similar patterns. After obtaining the investor’s brokerage information by searching through their email account, the fraudster will typically send an email to the investor’s broker/brokerage firm with instructions to wire money to a third-party account, usually overseas. The instructions often are accompanied by a fraudulent letter of authorization, all from the compromised account so the broker/brokerage firm would never suspect that it wasn’t the investor himself reaching out and making the request. Many times the scam will also include some type of sympathy ploy, claiming a hardship or death in the family, and will place a sense of urgency on the request.
So how do your clients know if they’ve fallen victim to one of these scams?
If all of a sudden your client notices some of his contacts claiming they are receiving a lot of spam messages from him or he notices a large amount of bounced email messages from people that the client doesn’t know, these could be signs that their email account has been compromised. Also, if your client is having difficulty accessing his email account, perhaps receiving a message that says that his password is invalid, or that some account settings have changed; these should all be red flags. If the client finds that any of these things have happened, they should contact you and/or the financial institution immediately and notify them of the problem so that proper steps can be taken to protect further damage to the account.
How can you help your clients?
Educate your clients on steps that they should take to safeguard their account information. Advise them never to send account information or personally identifiable information via email. Inform them that they should review their credit card and bank statements as soon as they receive them to ensure that all transactions are valid. Emphasize the importance of having up-to-date anti-virus software on their computers and to beware of accessing personal information while traveling as some of the networks may be unprotected and offer the opportunity for fraudsters to gain personal information.
Sources: Cyber Fraud Threatens Advisors and Their Clients, Fidelity Investments. Fraud Alert Involving Email Intrusions to Facilitate Wire Transfers Overseas, Jan 20, 2012, Federal Bureau of Investigation, the Financial Services Information Sharing and Analysis Center, and the Internet Crime Complaint Center. FINRA Issues Email Hack Attacks Advisory, Jan 26, 2012, Financial Advisor Magazine.