Recently, financial companies have seen a marked increase in the incidence and sophistication of financial fraud, especially through email. Charles Schwab has informed us that industry-wide attempts at financial fraud have increased more than ten-fold over the past five years from 30,000 incidents per year to more than 300,000. At a recent meeting with other financial advisors, half of those in the room said they had seen at least one fraudulent attempt to access their clients’ accounts, affirming statistics of financial fraud on the rise in 2014.
We still see the traditional “phishing” emails as a form of financial fraud. In these, the fraudster sends an email that looks like it comes from your bank or credit card company asking you to log onto your account for some reason. The email will have a link that looks like your financial institution’s but will point you to the scammer’s website instead.
Most of us have also heard a story about a friend’s email being hacked. One of our favorites was about someone who was sitting next to his wife checking email, and received an email from her address saying she was on an emergency trip to London and needed cash to get back. When he asked her how the trip was going, he received a confused look in return. The point of these scams was to start an email conversation with the victim’s friends who would send money to ‘help’.
While we still see these kinds of things once in a while, what has apparently become more common is for fraudsters to hack into email accounts and then monitor them for a while. They try to gain a sense of how their victim writes and who they correspond with. They could learn about your close friends, family members and advisors. They would see bank and brokerage account notices, so they would know which financial institutions you use, or they could see purchase confirmations for online shopping.
This recently happened to one of our clients. We received an email from the client’s email address asking about a wire transfer. Knowing our client, the poor grammar and spelling made this easy to spot as a forgery so we called the client to discuss it. But this is a sample of the kinds of things that are becoming more common.
As scary as this sounds, there are two points to remember: (1) people who bank online are more likely to discover financial fraud early, and (2) electronic delivery of statements is still considered safer than paper delivery because it is so easy to lift paper statements out of most mailboxes. But with financial fraud on the rise you do need to take precautions.
Keep your AntiVirus and Malware software up to date. Viruses are EVERYWHERE, and children and teenagers seem to be especially adept at finding them as they surf the web looking for new, free tools for their electronic gear or homework. Schedule scans of your computers often and keep your virus definitions up to date. American Banker recently listed keylogging malware (which records your keystrokes and send them to hackers) as one of the greatest risks to banks and their customers. These kinds of malware (viruses and “Trojan horse” programs) will record the things you type, like “www.bofa.com” “UserID” “Password”. Regularly scanning for viruses will greatly reduce this kind of risk, but use a recognized antivirus program, not a free online utility.
Make sure your passwords are strong. Your spouse’s initials and birth year simply aren’t good enough anymore. A strong password to help prevent financial fraud should combine at least three of four elements: upper case letters, lower case letters, numbers and symbols (@, #, $, %, etc). In addition, you can combine these with a simple phrase, so that “easy to remember” becomes “EaSy_2_ReMeMbEr”. (Read our article dedicated to strong passwords for more information: Internet and Password Security.)
When you are banking online, don’t surf to other websites. When you have multiple browser windows open, some websites can run scripts that can access your other browser windows. This is called “cross-site scripting.” This is a relatively rare risk, but if your bank’s software is vulnerable to this kind of attack, a hacker could potentially access your bank accounts that way. It’s easy enough to prevent by doing your banking with no other browser windows open and closing your browser when you’re done.
Our Commitment to Your Security
Rest assured, the safety of our clients’ assets and personal information is of utmost importance to us. Our Privacy and Data Protection procedures are designed to safeguard our client’s information from theft, fraud, and unauthorized access. Measures we take to protect your information include:
- Encryption and passwords on any confidential data sent by physical or electronic mail.
- Computer data security, including use of firewalls, antivirus systems, and other safeguarding measures.
- Physical office security measures.
In addition to protecting the information that you share with us, we have also, in conjunction with your custodians, taken steps to better protect assets held in your accounts. These include:
- Inbound calls to Schwab will be challenged by their representatives. They will be asking questions that only the account owner would know. As an additional layer of security, clients can request that a passcode or PIN be required in order to discuss their accounts with the Schwab representatives.
- Personal verification of distribution requests to third parties. Our policies require us to verbally verify each transfer or distribution request to a third party on behalf of a client. This isn’t essential when moving money to an account we already identify with a client or with the same registration (e.g.: from your brokerage account to your bank account) but when a request is received by email to transfer funds, we will follow up to ensure it’s a valid request.
- For requests to send money or assets to a third party, a letter of authorization signed by the client is needed. Schwab checks signatures on the request forms and will take additional measures if the signature or anything about the request seems suspicious.
If you have any concerns about the rise of financial fraud or your financial security online, talk to your bank, your brokerage firm, or contact us to discuss your online security.
[…] Financial Fraud Is On The Rise […]