Don’t Let Email Hackers Spoof Your Advisor into Wire FraudSubmitted by Dempsey Investment Management on May 19th, 2016
You may be aware of some of the more prevalent fraudster activities, such as “phishing” which fraudsters use to trick you out of sensitive information. Now we are learning about a new and even more audacious ploy called “email spoofing” in which the fraudsters not only steal your information, they then send counterfeit emails that mimic your email account to your financial advisor requesting wire transfers. While we haven’t personally seen any incidents of email spoofing, it’s expected to become the next big wave of email fraud; so we are on high alert, and we strongly encourage you to take the essential steps to protect your email account.
It’s important to be very clear about the danger posed by email hackers. They can and will hack your email account if your number comes up and they find a hole in your security. Once in, they can tap into all of your correspondence including any attachments. In addition to using your information to send spoof emails, they could even forge your signature from any scanned versions they find in your attachments. A legitimate-looking email and a signed authorization may convince some financial advisors of their authenticity. And the hackers know full well that, by the time you discover that an email spoof has been perpetrated on your account and a wire transfer has been made to the bank of their choosing there’s little you can do about it.
There is, however, a lot you can do to fortify your defenses making it much more difficult for hackers to succeed:
Individual Steps to Security
- Always use the most extensive password you can with a combination of upper and lower case letters, numbers and symbols. Also, refrain from using the same password on multiple accounts. If you have to, you can use a password generator and vault program to automatically create random passwords and store them, so you only have to remember one password.
- If you suspect any hacking of your email account, such as hearing from friends that they received a strange email from you, immediately change your password.
- As an extra precaution, don’t store emails that contain sensitive information or attachments.
- Be wary of emails from financial institutions, even the ones with which you do business. Double-check the source.
- Never open a link in an email requesting personal information. Legitimate organizations never request personal information through an email.
Your security is our top priority, so we take extra precautions to ensure the security of all client transactions by
- Verbally confirming withdrawal instructions with our clients using the contact information on file, not the call-back number on an email.
- Ensuring that each withdrawal request is in line with the client's usual withdrawal habits. If a client is wiring to a new destination, we ask additional questions.
- We pay attention to spelling and grammatical errors, as well as the tone of email communications. Does it sound like our client?
- We pay attention whenever clients ask to rush a withdrawal. Fraudsters will sometimes use a frightening or disturbing event to establish an emotional attachment and then ask that a request be expedited.
Cyber-theft is potential threat to all of us, so we must be vigilant and take deliberate measures to prevent it. We hope you find this information to be helpful in your efforts to protect your personal information.
*This content is developed from sources believed to be providing accurate information. The information provided is not written or intended as tax or legal advice and may not be relied on for purposes of avoiding any Federal tax penalties. Individuals are encouraged to seek advice from their own tax or legal counsel. Individuals involved in the estate planning process should work with an estate planning team, including their own personal legal or tax counsel. Neither the information presented nor any opinion expressed constitutes a representation by us of a specific investment or the purchase or sale of any securities. Asset allocation and diversification do not ensure a profit or protect against loss in declining markets. This material was developed and produced by Advisor Websites to provide information on a topic that may be of interest. Copyright 2014-2016 Advisor Websites.