Cyber criminals getting more aggressive and devious
No matter how well you know your clients, don't shortcut security procedures.
Scammers are getting more aggressive and devious. In attempting to defraud investors, they will even go after their advisers. Here is an example of a scammer who doesn’t quit.
I have a client who’s a rabbi. He lives in another state and communicates with us primarily through email. Periodically, he requests wire transfers to make real estate investments with his family. Two years ago, we got a request from him from his email stating, “Can you please update me with the available balance in my account and also the information needed to complete an outgoing wire transfer for me today? I’m on my way to a funeral service but I will check my email often for your response.” This sounded perfectly normal to us. He proceeded to ask for $24,000 in wire transfers to be done that day.
(More: SEC urges advisers to draw up and implement cybersecurity plans)
We are a very service-oriented firm and take pride in our responsiveness. However, we also confirm every transfer request by phone. Our policy saved the day. This was a scammer looking to get to our client’s money through us.
Why am I telling you about an event that occurred two years ago? Well, just this last week, we got a request from our rabbi client (again, from his email) that said, “Are you available today? I need to know the total value of my portfolio and available cash balance as of today. Your advice is appreciated. Many thanks.”
(More: Know the cyberrisks to thwart them)
Although the real rabbi had stopped using this email account, it was still a valid address. The communication footer actually referenced his synagogue with a Hebrew phrase. Before we could respond, we received this follow-up email: “I need to make a deposit payment of 38,689.00 USD on a property in (POLAND), could you please advise what are the details required to complete the transfer from my trust account?”
Again, we always contact the client by phone. However the reference to a “(POLAND)” property was a big tip-off. Of course, this was fraud – and, my guess, it was the same scammer who tried two years ago!
The moral is simple: As an adviser, you need to be extremely careful. Do not shortcut your security procedures. Emails, faxes and scans are great tools for efficiency, but there are critical times when live communication is essential.
Sheryl Rowling is chief executive of Total Rebalance Expert and principal at Rowling & Associates. She considers herself a non-techie user of technology.
Learn more about reprints and licensing for this article.
