Our office has received an uptick in clients who have fallen victim to fraudsters posing as a company the victim knows and trusts. They call the client to alert them of an issue, or a fraudulent activity, on their account. The fraudster appears genuinely concerned and eager to help resolve the issue. They pose as customer service or IT technicians of the company. They convince the victim to access their account(s) online by offering a “screen share” to “help you access the site” and quickly settle the issue.
Once the victim logs into their account with the fraudster connected to the computer, the fraudster is immediately given access to be able to scam the unsuspecting victim. Recently, we were made aware of a fraudster scamming a senior investor out of $15,000 from their account. The senior investor properly logged into the account using the appropriate credentials, but since the fraudster was given access to the investor’s computer, they were able to gain control of the account and process a fraudulent wire without the investor knowing it occurred.
How we can work together to protect your information and assets. Safe practices for communicating with our firm.
▪ Keep us informed regarding changes to your personal information.
▪ Expect us to call you to confirm email requests to move money, trade, or change account information to ensure the request is valid by verbally verifying the data with you.
▪ We are here to help. If you receive a suspicious call, email or text and are unsure with how to proceed, call our office and we are happy to help research the legitimacy of the information.
Screen sharing application fraud and imposter fraud investigation scams are on the rise! Please read important information about each type of scam so that you do not fall victim.
❖ Screen-sharing application fraud is a type of fraud where the hacker impersonates an employee of a legitimate company and offers that you download a screen-sharing app to gain remote access “to help you.” Once you give the hacker access via screen-sharing, the hacker will be able to access and steal your personal information and more.
❖ Imposter fraud investigation scam is another type of fraud where the scammer sends a text message, or phone call, to the potential victim asking if he or she made a specific purchase. If the victim responds, “No,” the fraudster follows up with a phone call claiming to be from where the alleged purchase was made or the victim’s financial institution and asks for sensitive personal information allegedly to help the victim resolve the issue.
Here are some best practices to help keep your assets and information safe:
1. Don’t let scammers scare you! The IRS, Social Security Administration, banks & financial institutions such as Schwab and Fidelity, the FBI, and law enforcement will not contact you and ask that you provide sensitive data to them. They will also not contact you and ask that you download a screen-sharing app. If someone approaches you, immediately hang up, and do not download any software or enter/give any credentials.
2. Be suspicious of unexpected or unsolicited phone calls, emails, and texts asking you to send money, disclose personal information, or log into your computer using screen-share. If you receive a suspicious call, do not accept it, hang up, and call back using a known contact number. If you do not know if the call is legitimate, call our office first. We are happy to help you research the legitimacy of the information.
3. Do not verbally disclose or enter confidential information on a laptop or mobile device in public areas where someone could potentially see, hear, or access your information.
4. Rely on known phone numbers and websites. Don’t assume the link or phone number in a text, phone, or email message is authentic. Instead, initiate contact using a published phone number or website to ensure you’re communicating with a legitimate source.
5. Create unique, hard-to-guess passwords—particularly for financial accounts.
6. Be strategic with your login credentials and passwords. Do not use personal information such as your Social Security number or birthday as part of your login ID.
7. Create a unique password for each financial institution you do business that are long and contain a combination of characters, numbers, and symbols. Use two-step verification whenever possible.
8. Keep login credentials secret. Financial institutions will never ask for your password or login credentials over the phone. If they do, immediately hang up and contact your advisor.
9. Be cautious when sharing sensitive information and conducting personal or confidential business via email, since it can be compromised and used to facilitate identity theft.
10. Do not disclose personal or sensitive information on social media sites, such as your birthdate, contact information, and mother’s maiden name.
11. Be cautious when receiving money movement instructions via email. Call the sender at their known number (not a number provided in the email) to validate all instruction details verbally before following instructions or providing your approval.
12. Check your email and account statements regularly for suspicious activity.
13. Verify payment requests you receive by phone or email. Requests for you to make payments using prepaid debit cards, gift cards, or digital currency are frequently associated with fraud or scams. Keep your technology up to date.
14. Keep your web browser and operating system up to date and be sure you’re using appropriate security settings. Old software, operating systems, and browsers can be susceptible to attack.
15. Install anti-virus and anti-spyware software on all computers and mobile devices. Enable the security settings on your applications and web browser.
16. Turn off Bluetooth when it’s not needed, to protect against individuals gaining access to your devices using Bluetooth connections.
17. Be cautious with public networks. Avoid using public computers. If you must use one, go to the browser settings and clear the browser history (cache) and cookies when you’re finished.
18. Only use wireless networks you trust or that are protected with a secure password.
19. Use your personal Wi-Fi hotspot instead of public Wi-Fi.
20. Do not accept software updates if you are connected to public Wi-Fi.
21. Do not visit websites you don’t know—for example, websites advertised on pop-up ads and banners.
22. Do not click on links or attachments in emails and text messages if you question the validity of the sender. Instead, type the real web address in your browser.
23. Activate the spam filters in your email settings tab. This will help prevent unsolicited emails from coming to your inbox.
Learn more
Visit these sites for more information and best practices:
▪ Charles Schwab Security Guarantee – https://www.schwab.com/schwabsafe/security guarantee
▪ Fidelity Investments Customer Protection – https://www.fidelity.com/security/customer protection-guarantee
▪ StaySafeOnline.org: Review the STOP. THINK. CONNECT™ cybersecurity educational campaign.
▪ OnGuardOnline.gov: Focused on online security for kids, it includes a blog on current cyber trends.
▪ FDIC Consumer Assistance & Information,
https://www.fdic.gov/consumers/assistance/index.html.
▪ FBI Scams and Safety provides additional tips, https://www.fbi.gov/scams-and-safety.
This information is provided to you as a resource for informational purposes only and is not to be viewed as investment advice or recommendations. This information is being presented without consideration of the investment objectives, risk tolerance, or financial circumstances of any specific investor and might not be suitable for all investors. This information is not intended to, and should not, form a primary basis for any investment decision that you may make. Always consult your own legal, tax, or investment advisor before making any investment/tax/estate/financial planning considerations or decisions.