I wanted to take a brief break from all things coronavirus to remind you that cybercriminals are still at work—they’re not part of the masses in the unemployment lines. We all tend to think fraud won’t happen to us, but this is how easy it can happen.
An investor’s computer was infected with malware, sending information like usernames and passwords for multiple accounts at various banks and institutions back to the thief. The thief then logged into the investor’s brokerage account with the client’s information and requested several wire transfers from numerous accounts. Without getting too technical, the custodian uses an algorithm to help detect potential fraudulent wires, and their system caught all of the wires, except one in the amount of $92,250. Fortunately, the client was contacted about the other fraudulent requests and looked at his accounts. He quickly saw a wire transfer that was processed and immediately contacted his adviser who, in turn, contacted the custodian. Because it was caught so quickly, the custodian was able to inform the bank that the wire was fraudulent and request a reversal of the wire, allowing the bank to watch for the funds and return them. Luckily for this investor, the funds were returned to his account.
While most custodians have insurance to protect investors against situations like this, there is no guarantee that any or all of the funds would be returned. Normally, an investigation would be conducted, and the custodian’s fraud department would determine how much of the liability to assume.
There are several things I want to point out. If the thief had requested only one wire, the investor likely would not have known in time and may not have been able to get the funds back. The custodian sent a confirmation email that a wire was processing to the primary email address on the account; however, the address belonged to the wife, who does not check her emails regularly. You should use an email address that you check frequently and/or set up alerts for activities on your accounts where available. Alerts can be by text and/or email.
Because the thief had the client’s username and password, it appeared to the custodian that the wire request was legitimate. I highly recommend setting up alerts and monitoring your accounts regularly. Most financial advisers have an internal process that are followed for wire requests, and financial services companies generally have an intensive team of experts and systems in place, but not everything can be caught.
If you do work with an adviser, some custodians allow accounts to be set to “limited access.” Basically, it is a view-only option for you, while requests for trades and transactions of any kind would have to come through your adviser. If you are nervous about fraud happening to you and don’t mind giving up some access to your accounts, this is an option that may add an additional layer of protection.
Overall, this investor was very lucky that it worked out the way it did. If you take anything away from this, it should be that we all must be careful and do what we can to protect our assets.