“Phishing” attacks have been on a steady rise since 2005 and are used to steal sensitive information like Social Security numbers, bank account numbers and passwords. According to the Financial Industry Regulatory Authority (FINRA), over 70% of the phishing scams detected this year involved hackers pretending to be banks.1
Cybercrime is an unfortunate byproduct of the digital world, but there are steps you can take to protect yourself and lower your chance of falling victim to online scams, which we’ll walk through for you below.
Your First Line of Defense: Knowing How to Detect a Scam
Most phishing scams come in the form of emails requesting sensitive, personal information. They appear to come from banks, credit card companies and other financial institutions asking you to reply with your information or to click-through to a website where you can provide the information, and often do so with a sense of urgency or importance.
To appear genuine and in an attempt to reel-in consumers, these emails may include the following:
-
The names of real people
-
Legitimate looking email addresses, such as support@[your financial institution’s name].com
-
Authentic-looking logos and graphics
-
An alert that you need to “verify your identity” for a technical change or in order to keep your account in good order1
Here is an example of a fake IRS email:
A good rule of thumb to help protect your identity is to simply never provide confidential information over email, even if the email seems to be from a trusted financial institution or a government agency, like the IRS or the SEC.1
Helpful Tip: The IRS does not ever initiate contact with taxpayers by email, text message, or any social media channel to request personal or financial information.2
Some scammers have even gone so far as to create fake brokerage firm websites, which essentially duplicate the content and design of a legitimate financial firm. These scams reveal themselves when the “broker” attempts to sell unsuspecting investors shares of a “small US company,” without knowing anything else about the investor’s financial situation.1
Helpful Tip: A trustworthy financial advisor should always attempt to learn about your personal and financial situation before making any investment recommendations.
Other Culprits to Watch Out For: Spyware, Viruses, and Trojans
While phishing scams attempt to steal your personal information or to trick you into providing it, these malefactors attack your computer directly.
Trojans – the most common of the three, Trojans hide inside of files you might download from an email or directly off the Internet. They can hide under the guise of pictures, screen savers, or email attachments. Once a user opens the infected file, a Trojan can install itself on the computer and take over your email, or even monitor your keystrokes in hopes of finding usernames and passwords.
Spyware – software designed to “spy” on your computer, leading to invasion of privacy and likely slowing down the performance of your computer.
Viruses – a computer code that infects your computer as a result of a certain action, like double-clicking a questionable email attachment.3
Helpful Tip: Do not click on an email attachment and do not download any files from unknown sources. Be suspicious of emails that appear to be from a trusted source asking you to download something when you weren’t expecting anything – it’s best to double check with that source before clicking on the attachment.
Don’t Fall Victim: 5 Tips for Protecting Your Identity
TD Ameritrade Institutional published a helpful guide of “Do’s” and “Don’ts” for creating passwords. Download it here. You can also contact one of our Wealth Managers at 1-800-541-7774 to request your copy.
1) The Most Important Tip: Create Secure Passwords
Choosing a strong password is perhaps the biggest key to keeping your personal information secure.
-
Do not use personal information such as a pet’s name or a birthday, and avoid words that can be found in the dictionary
-
Do not use simple number sequences like “12345,” and avoid number series like “11111”
-
Use a combination of numbers, letters, and symbols
-
Change your password frequently, and keep different passwords for different accounts
-
Do not email your User ID or password to anyone3
2) Beware of Emails Requesting Personal Information
Raise your eyebrow when anyone asks you for personal, confidential information – such as passwords and account. When in doubt, go directly to the website of the company requesting information, or call them instead.
3) Leave Suspicious Websites
If you sense a website may not be legitimate for whatever reason, leave it immediately.
4) Keep your Confidential and Financial Information Secure
-
Use anti-virus and anti-spyware software, and configure it for automatic updates so you always have the latest version
-
Never download files or click on email attachments from an unknown source
-
Avoid emailing personal, confidential information
-
Before submitting personal or financial information through a website, check to see if there is a padlock symbol on the browser bar, or that the site begins with “https://”.
-
Log off of any secure website after completing a transaction
5) Check your Credit Report Every Year
You can obtain your credit report annually at no cost from a variety of sources – Equifax, Experian, or Trans Union. You want to check closely for unexplained transactions or accounts you did not open.1
Help Safeguard Your Identity by Avoiding Scams
The incidence of cybercrime is up, and hackers are increasingly going after financial institutions. This adds importance to the need of safeguarding your personal and financial information online to avoid having your accounts compromised.
As a good rule of thumb, if anyone requests personal information from you over email or online, simply call that person, company, or government entity to verify it was indeed them requesting the information.
As always, if you have any questions or would like to discuss this topic further with a financial professional, you can call one of our Wealth Managers at 1-800-541-7774. If you prefer to start a conversation over email, you email Wealth@wrapmanager.com.
Leslie is a Client Service Specialist at WrapManager, Inc.
Sources
1 FINRA
3 TD Ameritrade Institutional
TD Ameritrade, Inc. is a firm that we use to custody our client assets. TD Ameritrade and Wrap Manager are separate and unaffiliated firms, and are not responsible for each other’s services or policies. TD Ameritrade does not endorse or recommend any advisor and the use of the TD Ameritrade logo does not represent the endorsement or recommendation of any advisor. Brokerage services provided by TD Ameritrade Institutional, Division of TD Ameritrade, Inc., member FINRA/SIPC. TD Ameritrade is a trademark jointly owned by TD Ameritrade IP Company, Inc. and The Toronto-Dominion Bank. Used with permission.