If the Kremlin can hack a political party, what’s to stop your accounts from being accessed by evil doers?
How can you protect your online security?
What steps can you take to avoid identity theft?
Keynote speaker Jeff Lanza was an FBI Special Agent for over 20 years, investigating corruption, fraud, organized crime, cyber crime, human trafficking and terrorism.
He is a graduate of the world-renowned John E. Reid School of Interviewing and Interrogation. He is a certified FBI instructor and has trained numerous government agencies and corporate clients on how to handle the media tricks that the national television personalities such as Connie Chung and Chris Hansen used on him during his nearly two decades as a crisis communicator with the FBI.
He is passionate about keeping people and organizations safe from risk and has presented to thousands around the globe.
Book Jeff for your next event through Wholesaler Masterminds Speakers Bureau.
We covered a great deal of territory in the podcast about identity theft and cyber security. Here is something important to remember. In order to commit identity theft, the crook needs the victim’s social security number. In most cases, of identity theft, the victim never knows how the thief obtained their personal information.
Even if you are careful protecting your social security number, that key identifier is in the hands of many people, some of whom, as history has shown, have not done a great job of protecting it.
Your best protection against financial identity theft, where the crook gets loans, opens checking accounts and credit cards in your name, is to freeze your credit reports.
How To Freeze Your Credit Accounts
This should be done at the three major credit reporting agencies, Experian, Equifax and Trans Union.
Freezing, as the word implies, is a near total lock down of your credit reports. To explain how it prevents identity theft, here is an example:
A crook obtains your name and social security number from a “dark website” that buys and sells personal information. That site may have purchased the information from hacker who breached a computer at a health care provider that had your social security number.
The crook uses your information to apply for a Visa credit card. Visa processes the application and requests a credit check at one or more of the credit reporting agencies. Since your credit reports are frozen, Visa cannot obtain your credit history and will reject the application for the credit card.
Credit report freezes are more effective than “fraud alerts” on your credit reports, because sometimes these alerts are ignored and unless you have already had your identity stolen, a fraud alert expires after 90 days, although it can be renewed.
The rules, costs and procedures for freezing your credit reports vary by the state of your residence. Go to www.consumersunion.org and click on your state to get more information about freezing your credit reports.
Another important type of fraud that we did not get a chance to cover in the podcast is wire transfer fraud.
Wire Transfer Fraud
According to the Securities and Exchange Commission, more than half of wealth advisors surveyed said that they had been targeted by emails scams trying to get them to wire client money. My informal survey of wealth advisors for whom I do presentations, indicate a much higher percentage – approaching 100%.
More than half of U.S. brokerage firms surveyed by regulators said they had been targeted by email scams aimed at tricking them into wiring away client money.
In many cases, brokers fell for the impostors and their firms had to reimburse their clients. Of the brokerage firms that received the fraudulent emails, 26% reported losses of more than $5,000, according to the Securities and Exchange Commission.
Here’s how it normally occurs:
- A brokerage firm’s client gets their email account hijacked because they had a weak password or they clicked on a link to go to their login screen.
- The hacker looks through the victim’s past emails for a communication with a wealth advisor.
- Once a wealth advisor is identified, the hacker will examine terminology, phrasing and writing style that the victim used in past communications with their advisor.
- The hacker creates an email requesting a wire transfer to the wealth advisor copying the style of the victim.
There are two possible responses to this incident:
- An advisor who follows security protocol for wire transfers, contacts the client by phone to verify the request, which was not made by the client, so no wire transfer occurs.
- The advisor, possibly in an effort not to inconvenience the client or them self, initiates the wire transfer.
The SEC report sites numerous examples of the wire transfers taking place, resulting in a loss to the firm (which refunded the client’s money) and the firing of the advisors involved. A simple phone call would have prevented this.
It is good security practice for all of to use strong passwords and not clink on links to go anywhere online where we have to enter a password. It is also good security practice for a wealth advisor to always verify wire transfer requests by phone before proceeding.
Also, it might be prudent for advisors indicate in their email signature something like this: “For security reasons, our office will not initiate a wire transfer from a client’s funds, without first talking to a client.”
I hope you enjoyed the podcast.
Written by Jeff Lanza