Cybersecurity isn’t AN issue, it is THE issue with respect to financial institutions. Government and financial institutions worldwide are facing constant assaults from all sides that seek to steal assets from banks and securities brokerage firms. But investors can advance their own security.
Most investors have online access to their brokerage accounts. This allows them to buy and sell securities from their own homes, with no direct interaction with a human being. Investors can order funds to be delivered to others to pay bills, or for any other reason. So here is a hypothetical phone call from an investor to her broker:
Brokerage Firm: “Good morning, Interplanetary Investments, how may I direct your call?”
Client: “This is Myra Mistletoe. My brokerage account has been hijacked and $250,000 has been taken out without my permission. I want that money put back. I never authorized any sales of my securities or withdrawals.”
Brokerage Firm: “One moment Ms. Mistletoe.”
Brokerage Firm: “Good morning Ms. Mistletoe, this is Jack Justice at the Cyber Security Desk at Interplanetary Investments. I understand that assets have been removed from your account without permission and you want those assets replaced by this firm.”
Client: “Of course that’s what I want.”
Brokerage Firm: “We will of course make a full investigation, and if we discover what happened to your assets we will let you know immediately. I should tell you that if the firm was negligent in allowing the assets to be removed from your account, Interplanetary Investments can and will replace them.”
Client: “Well, investigate quickly.”
Brokerage Firm: “The investigation will begin immediately. There is one thing you should know. We will work with criminal authorities on a matter of this magnitude, and before Interplanetary Investments replaces your assets, you will have to give the firm an assignment of your rights against all wrongdoers (meaning we will pursue lawsuits against the people who stole the money, and we will seek criminal charges against those people as well) and cooperate in any criminal investigation.”
Brokerage Firm: “Ms. Mistletoe? Are you still there?”
What just happened?
A fair number of client complaints end right there.
Why? Because a substantial number of such thefts involve a family member, or a close friend or a business associate, not a cybercriminal in North Korea or the Russian held-portion of Ukraine. A Web search for so-called “familiar fraud” yields evidence that a high percentage of identity theft is perpetrated by someone the victim knew. Most people do not want their relatives sent to prison. If they believe this was done by a family member, they often withdraw a claim against the brokerage.
What is the lesson here?
If your home office is typical of most home offices, anyone with regular access to your computer may be able to find your log-in codes or your password to the brokerage account and wreak havoc with you cash and securities. A financially desperate in-law, an addicted relative, or anyone else with a craving for instant cash is a person the criminal authorities may focus on and locate in their investigation. In many instances, the demand to replace assets in the account ends with the discovery of who committed the crime.
So what to do?
- Remove temptation. Don’t be an easy target. You already know how, so just do it. Don’t put your user name and password codes on a Post-it Note on the side of your computer screen.
- When using a financial institution website, don’t check the option on the logon page that automatically remembers your user name and password.
- Change those passwords to a non-intuitive phrase, or a limerick, or the chorus of a song you like, and then secure that data elsewhere.
- If you have any concerns that you could be at risk of becoming a victim, consider signing up for identity theft protection to assist you in recouping your assets should anything happen.
- Review your account statements religiously. If there is something missing, contact the brokerage firm immediately. Stop the bleeding. Put a freeze on any other outflows from the account.
If you do think assets have been removed without your consent, what then?
- Many brokerage firms have a “Report Fraud Here” message, or something similar, on the firm’s website that will walk you through the process.
- Remember that this is your money. It is important. You should make a paper trail the people you contacted, the documents you sent, and the people you sent them to.
- Write a chronological narrative of what you have discovered, everything you did, who you spoke to and what you said. Attach documentation as you add to the chronology. This will give you a consistent and logical narrative of what happened, and what you have tried to do.
- Say the following sentence three times: “Telephone calls are worth the paper they’re written on.” In a world with email, there is no excuse for not confirming a telephone conversation with an electronic summary of what both parties to the call said, and what they promised to do. Keep the notes for your own records, and send a copy of them to the brokerage firm to give them a full explanation of what happened.
I don’t want to minimize the threat from criminal elements who would steal your identity and your assets, without even knowing who you are. But I urge you to do things within your control to prevent a crime of opportunity by someone you let into your home, and give you a methodology for recovering your assets if the worst happens.
Stephen Harbeck served as President and Chief Executive Officer of the Securities Investors Protection Corp., a nonprofit created by Congress to protect customers of failed brokerage firms, from 2003 to 2018. He guided SIPC through the insolvency of Lehman Brothers, the largest bankruptcy in history, the collapse of Bernard Madoff’s brokerage firm, the largest Ponzi Scheme in history, and other major insolvencies. Harbeck retired as President and CEO of SIPC in 2019. Since then he has acted as a consultant to the Shanghai Financial Court, and Shanghai Jiao Tong University, and is currently a consultant to the Japan Investor Protection Fund.
SIPC, as a matter of policy, disclaims responsibility for any private publication by any of its employees. The views expressed herein are those of the author and do not necessarily reflect the views of SIPC or the author's colleagues on the staff of SIPC.
Stock Market Today (09/30/22): Stocks Sell Off to Close a Disastrous September
The stock market's latest slide occurred as inflation data came in hotter than expected.
By Karee Venema • Published
The Most Expensive Natural Disasters in U.S. History
Economic Forecasts Wind, water, fire and drought have all wreaked havoc on the United States. What’s been the worst?
By David Muhlbaum • Published
No Grinch Allowed! Inflation-Beating Tips for the Holidays
To make the most of your holiday season in these inflationary times, start planning NOW.
By Andrew Rosen, CFP®, CEP • Published
3 Top Challenges Female Entrepreneurs Face When Starting a Small Business
Inherent biases make it harder for women to get funding than men, and many women start later in life and juggle family commitments.
By Ali Swart, CFP®, MBA • Published
ADA Violation or Just Bad Business? Honey, I Shrunk the Menu!
When a chain restaurant introduced a new menu with teeny-tiny print, customers were not happy. But was it illegal?
By H. Dennis Beaver, Esq. • Last updated
Retirement Planning: One Size Doesn’t Fit All
For the most important financial decision of your life, you need a plan that’s tailored especially for you, rather than simply following rules of thumb.
By Jerry Golden, Investment Adviser Representative • Published
The Divorce Gap: Unique Retirement Issues for Women Over 50
The shocking loss of income and retirement savings that disproportionately affect divorced women is a big challenge – especially for those over 50.
By Stacy Francis, CFP®, CDFA®, CES™ • Published
4 Steps for Managing Income Withdrawals in Retirement
Investing for Income How Roth IRA conversions can help you minimize your taxes in retirement, extending the life of your savings.
By Kyle Hammerschmidt, Investment Adviser • Published
Tax-Savvy Charitable Giving With QCDs Can Benefit Both Giver and Receiver
Charity A qualified charitable distribution, or QCD, might be the answer for you – but watch those rules.
By Charles Rawl, CFP®, RICP® • Published
I’ve Inherited a Lot of Money. Now What?
estate planning First, put all major decisions on hold. A financial planner can help you come up with a plan that addresses your goals, dreams and needs.
By Erin Hadary, CFP®, MBA, CAP®, CeFT® • Last updated