Cybersecurity's Family Threat: Protecting Your Assets Starts at Home
Not all criminals are shady strangers lurking on the Internet. Some are much closer than you think (like family and friends), so don't let your guard down, even in your own home.


Cybersecurity isn’t AN issue, it is THE issue with respect to financial institutions. Government and financial institutions worldwide are facing constant assaults from all sides that seek to steal assets from banks and securities brokerage firms. But investors can advance their own security.
Most investors have online access to their brokerage accounts. This allows them to buy and sell securities from their own homes, with no direct interaction with a human being. Investors can order funds to be delivered to others to pay bills, or for any other reason. So here is a hypothetical phone call from an investor to her broker:
Brokerage Firm: “Good morning, Interplanetary Investments, how may I direct your call?”

Sign up for Kiplinger’s Free E-Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
Client: “This is Myra Mistletoe. My brokerage account has been hijacked and $250,000 has been taken out without my permission. I want that money put back. I never authorized any sales of my securities or withdrawals.”
Brokerage Firm: “One moment Ms. Mistletoe.”
Brokerage Firm: “Good morning Ms. Mistletoe, this is Jack Justice at the Cyber Security Desk at Interplanetary Investments. I understand that assets have been removed from your account without permission and you want those assets replaced by this firm.”
Client: “Of course that’s what I want.”
Brokerage Firm: “We will of course make a full investigation, and if we discover what happened to your assets we will let you know immediately. I should tell you that if the firm was negligent in allowing the assets to be removed from your account, Interplanetary Investments can and will replace them.”
Client: “Well, investigate quickly.”
Brokerage Firm: “The investigation will begin immediately. There is one thing you should know. We will work with criminal authorities on a matter of this magnitude, and before Interplanetary Investments replaces your assets, you will have to give the firm an assignment of your rights against all wrongdoers (meaning we will pursue lawsuits against the people who stole the money, and we will seek criminal charges against those people as well) and cooperate in any criminal investigation.”
Brokerage Firm: “Ms. Mistletoe? Are you still there?”
What just happened?
A fair number of client complaints end right there.
Why? Because a substantial number of such thefts involve a family member, or a close friend or a business associate, not a cybercriminal in North Korea or the Russian held-portion of Ukraine. A Web search for so-called “familiar fraud” yields evidence that a high percentage of identity theft is perpetrated by someone the victim knew. Most people do not want their relatives sent to prison. If they believe this was done by a family member, they often withdraw a claim against the brokerage.
What is the lesson here?
If your home office is typical of most home offices, anyone with regular access to your computer may be able to find your log-in codes or your password to the brokerage account and wreak havoc with you cash and securities. A financially desperate in-law, an addicted relative, or anyone else with a craving for instant cash is a person the criminal authorities may focus on and locate in their investigation. In many instances, the demand to replace assets in the account ends with the discovery of who committed the crime.
So what to do?
- Remove temptation. Don’t be an easy target. You already know how, so just do it. Don’t put your user name and password codes on a Post-it Note on the side of your computer screen.
- When using a financial institution website, don’t check the option on the logon page that automatically remembers your user name and password.
- Change those passwords to a non-intuitive phrase, or a limerick, or the chorus of a song you like, and then secure that data elsewhere.
- If you have any concerns that you could be at risk of becoming a victim, consider signing up for identity theft protection to assist you in recouping your assets should anything happen.
- Review your account statements religiously. If there is something missing, contact the brokerage firm immediately. Stop the bleeding. Put a freeze on any other outflows from the account.
If you do think assets have been removed without your consent, what then?
- Many brokerage firms have a “Report Fraud Here” message, or something similar, on the firm’s website that will walk you through the process.
- Remember that this is your money. It is important. You should make a paper trail the people you contacted, the documents you sent, and the people you sent them to.
- Write a chronological narrative of what you have discovered, everything you did, who you spoke to and what you said. Attach documentation as you add to the chronology. This will give you a consistent and logical narrative of what happened, and what you have tried to do.
- Say the following sentence three times: “Telephone calls are worth the paper they’re written on.” In a world with email, there is no excuse for not confirming a telephone conversation with an electronic summary of what both parties to the call said, and what they promised to do. Keep the notes for your own records, and send a copy of them to the brokerage firm to give them a full explanation of what happened.
I don’t want to minimize the threat from criminal elements who would steal your identity and your assets, without even knowing who you are. But I urge you to do things within your control to prevent a crime of opportunity by someone you let into your home, and give you a methodology for recovering your assets if the worst happens.
Profit and prosper with the best of Kiplinger's advice on investing, taxes, retirement, personal finance and much more. Delivered daily. Enter your email in the box and click Sign Me Up.

Stephen Harbeck served as President and Chief Executive Officer of the Securities Investors Protection Corp., a nonprofit created by Congress to protect customers of failed brokerage firms, from 2003 to 2018. He guided SIPC through the insolvency of Lehman Brothers, the largest bankruptcy in history, the collapse of Bernard Madoff’s brokerage firm, the largest Ponzi Scheme in history, and other major insolvencies. Harbeck retired as President and CEO of SIPC in 2019. Since then, he has acted as a consultant to the Shanghai Financial Court, and Shanghai Jiao Tong University, and is currently a consultant to the Japan Investor Protection Fund.
-
Last Call for Fortnite Refunds: Parents Can Still File a Claim
The FTC is sending out $126 million in refunds to families whose kids were charged for unwanted items in Fortnite — and there’s still time to file a claim.
-
Stock Market Today: Stocks Swing as Trump Scraps Canada Trade Talks
Despite a mid-afternoon slip, the S&P 500 and Nasdaq ended the day at new record highs.
-
Why Smart Retirees Are Ditching Traditional Financial Plans
Financial plans based purely on growth, like the 60/40 portfolio, are built for a different era. Today’s retirees need plans based on real-life risks and goals and that feature these four elements.
-
To My Small Business: Well, I've Been Afraid of Changin', 'Cause I've Built My Life Around You
While thinking about succession planning might feel like anticipating a landslide (here's to you, Fleetwood Mac), there are strategies you can implement to manage the uncertainty and the transition.
-
These Are the Key Tariff Issues to Watch in Coming Months
While they're not dominating headlines right now, tariffs are not over. Some key dates are coming up fast that could upend markets all over again.
-
Technology Unleashes the Power of Year-Round Tax-Loss Harvesting
Tech advancements have made it possible to continuously monitor and rebalance portfolios, allowing for harvesting losses throughout the year rather than just once a year.
-
The Fiduciary Firewall: An Expert's Five-Step Guide to Honest Financial Planning
Armed with education and awareness, you can avoid unethical people in the financial industry by seeking fee-only fiduciaries and sharing your knowledge with others.
-
How Private Capital Could Be the Key to Rebuilding America
Private capital investment in infrastructure could be a more efficient and effective alternative to government funding, potentially stimulating the economy during uncertain times, creating jobs and delivering projects on time and within budget.
-
Real Estate Bridge Funds: An Expert Guide to Investing in a Volatile Market
Investors looking for passive income are buying into these funds, which offer capital to borrowers for short-term financing.
-
Bill Bought a Fridge, and Then His Nightmare Began
A Lowe's customer reached out to me after he encountered the retailer's 48-hour return window for major appliances when his brand-new fridge turned out to be defective.