Cybersecurity's Family Threat: Protecting Your Assets Starts at Home
Not all criminals are shady strangers lurking on the Internet. Some are much closer than you think (like family and friends), so don't let your guard down, even in your own home.


Cybersecurity isn’t AN issue, it is THE issue with respect to financial institutions. Government and financial institutions worldwide are facing constant assaults from all sides that seek to steal assets from banks and securities brokerage firms. But investors can advance their own security.
Most investors have online access to their brokerage accounts. This allows them to buy and sell securities from their own homes, with no direct interaction with a human being. Investors can order funds to be delivered to others to pay bills, or for any other reason. So here is a hypothetical phone call from an investor to her broker:
Brokerage Firm: “Good morning, Interplanetary Investments, how may I direct your call?”

Sign up for Kiplinger’s Free E-Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
Client: “This is Myra Mistletoe. My brokerage account has been hijacked and $250,000 has been taken out without my permission. I want that money put back. I never authorized any sales of my securities or withdrawals.”
Brokerage Firm: “One moment Ms. Mistletoe.”
Brokerage Firm: “Good morning Ms. Mistletoe, this is Jack Justice at the Cyber Security Desk at Interplanetary Investments. I understand that assets have been removed from your account without permission and you want those assets replaced by this firm.”
Client: “Of course that’s what I want.”
Brokerage Firm: “We will of course make a full investigation, and if we discover what happened to your assets we will let you know immediately. I should tell you that if the firm was negligent in allowing the assets to be removed from your account, Interplanetary Investments can and will replace them.”
Client: “Well, investigate quickly.”
Brokerage Firm: “The investigation will begin immediately. There is one thing you should know. We will work with criminal authorities on a matter of this magnitude, and before Interplanetary Investments replaces your assets, you will have to give the firm an assignment of your rights against all wrongdoers (meaning we will pursue lawsuits against the people who stole the money, and we will seek criminal charges against those people as well) and cooperate in any criminal investigation.”
Brokerage Firm: “Ms. Mistletoe? Are you still there?”
What just happened?
A fair number of client complaints end right there.
Why? Because a substantial number of such thefts involve a family member, or a close friend or a business associate, not a cybercriminal in North Korea or the Russian held-portion of Ukraine. A Web search for so-called “familiar fraud” yields evidence that a high percentage of identity theft is perpetrated by someone the victim knew. Most people do not want their relatives sent to prison. If they believe this was done by a family member, they often withdraw a claim against the brokerage.
What is the lesson here?
If your home office is typical of most home offices, anyone with regular access to your computer may be able to find your log-in codes or your password to the brokerage account and wreak havoc with you cash and securities. A financially desperate in-law, an addicted relative, or anyone else with a craving for instant cash is a person the criminal authorities may focus on and locate in their investigation. In many instances, the demand to replace assets in the account ends with the discovery of who committed the crime.
So what to do?
- Remove temptation. Don’t be an easy target. You already know how, so just do it. Don’t put your user name and password codes on a Post-it Note on the side of your computer screen.
- When using a financial institution website, don’t check the option on the logon page that automatically remembers your user name and password.
- Change those passwords to a non-intuitive phrase, or a limerick, or the chorus of a song you like, and then secure that data elsewhere.
- If you have any concerns that you could be at risk of becoming a victim, consider signing up for identity theft protection to assist you in recouping your assets should anything happen.
- Review your account statements religiously. If there is something missing, contact the brokerage firm immediately. Stop the bleeding. Put a freeze on any other outflows from the account.
If you do think assets have been removed without your consent, what then?
- Many brokerage firms have a “Report Fraud Here” message, or something similar, on the firm’s website that will walk you through the process.
- Remember that this is your money. It is important. You should make a paper trail the people you contacted, the documents you sent, and the people you sent them to.
- Write a chronological narrative of what you have discovered, everything you did, who you spoke to and what you said. Attach documentation as you add to the chronology. This will give you a consistent and logical narrative of what happened, and what you have tried to do.
- Say the following sentence three times: “Telephone calls are worth the paper they’re written on.” In a world with email, there is no excuse for not confirming a telephone conversation with an electronic summary of what both parties to the call said, and what they promised to do. Keep the notes for your own records, and send a copy of them to the brokerage firm to give them a full explanation of what happened.
I don’t want to minimize the threat from criminal elements who would steal your identity and your assets, without even knowing who you are. But I urge you to do things within your control to prevent a crime of opportunity by someone you let into your home, and give you a methodology for recovering your assets if the worst happens.
Profit and prosper with the best of Kiplinger's advice on investing, taxes, retirement, personal finance and much more. Delivered daily. Enter your email in the box and click Sign Me Up.

Stephen Harbeck served as President and Chief Executive Officer of the Securities Investors Protection Corp., a nonprofit created by Congress to protect customers of failed brokerage firms, from 2003 to 2018. He guided SIPC through the insolvency of Lehman Brothers, the largest bankruptcy in history, the collapse of Bernard Madoff’s brokerage firm, the largest Ponzi Scheme in history, and other major insolvencies. Harbeck retired as President and CEO of SIPC in 2019. Since then, he has acted as a consultant to the Shanghai Financial Court, and Shanghai Jiao Tong University, and is currently a consultant to the Japan Investor Protection Fund.
-
Can the U.S. Break China's Stranglehold on Critical Minerals?
The Letter China is using its near-monopoly on critical minerals to win trade concessions. Can the U.S. find alternate supplies?
-
Don't Let a "Clunker" Fund Drag Down Your 401(k)
401(k) lineups are loaded with overpriced, underperforming fund options. Here's how you can dump the clunkers.
-
Do You Need Flood Insurance? I'm an Insurance Expert, and Here's Where You Can Get It
Standard homeowners insurance does not cover flood damage, so you might need separate flood insurance, which you can get either through FEMA or private companies. Here are the details.
-
I'm an Investment Professional: These Are the Three Money Tips I'm Giving My College Grad
College grads can help set themselves up for financial independence by focusing on emergency savings, opting into a 401(k) at work (if it's offered) and disciplined, long-term investing.
-
New SALT Cap Deduction: Unlock Massive Tax Savings with Non-Grantor Trusts
The One Big Beautiful Bill Act's increase of the state and local tax (SALT) deduction cap creates an opportunity to use multiple non-grantor trusts to maximize deductions and enhance estate planning.
-
Know Your ABDs? A Beginner's Guide to Medicare Basics
Medicare is an alphabet soup — and the rules can be just as confusing as the terminology. Conquer the system with this beginner's guide to Parts A, B and D.
-
I'm an Investment Adviser: Why Playing Defense Can Win the Investing Game
Chasing large returns through gold and other alternative investments might be thrilling, but playing defensive 'small ball' with your investments can be a winning formula.
-
Five Big Beautiful Bill Changes and How Wealthy Retirees Can Benefit
Here's how wealthy retirees can plan for the changes in the new tax legislation, including what it means for tax rates, the SALT cap, charitable giving, estate taxes and other deductions and credits.
-
Portfolio Manager Busts Five Myths About International Investing
These common misconceptions lead many investors to overlook international markets, but embracing global diversification can enhance portfolio resilience and unlock long-term growth.
-
I'm a Financial Planner: Here Are Five Smart Moves for DIY Investors
You'll go further as a DIY investor with a solid game plan. Here are five tips to help you put together a strategy you can rely on over the years to come.