Financial advisors wear many chapeaus, and increasingly being a cyber watchdog for clients is one of them. Granted, many (most?) advisors aren’t techies, particularly the older ones. But they can help protect their clients against fraud and cyber threats by providing common sense guidance on navigating internet-based communication.
Some of the major fraud “vectors” include email and phone scams, along with file sharing and thumb drives, said David Jacobs, a fee-only financial planner at Pathfinder Financial Services LLC in Kailua, Hawaii, who formerly had a 20-year career in computer security and artificial intelligence. He spoke this week during a session at the National Association of Personal Financial Advisors’ Spring National Conference in Austin, Texas.
Some of the advice he dispensed seemed simple enough, if not intuitive considering how long the internet has been an integral part of our lives. But based on some of the war stories shared by advisors in the audience, it’s evident that many consumers (read: clients) still don’t exercise prudence while navigating the web and potentially set themselves up to be victims of financial malfeasance.
The stakes are high, as fraudsters seek direct payments from gullible people, aim to collect their personal information, or gain control over their personal computers and their online accounts, Jacobs said.
Financial advisors, he noted, can help steer their clients away from these nefarious schemes by making them aware of potential scams and/or being a sounding board if a client has questions about the legitimacy of a particular phone or email notice from a third party.
Jacobs laid out some the most common email scams including malware, spyware, ransomeware, botware (hijacking your computer to attack other computers), phishing schemes and bogus invoices for products or services an individual didn’t order.
He noted that people should never open file attachments sent via email from people they don’t know.
“The best defense is obviously to not open attachments,” Jacobs said. “I challenge all advisors to stop sending attachments to your clients. Everyone at this point should have some other kind of file-sharing service for their clients. You don’t want to train your clients to share files via email.”
He mentioned various legitimate file-sharing services such as Google Drive and Dropbox.
Jacobs said that your email account is the most important account to keep secure. “That’s the key to the kingdom these days for all of your online activities,” he explained. “If you have control of somebody’s email, you can pretty much reset the passwords for just about every account they have.”
People who access their email account on a device other than their private computer should use two-factor authentication. “When you use another computer the chance that your password can be captured is way too high,” Jacobs said.
Phone Scams
According to Jacobs, the percentage of all phone calls that are scams has gone from 3 percent in 2017 to 18 percent last year, and it’s projected to hit 48 percent this year. These scams include being approved for something you didn’t apply for or winning something you never sought to win. Other scams involve people impersonating the police or IRS agents who either say there’s a warrant out for your arrest or who threaten to seize your bank accounts if you don’t pay a fine right away.
“They typically want payment via systems that are fast and relatively untraceable,” Jacobs said. “How do people fall for this stuff? I don’t know, but they do.”
He added that the government never calls you when you’re in trouble. “They either show up at your door or they send you a letter,” he noted.
Then there’s the “You have a computer virus” warning that can scare people into following instructions to do something they think will fix the problem when, or course, it’s just a hoax designed to rip them off.
“Microsoft or other legitimate support sites will never call you about the state of your computer,” Jacobs said.
Telemarketers—scams or otherwise—have become a pox upon the land. The best way to avoid this is to let unknown callers go to voicemail. The name of the game is to avoid getting roped into a scheme.
“If you ever succumb to a scam, even to stage one of a scam, they sell that information to other scammers,” Jacobs said. “Once you're on those lists it can take 10 to 20 years to fall off of those lists.”
Jacobs said various apps such as AT&T Call Protect, T-Mobile Scam ID/Block and Verizon Call Filter can block suspected scammer calls. Some of these apps are free.
The best advice, of course, is to never give out personal information over the phone unless you initiate the contact with a trusted source.
Other Tips
Jacobs said people need to understand the potential perils when using thumb drives with another computer. “When you put a thumb drive into an infected computer it will often install a virus on to the thumb drive, and when you plug that into another computer you infect that computer," he said.
Elsewhere, he noted that most credit card companies now have apps that provide instant notification for everything you charge. So you can get real-time notification if an unauthorized person is trying to use your card.
Jacobs also recommended that folks can freeze their credit reports, which can be unfrozen when a client files for Social Security or addresses various credit-related matters.
“If a client wants to do this, it’s probably good for an advisor to help them go through the process of unfreezing it at least once so they know what it’s like and don’t have to do it in a crisis situation,” he said.