To hackers and identity thieves, few things could be more enticing than cracking open a business. From corporations to small businesses, there's the potential to gain access to the personal information of hundreds, thousands or even millions of customers in a single hack. Financial advisory practices are particularly alluring targets because they handle so much money, and because of appeal, "spoofing" is striking the industry hard.
Spoofing is the buzzword that's used when a hacker or thief impersonates a financial advisor's client and requests transfers, or the disclosure of sensitive information. One common method used by thieves is hacking into a client's email account and then sending emails to the advisory practice, asking funds to be transferred to certain accounts. The savviest of these criminals can also find out ways to get into a client's mobile phone account, set up call forwarding and then impersonate the client in case the advisor calls to confirm the requested transaction.
For consumers working with financial advisors, asking questions about security isn't just important anymore - it's essential. Here are a few things to ask:
• Does the firm have a company-wide policy when it comes to verifying clients' identities? What are the details of the policy? Is it single- or multiple-layer?
• Are options like video chat available for requesting major transactions or other client-initiated actions?
• Does the firm have a plan of action in case spoofing or other hacking occurs?
Protecting against identity theft is often an individual's responsibility, but companies that deal with sensitive information also have an obligation to protect clients' assets and interests.