Brokerage Account Fraud

Mar 10, 2015 by

online fraud and securityOnline fraud and theft of personal information is rampant. I am about to the point of thinking it’s inevitable—only a matter of time—before I’m victimized. Crooks of all sorts work diligently to stay one step ahead of poorly resourced law enforcement, and many software vulnerabilities are fixed only after they’re exposed by fraud.

Stay Strong!

You might be tempted to throw in the towel on trying to protect yourself, thinking: What’s the point? The crooks are going to get me no matter what I do.

I can understand that feeling, but there’s another really good reason you need to do what you can to head off online fraudsters. If you do something stupid—say use the word “password” as the password for your online brokerage account—then if you’re ripped off, your brokerage just might refuse to cover your losses on the ground that you made it too easy for the crook and ignored advice to create a strong password.

So even if taking steps to protect yourself online feel futile, do them anyway! You don’t want to give anyone a basis for shifting responsibility for a cybercrime to you.

Protect Your Online Brokerage Account From Fraud

The SEC’s Office of Investor Education and Advocacy recently issued a bulletin with some good recommendations to protect your online brokerage account from fraud. Though targeting brokerage accounts, many of the recommendations apply to online activity generally.

  1. Pick a strong password. We’ve all heard this one over and over, but it’s really your most important defense. For my online financial and other important accounts, I now use 12-character passwords. And if allowed I mix up letters, numbers, case, and other characters like # and &.
  2. Use two-step verification if available. This isn’t widely available yet, but I predict soon will be. Two-step verification works like this: In step one you log-in with a username and password. Then the system sends a unique code to your email or cell. In step two, you enter that code to complete the log-in process. I am using two-step verification where ever I can.
  3. Mix up your passwords. Let’s say a hacker breaks into your broker’s database and steals your password. You’ll have made that password even more valuable if you’ve used it for more than one online account.
  4. Don’t access accounts through public wifi. Public wifi is inherently unsecure. Anything you send and retrieve over the Internet while you’re on public wifi can be hijacked.
  5. Don’t use a public computer to access accounts. If you log in to your account from a public computer, say at a library, you need some technical savvy to completely erase your tracks so the next user can’t access your private information. Best practice is to log in to nothing while using a public computer, and close the browser when you’re done.
  6. Don’t click on emailed links! We hear this one a lot too, but the crooks are getting more clever all the time at creating genuine looking emails, sometimes ostensibly coming from someone we know! I never click on a link in an email from an address I don’t recognize. And I don’t click on links in emails from people I know unless there’s content in the email I can confidently identify as written by my contact.
  7. Protect your mobile devices. If you’re using a smartphone, iPad, etc. to access financial accounts, you’ve got to be especially attentive to securing that device, since they’re particularly vulnerable to theft. I must enter a 4-digit PIN to access a smartphone I carry. Four digits isn’t many, and a determined crook could guess the PIN. But I hope before then I’d have realized the device is missing and taken steps to protect myself, like changing the passwords for all the accounts the device can access.
  8. Look at your account statements. A bunch of zeros on your account statement is a sign of trouble!
  9. Set up account alerts. Most financial companies offer a menu of alerts you can customize. For example, I have an alert on my bank account that sends me a text message every time a withdrawal is made. When Ms. Money Counselor drains our accounts to make her escape to Uruguay, I’ll know in real time!

Take a look at all of your financial accounts today. If two-step verification is offered, sign up for it. Set up account alerts so you’ll know immediately of any unauthorized activity on your account. And store customer service numbers in your contacts so you can get in touch right away.

Digiprove sealCopyright secured by Digiprove © 2015 Kurt Fischer
All original content on these pages is fingerprinted and certified by Digiprove