Protecting Your Clients from Cyber Fraud in Our New Virtual Reality

Every day, millions of people around the world clock into work from their kitchen tables, couches and home offices, connecting with their clients, sending emails and completing sensitive financial planning tasks using their personal WiFi networks, routers and devices. As we hunker down amidst another wave of the pandemic, it is essential for advisory firms with remote staff to up their game when it comes to cyber security.

At the 2020 Hightower Pinnacle conference, Hightower’s Chief Information Security Officer Sarah Khan moderated a panel on how firms can protect their clients from falling victim to cyber fraud, featuring Wesley Barnes of Hightower Great Lakes, Catherine Crunden of Aline Wealth and Fidelity’s Michael Webber.

See below for a (condensed and edited) snippet of their conversation:

Sarah Khan: Welcome everybody! The cybersecurity space has been pretty busy as of late, and we all need to be more diligent and aware of our digital practices, especially when it comes to protecting our clients and our businesses. To start off the conversation, what are the main concerns your clients are sharing with you about our new digital normal?

Wesley Barnes: Yes, thank you Sarah. I think the biggest thing we are hearing from clients is really, how can we help protect them from falling victim to data security issues and identity theft.

Catherine Crunden: We have a lot more clients online now who wouldn’t typically be using the computer. They’re only just starting to learn, so they don’t know the red flags to look for, nor how much opportunity for fraud is out there.

Michael Webber: I’d add that it’s almost unfair to them to have to sort through all the scary news stories on this topic to figure out the truth. There’s so much out there, but really scammers are just reusing the same tactics over and over, just rebranding them every time. What I would recommend talking to clients about is staying vigilant and learning to spot the signs of things like phishing. While these scams do change over time, phishing has always been one of the easiest ways for criminals to gain access to secure financial and personal information.

Sarah Khan: Overseeing the cybersecurity team, phishing is something I have been getting a lot of questions from advisors on lately. It seems phishing attempts are on the rise. Are you guys seeing an increase in phishing, either on your personal accounts, in your business practice, or with your clients?

Michael Webber: Yes, absolutely. At Fidelity, we get submissions from clients every day who have received a suspicious-looking email, and that is on the uptick. If I were going to switch to a career as a criminal tomorrow, phishing would be the number one tool I would use. They’re getting more and more sophisticated! And now that people are accessing their email at home, with fewer controls in place, they are even more susceptible to these scams.

Sarah Khan: At Hightower, we have been trying to protect our email gateways. We have certain protocols in place that can limit the number of phishing attempts that get through, but many of our clients may not have those controls in place on their personal accounts. That’s why we rely on educating our clients about the tactics used by scammers – right now there’s a lot of misinformation and fake emails circulating around COVID! You get an email that looks like it’s from the World Health Organization, saying: “Free testing! Click here to learn more!” You do that, and suddenly you’re downloading some malware.

Wesley Barnes: We have been fielding a lot of questions during client meetings about how they can better protect themselves over email, and even on phone calls. One thing that’s been really helpful has been Hightower’s proof point training modals – they came with PDFs we could share with clients that included resources they could look into to better educate themselves.

Catherine Crunden: Education is so important. We recently spoke with a client who had been scammed over the phone. The client gave access to their bank account information and the scammers used Zelle to transfer all the money out of their bank accounts. The client had never even heard of Zelle! So there’s just a lot of education they need to stay safe. We helped the client through this process. They were using an AOL email address, so we assisted them in setting up a new account on Gmail and went through all the steps with them, so they knew they were covered.

Sarah Khan: We’ve also been hearing a lot of our advisors saying they are getting suspicious text messages. I think text messages are great for conversation outside of business, but advisors should never send a link through text messages! We are seeing an increase in false links being sent that way, and if you start sending confidential information with your client in that way, you are opening them up to falling victim to a scammer who sends a link over text.

Catherine Crunden: We let clients who want to text set up messaging through Salesforce.

Wesley Barnes: As do we. It’s easy to use Salesforce texting to send a quick, secure message to clients.

To learn more about how Hightower helps advisors keep their clients and practices safe from scammers, please emails us at: advisorsuccess@hightoweradvisors.com