Protect Your Finances: Our Guide to Preventing Fraud and Financial Loss
By Vanessa Sullivan, FPQP®
In 2022 alone, there were over 800,000 cybercrime-related complaints which equaled a loss of over $10 billion for U.S taxpayers. This shattered the 2021 total of almost $7 billion.
Behind the ease of digital transactions lies the very real threat of cybercrime, more sophisticated than you can imagine. As technology advances, so do the capabilities of fraudsters and cybercriminals, who prey on the unsuspecting public. And with financial scams being among the most common crimes affecting U.S. adults in 2023, convincing yourself that this could never happen to you is a mistake that could leave you and your loved ones open to these threats.
Thankfully, there are measures you can take to reduce your chances of becoming a victim. We’ll discuss some threats to your security that you should be aware of and the steps you can take today to protect yourself and your loved ones against cybercriminals.
The Reality of Cyberfraud
Beyond statistics, I recently became aware of the story of Bob and Patricia at a cybercrime seminar. Their names and identifying details have been changed, but their story is important to tell because it exemplifies the toll that a cyberattack can take on a family. While Bob and Patricia are not clients of Simon Quick, we have clients who have experienced similar threats.
Bob (41) and Patricia (35) have been happily married for over 10 years and reside in Short Hills, NJ with their four children Connor, Dean, Mary, and Sophie. Despite enjoying a comfortable life, Bob has always prioritized the security of his children’s future before anything else. After dedicating his life to his Biotech company for most of his adult life, he was excited to sell his business and achieve financial freedom for his family’s future.
With this new windfall, the couple decided to buy a new house in their favorite neighborhood. After some research, they discovered the perfect new home and without hesitation, Bob and Patricia started the process of purchasing the property.
With each step in the home-buying process, they grew more eager to start making this new place their own. Bob and Patricia decided to contact their trusted attorney who helped them close on their family home years prior. With his decades of experience and wealth of knowledge, he was one of the best closing agents in the county.
Unbeknownst to them, while Patricia was picking out new drapery, a cunning scammer had infiltrated their attorney's email months prior, patiently biding his time for the opportune moment. After tracking their conversations for months, on the day of closing, the hacker unleashed his well-crafted plan, sending a bogus email from their attorney’s email address with fraudulent wire instructions.
Oblivious to the situation, Bob and Patricia willingly wired away $14 million of their hard-earned money to what they believed to be a legitimate source. Instead, they had just wired their money to a thief. Unfortunately, Bob and Patricia never fully recovered their funds, and the loss has been devastating to their family.
Situations like the above happen every single day to unsuspecting victims. This serves as a reminder of the vulnerabilities of the digital age and the need for fraud prevention measures.
Types of Cyber Threats
To gain an understanding of how to properly protect yourself from deceitful cyberattacks similar to what Bob and Patricia experienced, it's important to understand some of the different threats there are and how scammers use them.
1. Phishing: Fraudsters often use deceptive emails to trick you into divulging sensitive information. Always scrutinize unexpected emails, especially those requesting financial transactions or information.
- Example: You receive an email seemingly from your bank, urgently requesting you to update your account information by clicking on a provided link and revealing your login credentials and personal information. The criminals then use this information to access your accounts.
Mock example of a phishing attempt.
2. Malware: Malicious software that when downloaded can compromise your computer's security. This is typically installed through email attachments, drive-by downloads, or by clicking on links in malicious emails or websites.
- Example: You download what appears to be a legitimate software update from a third-party website. Unbeknownst to you, the file contains malware that infects your computer. As a result, the malware starts logging your keystrokes, as criminals capture sensitive information such as usernames and passwords that they can now use to transact in your accounts.
3. Email Account Takeover: As the name suggests, this occurs when hackers gain control of your email account and attempt to exploit your personal and financial information. If this sounds familiar, that is because the story of Bob and Patricia mentioned earlier is an example of this type of fraud.
- Example: You notice unusual activity in your email account, such as emails you didn't send, or unfamiliar contacts added to your address book. Someone has gained unauthorized access to your email account, potentially compromising your information.
4. Email Spoofing: A threat that involves sending an email with a fake sender address. Fraudsters can forge email addresses to appear legitimate.
- Example: You receive an email from what appears to be a reputable organization, asking you to verify your account information urgently. The email address closely resembles the legitimate one, but upon closer inspection, you notice that a few letters are swapped. It’s important to carefully review the sender’s email address so that you don’t take action on an email from a bad actor.
Mock example of an email spoofing attempt.
5. Spam Calls: An unsolicited call where the intention is to trick you into divulging your confidential information by acting as a reputable source.
- Example: A cybercriminal calls you, posing as a tech support representative from a well-known company. They claim your computer has a virus and insist on remotely accessing your computer to fix the issue. In reality, they aim to gain control of your computer to extract personal information.
The Three U’s: Understanding and Verifying Requests
With any communication you receive, it’s important to exercise caution until you can verify its authenticity. But there are three signs you can use to tell when a communication is fraudulent. We call these the ‘Three U’s.’:
- Urgency: Fraudulent emails often create a sense of urgency to pressure recipients into immediate action.
- Example: An email claiming to be from your bank warns of unauthorized activity and urges you to click on a link to resolve the issue urgently.
- Unusual Requests: Fraudulent emails may contain requests that seem out of the ordinary or go against standard procedures.
- Example: An email requests you to transfer a large sum of money to a new account due to a sudden change in payment procedures.
- Unfamiliarity: Fraudulent emails coming from a seemingly known source, may attempt to impersonate those you know.
- Example: An email from an unknown email address claims to be a colleague asking for sensitive information or financial transactions.
If a call or email displays any of the above traits, hang up immediately or don’t interact with the email and contact the person directly.
What Bob and Patricia Could Have Done to Protect Themselves
In the aftermath of their unfortunate experience, Bob and Patricia wanted to know what they could have done differently. While maintaining trust in their attorney was important, Bob and Patricia could have benefitted from incorporating a healthy level of skepticism.
Verifying information, especially when financial transactions are involved is crucial. Bob and Patricia could have taken an extra step by independently verifying the wire instructions. A simple phone call to their closing agent to confirm the details, using a trusted contact number, could have quickly exposed the fraudulent email.
Staying informed about the latest cyber threats and scams would have made Bob and Patricia more aware of the possibility that their attorney’s email could have been hacked.
Continuously educating yourself is key in an ever-changing landscape of cyber threats.
Protecting Yourself
There are an endless number of resources available to help you protect yourself against scammers. Below, we’ve pinpointed a few steps you can take today.
The Role of Encryption
Encrypting devices and sensitive data is crucial in preventing unauthorized access. Utilize secure email platforms or trusted company portals for transmitting confidential information. Additionally, encrypt laptops, smartphones, and other devices that could be lost or stolen. Companies like Microsoft and Apple have simple device encryption measures to ensure you can protect yourself from malicious entities.
Verification Before Disbursal
Adopt a cautious approach to disbursal requests. Treat every request as potentially fraudulent until proven otherwise. Confirm wire instructions by calling a trusted contact and verifying the details verbally before making any transactions.
Password Security
Utilize robust password management tools like Dashlane to enhance the security of your accounts. This helps avoid the reuse of passwords. Avoid sharing sensitive information to generic emails and consider using systems that require passwords, such as ShareFile. Enable two-factor authentication and biometric features like Face ID for an added layer of protection.
Educating Your Loved Ones
While scammers may not discriminate in their attempts, it's important to recognize that they’ve evolved to become more strategic and efficient in selecting their targets. Fraudsters and con artists tend to go after more mature adults since they typically have more assets and savings. In 2022 alone, there were 88,262 complaints of fraud resulting in $3.1 billion in losses from people aged 60+. These included financial scams like government impersonation scams, sweepstakes scams, and robocall scams to name a few.
It's equally important to safeguard the younger members of your family as well, especially children, who can also fall victim to various online threats. They are increasingly exposed to digital environments, with online education, gaming, and social media becoming integral parts of their lives. Unfortunately, this also makes them susceptible to scams and online predators. Consider implementing the following measures:
- Educate them about online risks: Have a conversation about the potential dangers online, such as phishing attempts, inappropriate content, and the importance of safeguarding personal information.
- Monitor online activities: Regularly check and supervise your children's online activities, including their interactions on social media, gaming platforms, and educational websites.
- Use parental controls: Employ parental control features available on devices and platforms to restrict access to age-inappropriate content and ensure a safer online experience.
- Teach responsible social media use: Guide your children on responsible social media use, emphasizing the importance of privacy settings, not sharing personal information online, and recognizing suspicious requests or messages.
- Install reliable security software: Install reputable security software on devices used by your children to provide an additional layer of protection against malware and other online threats.
What Simon Quick is Doing to Safeguard your Finances
We have implemented robust systems and processes to ensure the security of our clients' sensitive information. While it may be inconvenient to log into a secure portal or undergo verbal verification for transactions, these steps are crucial to protect you against fraud.
We employ a multi-faceted approach to guard our clients from security attacks, recognizing the importance of maintaining the confidentiality and integrity of sensitive financial information. Below are just a few measures we take to protect our clients' information from criminals and bad actors.
- Your Data
- Encryption of your data using ShareFile, our secure email platform.
- Password-protected documentation where ShareFile usage is not possible.
- Client education on new and security threats.
- Verbal authentication calls when transferring funds.
- Although we are proactive in our cybersecurity protection, we also maintain Incident Response Plans if an incident were to occur.
- Firmwide measures
- Secure two-factor authentication protocols on all Simon Quick devices and systems.
- Regular security audits and assessments.
- Investing in state-of-the-art fraud prevention and detection systems.
- Employee training and awareness.
- Firewall and intrusion prevention systems.
- Staying informed on trending and common fraud schemes.
How We Can Help
Fraud prevention is a collective responsibility, and remaining vigilant when faced with these attacks is crucial. You can implement a few strategies today to protect yourself in the long run, such as encryption, adopting secure practices, and staying informed about potential scams. Remember, skepticism is your greatest ally in the ongoing battle against cybercrime.
In the event you discover that your information has been compromised, reach out to your advisor as soon as possible. We have an Incident Response Plan in place, to guide you through the necessary steps to mitigate damage as much as possible. If you'd like personalized guidance on cybersecurity, speak with your Advisor directly, call us at (973) 525-1000, or send an email to info@simonquickadvisors.com to discuss your situation in detail.
Your security is our top priority, and we're here to support you every step of the way.
About Vanessa Sullivan, FPQP®
Director / Head of Client Services
Ms. Sullivan joined Simon Quick in March 2015 and currently serves as a Director of Client Service. Her primary responsibilities include client onboardings, executing investment documents and money movements, and reconciling investment activity across our proprietary database, various custodians, and our reporting provider.
Prior to joining the team, Ms. Sullivan worked as an Administrative Assistant for Christine Haviaris, CPA. There she gained exposure to finance and accounting while developing extensive experience in administration, superb attention to detail, and superior client service.
Ms. Sullivan received her B.A. in Psychology from Southern Connecticut State University in 2013. She went on to coach Women’s Volleyball at Kean University where she continued her education in Speech Pathology. She received the Financial Paraplanner Qualified Professional™ designation from the College for Financial Planning in September 2018. Vanessa is a two time published author, sports fanatic, and thoroughly enjoys traveling.
IMPORTANT DISCLOSURES
This information is for general and educational purposes only. You should not assume that any discussion or information contained herein serves as the receipt of, or as a substitute for, personalized investment advice from Simon Quick Advisors & Co., LLC (“Simon Quick”) nor should this be construed as an offer to sell or the solicitation of an offer to purchase an interest in a security or separate accounts of any type. Asset Allocation and diversifying asset classes may be used in an effort to manage risk and enhance returns. It does not, however, guarantee a profit or protect against loss. Investing in Liquid and Illiquid Alternative Investments may not be suitable for all investors and involves a high degree of risk. Many Alternative Investments are highly illiquid, meaning that you may not be able to sell your investment when you wish. Risk of Alternative Investments can vary based on the underlying strategies used.
Please remember that past performance may not be indicative of future results. Different types of investments involve varying degrees of risk, and there can be no assurance that the future performance of any specific investment, investment strategy, or product (including the investments and/or investment strategies recommended or undertaken by Simon Quick), or any non-investment related content, made reference to directly or indirectly in this newsletter will be profitable, equal any corresponding indicated historical performance level(s), be suitable for your portfolio or individual situation, or prove successful. Due to various factors, including changing market conditions and/or applicable laws, the content may no longer be reflective of current opinions or positions. To the extent that a reader has any questions regarding the applicability of any specific issue discussed above to his/her individual situation, he/she is encouraged to consult with the professional advisor of his/her choosing. Simon Quick is neither a law firm nor a certified public accounting firm and no portion of the newsletter content should be construed as legal or accounting advice. If you are a Simon Quick client, please remember to contact Simon Quick, in writing, if there are any changes in your personal/financial situation or investment objectives for the purpose of reviewing/evaluating/revising our previous recommendations and/or services.
Simon Quick Advisors, LLC (Simon Quick) is an SEC registered investment adviser with a principal place of business in Morristown, NJ. Simon Quick may only transact business in states in which it is registered, or qualifies for an exemption or exclusion from registration requirements. A copy of our written disclosure brochure discussing our advisory services and fees is available upon request. References to Simon Quick Advisors as being "registered" does not imply a certain level of education or expertise.
This newsletter and the accompanying discussion include forward-looking statements. All statements that are not historical facts are forward-looking statements, including any statements that relate to future market conditions, results, operations, strategies or other future conditions or developments and any statements regarding objectives, opportunities, positioning or prospects. Forward-looking statements are necessarily based upon speculation, expectations, estimates and assumptions that are inherently unreliable and subject to significant business, economic and competitive uncertainties and contingencies. Forward-looking statements are not a promise or guaranty about future events.
Economic, index, and performance information herein has been obtained from various third party sources. While we believe the source to be accurate and reliable, Simon Quick has not independently verified the accuracy of information. In addition, Simon Quick makes no representations or warranties with respect to the accuracy, reliability, or utility of information obtained from third parties.
Historical performance results for investment indices and/or categories have been provided for general comparison purposes only, and generally do not reflect the deduction of transaction and/or custodial charges, the deduction of an investment management fee, nor the impact of taxes, the incurrence of which would have the effect of decreasing historical performance results. It should not be assumed that your account holdings correspond directly to any comparative indices or benchmark index, as comparative indices or benchmark index may be more or less volatile than your account holdings. You cannot invest directly in an index.
Indices included in this report are for purposes of comparing your returns to the returns on a broad-based index of securities most comparable to the types of securities held in your account(s). Although your account(s) invest in securities that are generally similar in type to the related indices, the particular issuers, industry segments, geographic regions, and weighting of investments in your account do not necessarily track the index. The indices assume reinvestment of dividends and do not reflect deduction of any fees or expenses.
Please note: Indices are frequently updated and the returns on any given day may differ from those presented in this document. Index data and other information contained herein is supplied from various sources and is believed to be accurate but Simon Quick has not independently verified the accuracy of this information.