Threats to Data Security Intensify every hour, technology continues to evolve, changing the way we lead our lives. Unfortunately, cyber criminals are evolving just as fast, developing new ways to separate people from their assets. While the most common tactics used to compromise a victim’s identity or login credentials are long-time nemeses such as malware, phishing, and social engineering, they are growing increasingly difficult to spot. The end game with these tactics is, of course, criminal. After gaining access to an investor’s personal information, cyber criminals can use it to commit various types of fraud, including:
- Fraudulent trading
- Electronic funds transfer (EFT) fraud
- Wire fraud
- Establishing fraudulent accounts
Common ways in which identity and login credentials are stolen
- Malware: Using malicious software (hence, the prefix “mal” in malware), criminals gain access to private computer systems (e.g., home computer) and gather sensitive personal information such as Social Security numbers, account numbers, passwords, and more.
How it works: While malware can be inserted into a victim’s computer by various means, it often slips in when an unwary user clicks an unfamiliar link or opens an infected email.
- Phishing: In this ruse, the criminals attempt to acquire sensitive personal information via email. Phishing is one of the most common tactics observed in the financial services industry.
How it works: Masquerading as an entity with which the victim already has a financial relationship (e.g., a bank, credit card company, brokerage company, or other financial services firm), the criminals solicit sensitive personal data from unwitting recipients.
- Social Engineering: Via social media and other electronic media, criminals gain the trust of victims over time, manipulating them into divulging confidential information.
How it works: Typically, these scammers leverage something they know about the person—like their address or phone number—to gain their confidence and get them to provide more personal information, which can be used to assist in committing fraud. Social engineering has increased dramatically, and many times fraudsters are contacting people by telephone.
Tips to protect against Cyber Fraud are outlined in the “Protection Checklist”. Investor Protection Checklist
(Article and Information supplied by Fidelity Investments)