As technology continues to advance and provide additional ways for consumers to manage their finances, cyber criminals create more advanced techniques to access consumers’ sensitive personal information, placing assets at risk.

At Mariner, we have recognized an increase in fraudsters hacking email accounts and attempting to initiate wire transfers. We have also noticed an increase in ransomware attacks. We have strict internal control processes and vigilant advisory teams trained in identifying these situations. However, we believe it is important to bring this serious risk to our clients’ attention so we can work together to prevent wire fraud and protect clients against other forms of identity theft and extortion.

Types of Risk

Fraudulent Money Transfers

Of all types of money transfers, third-party wires are the most susceptible to fraud because it is extremely difficult to trace a wire to the receiving party once it has been sent. One common method for wire fraud occurs when a fraudster hacks a client’s email account and accesses past correspondence between the client and his or her advisor. The fraudster can then email the advisor from the client’s email address to request a wire transfer to an account where he/she can access the funds. In fact, according to the Federal Trade Commission, wire transfer was the most widely used form of fraudulent payment.¹

The fraudster likely has access to a wide range of personal information stored within the client’s email that can be used as authentication. Frequently, the fraudster indicates he or she is out of the country and unable to provide verbal confirmation of the wire transfer. Or, the fraudster may try to call the advisor’s office to verbally confirm the wire in the hope the team member who takes the call won’t recognize his or her voice.

In addition to accessing private information by hacking into an email account, another common practice involves fraudsters posing as IRS agents and calling potential victims to recover overdue taxes, often threatening to send the victim to jail. Again, the fraudster likely has access to the client’s personal information and will try to use that information as validation.

Should anyone contact you by the phone and identify themselves as an IRS agent demanding an overdue tax payment, simply ask for their name and number so you can call them back, or hang up the phone. As standard protocol, the IRS always first establishes contact with taxpayers by letter, as opposed to a threatening phone call. In addition, the IRS would never ask for credit card or bank information over the phone.

Ransomware Attacks

A ransomware attack is one that blocks access to a computer system until a sum of money is paid. Access is blocked by encrypting data. The data is decrypted only after a Bitcoin ransom payment is received.

In January 2014, the FBI issued a release that ransomware was on the rise, “When ransomware first hit the scene, computers predominately became infected with it when users opened e-mail attachments that contained the malware. But, more recently, we’re seeing an increasing number of incidents involving so-called ‘drive-by’ ransomware, where users can infect their computers simply by clicking on a compromised website, often lured there by a deceptive e-mail or pop-up window.”

In the case of email, the virus is usually contained as an attachment to a phishing message that appears to be from a business. The virus is an executable attachment that is disguised as a PDF file. With Windows’ hidden extension feature, the sender can hide the .exe extension and add a .pdf extension instead. The email recipient is tricked into thinking the attachment is a harmless PDF file from a trusted sender, when it is actually an attack.

Steps to Take

At Mariner, we take security threats very seriously. We believe our internal controls and our focus on knowing our clients helps us identify fraudulent requests. We also require verbal confirmation from the client before we issue any type of wire. If we have any suspicions, we won’t initiate the transfer.

We suggest you take the following steps to help prevent becoming a victim of cyberattacks:

Manage Devices

• Install up-to-date antivirus and antispyware programs and run regular scans.
• Dedicate a separate computer for kids’ games and online activities.

Choose Long, Strong, Unique Passwords

• Regularly reset passwords.
• Avoid using common passwords across accounts.
• Don’t store passwords in email folders or Internet-accessible files.
• Enable a password or PIN on all mobile devices.

Surf The Web Safely

• Avoid connecting to the Internet via unsecured or unknown wireless networks, such as public locations.
• Don’t click on pop-ups, go to sites directly.
• Only download software, especially free software, from sites you know and trust.

Protect Information On Social Networks

• Limit the amount of personal information you post.
• In an effort to prevent others from successfully passing online authentication requests, do not share the following information via social media: birth announcements, home address, birthdates, phone numbers, vacation plans, loss of loved ones, etc.

Protect Email Accounts

• Delete any emails that include detailed financial information.
• Use secure data storage programs to archive critical data and documents.
• Never click links in unsolicited emails.
• Do not click on the Unsubscribe link in an email. Instead, delete the email and block the sender. Then, unsubscribe from the organization’s website directly.
• Establish separate email accounts for personal correspondence and financial transactions.
• If offered by your email provider, elect dual authentication, which requires a second level of password security.

Safeguard Financial Accounts

• Review credit card and financial statements as soon as they are available.
• If any transaction looks suspicious, immediately contact the financial institution where the account is held.

If you believe your email account has been hacked, we recommend you immediately take the following steps to help safeguard your personal information and financial accounts:

• Check to make sure your email account has not been set to forward emails to another address. This prevents the hacker from receiving an email confirmation when a password has been reset.
• Notify your wealth advisor, your bank and your credit card companies to ensure they are aware of the situation and on the lookout for fraud.
• Take your computer to an independent testing lab to scan for viruses and malware. This ensures the hacker doesn’t continue to have remote access to your computer.
• Once the computer scans are complete, notify your advisor. We will request new account numbers from the custodian.
• Ensure you are taking advantage of your email provider’s authentication processes, which can protect you if someone tries to log into your email account from a device that has not been authenticated or approved.

If you have any questions regarding cyber fraud or the security of your account, please contact your advisor.

¹https://www.ftc.gov/news-events/press-releases/2018/03/ftc-releases-annual-summary-complaints-reported-consumers

This document is for informational use only. Nothing in this publication is intended to constitute legal, tax, or investment advice. There is no guarantee that any claims made will come to pass. The information contained herein has been obtained from sources believed to be reliable, but Mariner Wealth Advisors does not warrant the accuracy of the information. Consult a financial, tax or legal professional for specific information related to your own situation.

Mariner is the marketing name for the financial services businesses of Mariner Wealth Advisors, LLC and its subsidiaries. Investment advisory services are provided through the brands Mariner Wealth, Mariner Independent, Mariner Institutional, Mariner Ultra, and Mariner Workplace, each of which is a business name of the registered investment advisory entities of Mariner. For additional information about each of the registered investment advisory entities of Mariner, including fees and services, please contact Mariner or refer to each entity’s Form ADV Part 2A, which is available on the Investment Adviser Public Disclosure website. Registration of an investment adviser does not imply a certain level of skill or training.