Data breaches at Target and Neiman Marcus were certainly scary. Personal information from tens of millions of people fell into the hands of cybercriminals.
But an equally threatening and perhaps more personal attack is a hacker getting into your email and then using it to take money from your bank and brokerage accounts.
It is a problem that is increasing at all wealth levels, from individuals with small investment accounts to family offices that serve the wealthiest clients. Naureen Hassan, senior vice president of client experience at Charles Schwab, which is the largest custodian of independent advisers in the country, said the firm had seen a fivefold increase in email-related fraud over the last two years.
“The biggest type of fraud we see is the fraudster takes over the person’s email, and emails the adviser asking for urgent money,” Ms. Hassan said. “The other problem is related to clients storing signed pieces of paper in their email, which allows fraudsters to forge their signature.”
One of the better-known cases involved a client of GW & Wade, a Focus Financial Partners firm in Wellesley, Mass., that manages about $4 billion. The firm, which settled in October with the Securities and Exchange Commission, sent $290,000 of a client’s money in three separate wires to a foreign bank, in response to a hacker sending emails from the client’s account requesting the transfers.
The S.E.C. accused GW & Wade of not having adequate safeguards to prevent the thefts and fined it $250,000 for executing the transfers. In its censure of the firm, the agency required it to take remedial steps to increase data security.
“When alerted to the situation, we took immediate action and ensured our client was never at financial risk,” Neil Goldberg, a principal of the firm, said in a statement. “Since then, we have put into place both new systems and procedures to prevent any similar occurrence.”