Advisors always want to do what’s best for their clients. What happens, though, when hackers pose as clients, and are savvy enough to replicate the communication styles of their victims?
William J. Rossi, CFP, ChFC
William J. Rossi, CFP, ChFC, a 13-year MDRT member from Gainesville, Florida, saw this when a client asked him through email to wire money to an account because he and his family were on vacation. Rossi recently had had a meeting with the client and knew he really was going on vacation, and the email even called him by his preferred “W.J.,” rather than “William,” which to him is a tip-off that it is someone who doesn’t know him. At a glance, it seemed real.
Twenty minutes later, another email arrived asking for Rossi to hurry up and send the money. “Being in a rush, I almost did it, but thank goodness we have procedures in our office,” Rossi said. “If a client wants to withdraw money, we’re not supposed to take that request via email.”
So Rossi called the client and apologized for bothering him on vacation, saying he just wanted to verify the email request. “We don’t need money,” the client replied. “What are you talking about?”
In fact, the hacker saw that the client had vacation plans and emailed Rossi, who prevented the unauthorized release of $9,000 by following company protocol put in place two years ago. “You never know who’s on the other side of the email,” he said. “Verbal confirmation is the only way we know if that’s our client.”
Read how you can keep your clients’ information safe in the upcoming March/April issue of Round the Table.
For more on cybersecurity:
- “The hacker’s blacklist: Cybersecurity for financial professionals” (pdf)
- “What is your smartphone leaking?” (pdf)
Written by Matt Pais, MDRT Content Specialist
Similar Posts
How to help clients through divorce
Successful people consistently practice successful habits
Illustrating that it’s not just about building wealth but protecting it