More On Legal & Compliancefrom The Advisor's Professional Library
- Privacy Policies and Rules Whether an RIA is SEC or state-registered, the firm must have policies and procedures in effect to protect clients privacy. Policies and procedures should explicitly require an RIA to send out its privacy notice each year.
- Differences Between State and SEC Regulation of Investment Advisors States may impose licensing or registration requirements on IARs doing business in their jurisdiction, even if the IAR works for an SEC-registered firm. States may investigate and prosecute fraud by any IAR in their jurisdiction, even if the individual works for an SEC-registered firm.
The Financial Industry Regulatory Authority issued an Investor Alert on Thursday warning investors that email hacking is on the rise, and that they should immediately contact their brokerage firm or financial institutions if they suspect their accounts have been compromised.
FINRA says that it issued the alert, "Email Hack Attack? Be Sure to Notify Brokerage Firms and Other Financial Institutions," because it has been receiving an “increasing number of reports involving investor funds being stolen by fraudsters who first gain access to the investor's email account and then email instructions to the firm to transfer money out of their brokerage account.”
The alert warns investors about the potential financial consequences that follow an email account being hacked and provides tips for safeguarding their assets, and links to a joint fraud alert issued by the FBI, Financial Services Information Sharing and Analysis Center (FS-ISAC) and Internet Crime Complaint Center (I3C) that describes a similar trend in which hacked email accounts are being used to facilitate wire transfers.
FINRA also issued a regulatory notice highlighting some of the risks associated with accepting instructions to transmit or withdraw funds via email and recommending that firms reassess their policies and procedures to ensure they are adequate to protect customer assets from such risks.
“Investors who suspect that their email account has been hacked should immediately notify their brokerage firm and other financial institutions, and anyone who suspects they have been defrauded should file a complaint with FINRA,” said Gerri Walsh, FINRA’s vice president for Investor Education, in a statement.
The alert teaches investors how to tell when their email account has been hacked and informs them of the steps they should take if their personal financial information has been stolen.
Tell-tale signs that an investor’s email has been hacked, the FINRA alert says, include reports of spam from people in your “contacts” folder or a slew of “bounced” email messages from people you don’t know. Investors also may find that their password or other account settings have been changed–or that their email provider has blocked them from accessing their account.
If your email account has been hacked, FINRA says investors should take these steps:
- Immediately contact your brokerage firm and other financial institutions, including credit card issuers, to notify them of the problem. Also notify the credit bureaus to put a fraud alert on your file.
- Check your brokerage account for unauthorized transactions–especially withdrawals or wire transfers to an account that is not yours–and ask the firm to investigate if you find any.
- Change your username, password and PIN for your financial accounts–and also change your password to your email account.
- To prevent hacking, get a subscription to antivirus software that is installed, active and kept up to date.