Crooks Ripping Off Financial Advisers' Clients

Never let it be said that cybercriminals are not endlessly creative and devious. The latest scam to rip off unsuspecting victims involves email, financial advisors, and consumers' personal accounts.

A new scam from top cybercriminals involves sending emails to financial advisors and other professionals who have access to many consumers' accounts and posing as a client or other official entity, according to a report from USA Today based on data from Identity Theft 911. For instance, one such scam, imparted by CyberScout chairman Adam Levin, involved a long-tenured financial planner getting an email from what looked like a client's insurance company asking him to wire $15,850 into an unrecognized account.

Fortunately, they called the intended victim to verify the transaction, and the fraud was successfully avoided, the report said. However, others may not be so lucky.

These days, many financial professionals use email - and often, casual messages and language - to validate and push through transactions that can often be sizable, the report said. Perhaps unsurprisingly, criminals have somehow seized on this new trend in the financial industry and are now trying to exploit it for their own fraudulent gains.

Often, this may be done by either hacking an email address a crook knows is used to complete such transactions, or creating one that looks legitimate but isn't, the report said. The technique is also likely in response to new efforts on the part of major financial institutions and other companies to make it more difficult to hack computers the old fashioned way, particularly where consumers' finances are concerned. It's relatively low-tech and doesn't necessarily take a lot of work to carry out.

In the past, these attacks were more often carried out against small businesses and other, similarly sized entities, but the new trend is notable, the report said.

"The shift to personal advisers and individual wire transfers is an indication that the well is running dry for them with small businesses and small government," Jon Callas, chief technology officer at authentication firm Entrust, told the newspaper.

Ondrej Krehel, the chief information security officer for CyberScout, has a blog about the ways in which hackers are now trying to rip off unwary victims, and methods consumers can use to avoid them.