Hackers are Becoming Increasingly Sophisticated: Tips for Preventing Fraud

GRWP Family,

We have seen and heard about fraud scams getting increasingly complex.  Here are a few examples:

Bad actors will hack into a wire recipients email and change the wiring instructions via email to the sender. Whenever you are wiring funds to anyone, ALWAYS call them directly for approval.  Don’t wire based solely on an email without verbal confirmation.

Hackers will send out bogus Zoom email invitations to confirm wiring instructions.  Meanwhile, the faces on the Zoom are all AI generated with people the victim knows.  Again, calling a known phone number directly is the best defense. 

You may receive a text or email request from a contact requesting you purchase gift cards and send him or her the bar codes. Don’t run to the store and buy without calling and verifying. Why would anyone ask you to do that anyway?

It's better to be safe than sorry, taking the extra step of verbal confirmation is critical.

Also, never send account numbers, SS#'s or other private information via text or email. We will ask that you upload this through a secure portal.

Please see below for more tips.

- Bobby, Jordan and your GRWP Team

Here are some important tips directly from Schwab:

Fraud and cybercrime are serious threats, so constant vigilance is key. Our firm plays an important role in helping safeguard your assets, but you can also take action yourself to protect and help secure your information. This checklist summarizes common cyber fraud tactics, as well as security tips and best practices. Some suggestions may be things you’re doing already, whereas others may be new to you. We also cover actions to take if you suspect that your personal information has been compromised. If you have questions, we’re here to help.

Cyber criminals exploit our increasing reliance on technology. Methods used to compromise a victim’s identity or login credentials—such as malware, phishing, and social engineering—are increasingly sophisticated and difficult to spot. A fraudster’s goal is to obtain information to access your account and assets or to sell your information for this purpose. Fortunately, criminals often take the path of least resistance. Following best practices and applying caution when sharing information and executing transactions makes a big difference.

How we can work together to protect your information and assets

Safe practices for communicating with our firm

How Schwab protects your account

Schwab takes your security seriously and leverages protocols and policies to protect your financial assets. The following are actions you can take to reinforce these efforts, as well as resources to keep your account safe.

Follow general best practices

Keep your technology up-to-date

Be cautious with public networks

Be strategic with your login credentials and passwords

Be sure you’re on a secure website

Beware of phishing

What to do if you suspect a breach or fraud

Glossary

domain
name
As it relates to an email address, this is the information that comes after the @ symbol—for example, schwab.com in jane.doe@schwab.com.
malwareSoftware that is intended to damage or disable computers and computer systems.
password managerAn encrypted online or cloud-based program that generates, retrieves, and keeps track of random passwords across countless accounts and also protects information such as passwords, PINs, credit card numbers and their three-digit CVV codes, and answers to security questions.
phishingThe fraudulent practice of sending emails or text messages appearing to be from reputable companies or trusted individuals in an attempt to get users to reveal personal information such as passwords and credit card numbers. Phishing attempts are usually legitimate-looking, urgent-sounding emails or texts designed to trick you into disclosing personal information or installing a virus on your device. These scams can be sent as attachments or links that, when opened or clicked, may trigger malicious activity or take you to fake websites that resemble legitimate business sites.
spam filterA program that detects unsolicited and unwanted emails and prevents them from reaching your inbox. Usually these types of emails are instead routed to a spam or junk folder.
two-step verificationA method of confirming your identity using a second step to verify who you are. For example, the first step might be to enter your user ID and password, and the second step might be to enter a randomly generated number sent to you via email, text, token, or phone call. Also known as multi-factor authentication.

Learn more. Visit these sites for more information and best practices: