Home > 2013 > Identity Theft > Financial Advisers Have to Protect Your Money Against ‘Spoofing’

Financial Advisers Have to Protect Your Money Against ‘Spoofing’

Advertiser Disclosure Comments 0 Comments

spoofing identity theftTo hackers and identity thieves, few things could be more enticing than cracking open a business. From corporations to small businesses, there’s the potential to gain access to the personal information of hundreds, thousands or even millions of customers in a single hack. Financial advisory practices are particularly alluring targets because they handle so much money, and because of appeal, “spoofing” is striking the industry hard.

Spoofing is the buzzword that’s used when a hacker or thief impersonates a financial adviser’s client and requests transfers, or the disclosure of sensitive information. One common method used by thieves is hacking into a client’s email account and then sending emails to the advisory practice, asking funds to be transferred to certain accounts. The savviest of these criminals can also find out ways to get into a client’s mobile phone account, set up call forwarding and then impersonate the client in case the adviser calls to confirm the requested transaction.

Financial advisers have to put in place certain security procedures to prevent spoofing from happening. While it’s not an extremely common occurrence, clients should make sure they understand how their adviser handles sensitive information.

“Good procedures can circumvent this,” says Linda Leitz, Chair Elect of the National Association of Personal Financial Advisors. “Also, many financial advisers don’t take custody of investment assets.”

For consumers working with financial advisors, asking questions about security isn’t just important anymore – it’s essential. Here are a few things to ask:

  • Does the firm have a company-wide policy when it comes to verifying clients’ identities? What are the details of the policy? Is it single- or multiple-layer?
  • Are options like video chat available for requesting major transactions or other client-initiated actions?
  • Does the firm have a plan of action in case spoofing or other hacking occurs?

Protecting against identity theft is often an individual’s responsibility, but companies that deal with sensitive information also have an obligation to protect clients’ assets and interests.


Comments on articles and responses to those comments are not provided or commissioned by a bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by a bank advertiser. It is not a bank advertiser's responsibility to ensure all posts and/or questions are answered.

Please note that our comments are moderated, so it may take a little time before you see them on the page. Thanks for your patience.

Certain credit cards and other financial products mentioned in this and other articles on Credit.com News & Advice may also be offered through Credit.com product pages, and Credit.com will be compensated if our users apply for and ultimately sign up for any of these cards or products. However, this relationship does not result in any preferential editorial treatment.