COVID-19 is Not the Only Virus Threat
Cybersecurity Platforms and Financial Planning Malware Threats
Since we handle sensitive financial data, FPH is required to have sophisticated cybersecurity platforms in place, including, but not limited to premium anti-virus, anti-malware, anti-ransomware, etc. and to check and update these protocols regularly. On the human side, all of us at FPH are aware of the threat and are vigilant in our electronic communications. However, as careful as we may be, the level of sophistication of today's spoofing schemes makes it is easy to be fooled.
The image above is a spoofed email that fooled me last week. The originating email address appeared to come from UPS and the "UPS Invoice" appeared to be a standard .xls file. Per the red-circled notification below, when I tried to download the “invoice”, it was flagged as a dangerous file.
Equally insidious is the following spoofed DropBox message I received yesterday from a client's legit email address:
DropBox is used for secure document delivery, and I had zero reasons to believe the message was toxic. When I clicked “View Document,” our security platform flagged it as malicious. A call to our client confirmed that her email had been hijacked. In “the old days,” the objective of spoofing scams was to try to trick users into entering sensitive information such as passwords and social security numbers into a fake portal. These days, the sender’s objective is more likely to get you to click on a link that will automatically install malware or ransomware on your hard drive.
Our Advice for Financial Planning Hawaii Clients
I receive at least one near-perfectly spoofed message per week. I am grateful for our cybersecurity platform. We urge all clients to install comprehensive security software on their devices too and to make sure the programs are set to automatically update. Beyond that, I continue to implore all FPH clients to stop sending confidential account information (e.g., social security numbers, account numbers, birthdates, etc.) via unsecured/unencrypted email.
John H. Robinson is the owner of Financial Planning Hawaii and the co-founder of Nest Egg Guru, a unique web-based retirement planning application.
Important Disclosures: This communication is intended purely as general information. None of the information provided above should be construed as constituting specific tax or legal advice. All clients are encouraged to consult with their respective CPAs or attorneys for such guidance.
For clients who maintain brokerage accounts, National Financial Services, LLC(NFS), member NYSE/SIPC, a Fidelity Investments® company, serves as custodian for client assets and provides clearing and trade execution for client accounts. Securities services are offered through J.W. Cole, Inc.(JWC), member FINRA/SEC and Investment Advisory Services are offered through J. W. Cole Advisors, Inc., an SEC Investment Advisor. Financial Planning Hawaii Inc. and JWC/JWCA are not affiliated entities. The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.