If you’re a registered investment advisor (RIA) or financial advisor, chances are you’ve already heard of phishing and the dangers it poses to firms like yours. But do you know that phishing today is no longer just a random email asking for your password? It’s a carefully orchestrated attack designed to exploit your trust and professionalism.
Below, we’ll explore two advanced phishing campaigns we’ve recently seen targeting RIA and financial advisory firms. We’ll give you a peek behind the curtain and show you how these scams work. Most importantly, we’ll provide actionable steps to protect yourself and your clients, and keep your assets safe and sound.
Why RIAs and financial advisors are a target
RIAs and financial advisors are prime targets for cybercriminals due to the large amounts of sensitive financial information they hold. This includes the personal and financial data of their clients, making them a lucrative target for identity theft and financial fraud.
Notably, from 2019 to 2023, data compromise incidents affecting financial institutions surged by over 330%, highlighting the growing risks in this sector. |
High-value transactions
RIAs handle significant financial transactions daily. Scammers know this and seek to redirect these funds into their own accounts. It’s like having a treasure chest in plain sight — something too tempting for fraudsters to resist.
Trusted relationships
Advisors build close, trusted relationships with their clients. Cybercriminals exploit this trust by mimicking communication styles and timing their attacks when clients are most likely to comply without suspicion.
Complex data
The complexity of investment data provides a fertile ground for phishing attacks. With so much information exchanged, it’s easy for a cleverly disguised scam email to slip through unnoticed, especially when it blends seamlessly with legitimate correspondence.
Common phishing campaigns targeting RIAs and financial advisors
Let’s dive into the two types of phishing scams that are making the rounds in the RIA and financial advisory space.
Scam no. 1: The spyware infiltration
Spyware can lurk on your device, silently monitoring your communications. Scammers use this tactic to learn your communication habits before launching their attack. Here’s how it unfolds:
The reconnaissance
Once the spyware is active, scammers observe your emails. They look for ongoing discussions about new opportunities or changes in account details, anticipating when you’ll need to ask clients for money transfers.
The fake email assault
When the time is right, scammers strike by sending an email from an address that looks eerily similar to yours. They alter the spelling just enough to go unnoticed at first glance. For example, if your email is johndoe@example.com, the scammer may use john.doe@example.com or johnd0e@example.com. The email asks clients to wire money to a new account, leveraging the context they’ve gathered from monitoring your conversations.
The waiting game
Patience is key for these criminals. They wait until trust is established and the client is expecting communication. This calculated waiting game increases their chances of success.
The aftermath
By the time you and your client realize what’s happened, it’s too late. The money has been transferred to an untraceable account, and your reputation may be irreparably damaged.
Scam no. 2: The Dropbox deception
The second type of phishing attack involves a combination of legitimate and deceptive emails. Let’s break down this scam:
The initial email scam
Cybercriminals begin by sending an email to your client containing new banking details. The kicker? It comes from a seemingly reputable email address associated with Dropbox or another cloud storage service. The message prompts recipients to add information to a file in Dropbox.
The follow-up from “you”
Next, the scammers hack your email to send a follow-up message saying the file is too large to be attached to the email and must be accessed through Dropbox instead. This follow-up directs your client back to the original email with the fake link, luring them into their trap.
The stealth tactics
By directing clients to Dropbox, scammers avoid further communication in the hacked inbox, making it harder for you to detect the breach. This clever maneuver keeps their activities under the radar.
The aftermath
Once your client adds the information to the Dropbox file, it’s game over. The scammers have all they need to access sensitive data or redirect funds. And because a lot of the communication is happening in Dropbox and not your actual email, it’s challenging for you and your client to realize what has happened until it’s too late.
Protecting your RIA or financial advisory firm from phishing attacks
Now that you understand how these phishing scams work, here are some practical steps to protect yourself and your clients.
Secure your email systems
Invest in robust email security systems that include firewalls, anti-spam filters, and advanced threat protection features. These protect against both inbound and outbound threats, reducing the likelihood of falling victim to phishing attacks. Additionally, you should regularly update your email software to ensure you have the latest security patches.
Conduct security awareness training
Educate your team on recognizing phishing attempts, emphasizing the importance of cautiousness with email communications. Training should cover identifying suspicious emails, verifying the sender’s legitimacy, and avoiding clicking on unknown links.
By instilling a culture of vigilance, you empower your staff to become a strong first line of defense against potential threats.
Implement simulated phishing exercises
Simulated phishing exercises allow you to test your team’s awareness and vulnerability to phishing attacks without putting your business at risk. These exercises mimic real-life scenarios, giving you valuable insights into how effective your security measures are and areas where you can improve.
Through practice, your team becomes more adept at identifying and handling phishing attempts.
8 Security Protections Your RIA Needs to Have in Place Now(especially if you’re using Microsoft email) |
Sophisticated phishing attacks continue to evolve, so it’s critical to stay vigilant and regularly update your security protocols. By implementing these recommendations, you can safeguard your RIA or financial advisory firm from the devastating effects of phishing attacks.
Contact RIA WorkSpace today for more information and resources on cybersecurity for RIAs and financial advisors.