Client Affairs
Wealth Managers Respond To ID Theft Threats
With identity theft on the rise, high net worth individuals are being increasingly targeted. Wealth managers should be aware of these threats and take steps to make sure their clients are protected to the fullest extent possible.
With identity theft on the rise, high net worth individuals are being increasingly targeted via a variety of internet-based and other types of scams. Wealth managers should be aware of these threats and take steps to make sure their clients are protected to the fullest extent possible, says Bill Kowalski, vice president and director of corporate investigations for Rehmann, a wealth management, accounting and corporate investigative firm in Troy, Michigan.
Because security and identity threats come from so many directions these days, high net worth individuals are more vulnerable than ever before, he notes. “We see individuals that have grown up with family money or created their own wealth and as they get older, the world has changed,” Kowalski says. “And many have created their businesses or their wealth with their hands and with computers, many aren’t used to protecting their information, but there are lots of threats.”
Ron Williams, a former US Secret Service agent and founder of security consulting firm Talon, located in Orange County, California, has seen identity theft evolve from fairly simple scams to sophisticated internet threats run by criminal gangs. “Identity theft is being perfected,” he says. “The most egregious method of capturing identity, data and financial information from high net worth individuals is from information systems and computers.”
Identity theft threats
Here’s a run-down on the most common identity theft threats:
Phishing: While these scams have been around for years, they are getting more sophisticated, says Williams. Typically, you’ll receive an e-mail that asks you to verify your account information with a bank, brokerage firm, credit card company or Paypal. When you click on the link, you go to a webpage that looks official. If you enter your information, identity thieves capture it and use it to access your accounts and loot them, Williams adds.
Pharming: One of the more difficult scams to detect, it deceives victims by hijacking legitimate domains and redirecting users to false sites, cloaked to look like legitimate sites to fool victims into entering their financial information for the purpose of stealing it, according to the Federal Reserve Board of Boston.
Spear phishing: A more sophisticated form of phishing, spear fishing targets people who have common ties to a group and gets them to reveal personal data ostensibly to that group, but really to identity thieves, according to the FBI.
Social networking scams: Networking on Facebook, Twitter, Foursquare, LinkedIn and other sites can make identity thieves aware of your movements and habits, which can open the door to theft, says Kowalski. Even if your HNW clients aren’t involved in social networking, they may be vulnerable because of the activities of their family members, he adds. “Their children and grandchildren can be manipulated by bad guys to learn as much as they can about the family,” he says. “And the more they know, the easier it is to commit an identity theft and steal substantial amounts of money.
Identity theft solutions
Here are Williams’ and Kowalski’s top suggestions for protecting high net worth clients against identity theft:
Computer and data security: Protecting individual PCs, servers and data is vital for wealth managers looking to protect their HNW clients against identity theft. “Make sure they have layered levels of security on their computers and that they understand the common types of scams and attacks,” says Williams. “Also they should shred all of their information, especially things like bank and credit card statements before they go into the trash.”
Background checks on potential employees, vendors and business partners: Before you hire or partner with anyone, do a background check, advises Kowalski. Otherwise, you’re exposing your home, business, family and technology to identity thieves who have the advantage of working from the inside to steal your money and sensitive information. “We recommend full background checks before hiring and then an updated background check at three or five years,” he adds.
Potential business partners may not always be on the up and up, either, he continues, so it can make sense to check up on the backgrounds of those partners to make sure they are legitimate, and not trying to scam the high net worth business owner.
Credit report and bureau monitoring: If a client’s identity has been compromised, it will usually show up on a credit report or via a credit bureau, Williams notes. By placing alerts on credit report files and monitoring them closely, you can stop identity theft in progress. If you discover an actual or potential case of identity theft contact the three credit bureaus immediately and block access to credit, he continues.
Travel security precautions: Many high net worth individuals travel via private jets, and are vulnerable to security problems while traveling. Kowalski recommends background checks on private pilots, staff at vacation homes and other employees or contractors. High-grade security systems should be installed on all homes and properties. Also be alert to ways that thieves can access travel plans via private plane tail numbers, he adds.
Vulnerability assessment: In the final analysis, the best way to fully assess the vulnerability of high net worth clients to identity theft and other potential security issues is to conduct a vulnerability assessment, says Kowalski. All too often, a step like this doesn’t happen until after a successful theft. “In a vulnerability assessment, a firm like ours comes in and assesses the entire situation and makes suggestions about what security protocols and steps to put into place to increase security,” he says.
If you’re considering suggesting such a step to your high net worth clients, make sure this assessment includes attempts to penetrate both the computer network and homes and businesses of the clients, recommends Kowalski. “It’s amazing how far we can get sometimes into someone’s home or business by sending in someone with flowers or dressed as the Roto-Rooter man,” he adds.