Tags: security

Say a hacker sets up the domain for Sschwab.com or TDAmmeritrade.com and emails you requesting you send confidential information or builds a few Web pages that look just like your custodian's site.

If you're a private wealth advisor, please join Advisors4Advisors (A4A) to get its full benefits.

Register now, and we will donate $20 of our $60 membership fee to Bubbles The Clown’s financial literacy program, and you can post an icon on your website saying you support Bubbles' 501(c)3 charitable organization.

Plus, get other membership benefits, including:

Analysis daily of issues affecting advisors Aggregation of news from dozens of sites targeting wealth managers Reviews by advisors of practice management applications 30 independent experts blogging on advisor business issues 24/7 access to webinars with 50 hours of CFP® CE and 100 hours of IMCA CE Register Now

While there is no known effort to perpetrate such a fraud by using these or other brokerages, "typosquatting" is a real security threat advisors should be aware of.

Researchers at security think tank Godai Group set up phony domains using small typos. It yielded a treasure trove of personally identifiable infrotmation.

"During a six‐month span, over 120,000 individual emails (or 20GB of data) were collected, which included trade secrets, business invoices, employee PII, network diagrams, usernames and passwords, etc," according to the researchers. 

A story on PC World highlights the threat and provides more detail.

It lends further evidence to the notion that advisors need to be mindful of social engineering attacks.

Educating clients about how to protect themslves against this growing scourge would be wise.