Safe?

wasp

Legendary member
Messages
5,107
Likes
879
Caution urged as online stock scams multiply
Regulators notice more fraud in recent months; companies' bottom lines hit


By Robert Schroeder, MarketWatch


WASHINGTON (MarketWatch) -- A growing wave of high-tech fraud is starting to add up to real losses in the online brokerage business, and sending clear warning signals to investors that they need to protect themselves from cyber-thieves after their cash.

Last week, E-Trade Financial Corp. said Internet fraud-related scams cost the company $18 million in the third quarter. And earlier this week, TD Ameritrade said fraud cost it $4 million in its fourth quarter. It's the first time either company has disclosed dollar amounts for fraud losses.

The disclosures painfully illustrate a burgeoning cost of doing business in the multibillion dollar online investing industry. For brokers-- who promise to make defrauded investors whole -- losses represent wasted assets. For shareholders, they mean a decline in profits. And for customers--10.2 million of whom have traded in the last three months--it's a heart-thumping threat to their savings. And no one expects this type of fraud to stop anytime soon.

"I think this is with us forever," says TD Ameritrade CEO Joe Moglia, adding that online brokers are treating fraud-fighting as a real priority. "You never become complacent."

Proliferating scams

Regulators say they have seen a particularly strong upswing in theft resulting from two types of scams in the last two months.

Both frauds involve thieves snaring investors' user names and passwords from public computers in places like hotel lobbies or Internet cafes by using keystroke-monitoring "spyware" to grab the information, according to John Reed Stark, the head of the SEC's Office of Internet Enforcement.

One scam involves thieves armed with users' private information liquidating securities and wiring the money to bank accounts, often offshore.

Stark calls the second scam "pump and dump--with a technological twist to it." Again using victims' personal data, hackers steal money to purchase microcap stocks in an effort to drive up their share prices. The shares--already owned by the hackers--are then sold at a profit.
Stark said regulators have "several investigations" ongoing into online investing-related fraud.

How to protect yourself

Consumers can be their own first line of defense from fraudsters.

All online brokers provide extensive tips to customers on their web sites. The most common security tips are keeping account information secure, frequently changing user IDs and passwords and using firewalls and other security software on home computers.

Investors are also being urged to take precautions if they're logging on and trading while in foreign countries.

"This seems to be something happening overseas. People are traveling and allowing their log-ins and their user IDs to be obtained. It mostly seems to be through wireless systems," TD Ameritrade Chief Operating Officer Randy MacDonald said on a conference call this week.
Whether overseas or domestically, companies and regulators say, customers should avoid using computers in places like hotels or libraries. "If they're using public computers, they should think twice about that," says Glen Mathison, a spokesman for Charles Schwab & Co., Inc. . The SEC and securities administrators recommend similar steps. Read an SEC online-safety guide.

"Investors need to carefully guard their financial information and continuously monitor their online brokerage records to ensure that they are not subject to this type of fraud," said North American Securities Administrators Association President Joseph Borg in an alert to investors Thursday.

Beefing up security


At the same time they're warning customers to protect themselves, online brokerage companies are also investing in new technologies to fight fraud, though they're reluctant to discuss specific investments or methods.

"We've continued to beef up our security measures," says Schwab's Mathison. TD Ameritrade puts part of its $160 million technology budget toward improving account and systems security, Moglia said in an interview this week.

"We're working with software vendors to develop new techniques for preventing this from even happening at their keyboard level," MacDonald told analysts and reporters Tuesday.

All three companies reimburse investors for losses that result from online fraud. But unlike E-Trade and Ameritrade, Schwab, the largest U.S. online broker, hasn't disclosed loss amounts. "We haven't seen anything unusual enough or sizable enough to justify disclosure," Mathison said.

Adam Schran, CEO of security-software maker Ascentive, predicts online brokers will improve their security requirements by asking customers to, for example, answer a third question about personal information when logging on.

In the meantime, says Schran, companies will try to figure out how to predict what fraud will cost them in a given quarter, much like banks predict the impact of checking fraud.

"It increases everyone's costs in the long run when this kind of fraud happens," says Schran, who notes companies can pass on costs to clients in the form of higher fees or commissions.
The measures less taken.

Experts agree that there are a host of measures investors can take to protect themselves from online fraudsters. But are they?

Not according to a study conducted a year ago by America Online and the National Cyber Security Alliance. The study said 80% of consumers don't install antivirus and anti-spyware programs, install firewalls or regularly update their operating systems and security software.
Security "really does come down to the choices consumers make," says NCSA executive director Ron Teixeira.

Like others, Teixeira believes the problem of online brokerage account fraud will only increase in the future. And he predicts that investors' ire over the practice will spur companies like E-Trade or Schwab to provide their clients with better protections for their identities and financial information.

"It's unfortunately something that's going to be an emerging threat and not going to go away," says Teixeira.

Forrester Research analyst Jonathan Penn adds that consumers should frequently look at their account activity to scan for trades possibly made by someone other than themselves. He also advises setting up alerts for when trades are made. Companies, he says, should allow their investors to set such alerts up and to choose the level of security they want.
"The issue is to balance the security measures with the level of risk," says Penn.
Meanwhile, regulators urge online investors to be on the alert wherever they are.

"Hacking can take place anywhere," says the SEC's Stark. "Right next door or 10,000 miles away."
 
Top