Willie Sutton, the bank robber, was asked, "Why do you rob banks?" His famous quote as saying, "because that is where the money is."For most of us working today, and in retirement, most of our money is in our 401k account and Individual Retirement Accounts (IRAs). There is $30.1 trillion in 401k and IRAs, according to the Investment Company Institute (mutual fund think tank). Can you guess why cybercriminals are trying to highjack your personal information?
Michael Driscoll, FBI special agent in charge, Counterintelligence/Cyber Division, in the bureau's New York office. "Business Email Compromise is right now off the charts," said Driscoll, who spoke at the 2020 FINRA Cybersecurity Conference. "Every business is getting targeted, from the smallest to the largest."
These attackers "know where to send the email, and they know everything about your organization before they send it … using whatever they can, including malware tools and publicly available information, so they can to the best place that email and target your system," said Driscoll.
Over the last month, I have received three attempts to hack my accounts. The first one using email phishing, I received an email that looks like an email from Amazon, telling my credit card had expired on my account. Luckily, I noticed it was using an old email account address; it had a suspicious return email address. I checked and verified my account information to determine it was a hack attempt.
The second and third hacking attempts by text message. One message was from Federal Express and the other form UPS on the same day. Both text messages said that my delivery had the wrong address. FedEx and UPS wanted my credit card number to verify my address. I knew I had not bought anything that required transportation. Both text messages where deleted, and the caller number was blocked.
"Never change your payment method based on an internet email or text or a phone call," said Driscoll. "Talk to someone. Verification is needed."If a company hacked, it should address the issue "immediately, contacting receiving banks, trying to call back the funds and reaching out to law enforcement," said Driscoll. Businesses can file a suspicious activity report (SAR) with the FBI Crime Complaint center at www.IC3.gov.
As a public service to our community, 401k/IRA Assist has partnered with the Bureau of Consumer Financial Protection to provide educational seminars to prevent financial fraud. Money Smarts for Adults designed to give you information to help prevent common frauds, scams, and other types of exploitation in our community. There is no charge for materials and speakers.