Via MSNBC RedTape -
One moment Dave DeSmidt had $179,000 in his 401(k) retirement account, the next he had nothing. In an instant, 25 years of savings had disappeared.
With a few clicks, someone raided DeSmidt’s retirement account with J.P. Morgan & Co and ordered a full disbursement to a private checking account.
...
The theft wasn’t tax-efficient. Since DeSmidt isn't yet of retirement age -- he’s 57 -- there were severe penalties for the early 401(k) withdrawal, and J.P. Morgan held back about $35,800.09 to pay these taxes. Still, it was a good day's work for the hacker. The company sent the remaining balance -- $143,200.34 -- to an account under his or her control.
...
Computer criminals have made the logical progression from credit card fraud to online bank attacks and now to big-ticket brokerage accounts, analysts say.
Hacker attacks on brokerage accounts make sense from a criminal’s point of view. Brokerage accounts tend to have higher balances, making them worthwhile targets. And while a six-figure transfer out of a checking account would surely trigger fraud pattern detection software, large transfers from brokerage accounts are fairly standard.
John Reed Stark, chief of the Securities and Exchange Commission’s Office of Internet Enforcement, acknowledged that online brokerage hacking is “on the rise” and warned of possible consequences for consumers.
With simple credit card fraud, customers need only call their bank and refuse to pay for an item, he said, but brokerage account hacking is much more dramatic.
“People need to understand this kind of fraud,” Stark said. “This is very serious stuff. … People wake up in the morning, look in their account, and their money is all gone.”
Stark said any consumers who have encountered brokerage account fraud should contact his office for assistance at enforcement@sec.gov.
...
Few consumers appreciate the fact that, unlike credit card and checking account transactions, there are no federal consumer regulations specifically protecting consumers in the event of brokerage account hacking, said Gartner fraud analyst Avivah Litan. And with hackers targeting investment accounts more frequently, the legal loophole could leave investors with some ugly surprises.
...
Both credit card transactions and electronic account transfers, such as online banking payments, are governed by Federal Reserve regulations that strictly limit consumers’ losses from theft. Consumers who report credit card fraud are only liable for $50; liability for fraudulent checking account transfers is capped at $500 if the consumer reports the theft within 60 days. Refunds for checking account thefts must generally be issued within 10 days.
The regulations are designed to boost confidence in the systems. But the Federal Reserve doesn't regulate investment firms, and the Securities and Exchange Commission doesn't mandate any similar protections for brokerage accounts.
-----------------------------------------
As basically stated in the article, brokerage accounts aren't protected by the SEC like normal bank accounts....so while the accounts normally have more money, they fall under less protection laws. Sounds like a ripe, juicy target for spear phishing & hacking pay-days.
No comments:
Post a Comment