FINANCIAL PROFESSIONAL SITE
  

Several offices have received emails from clients that appear to be questionable on whether the email was spoofed (impersonated) by a hacker. The emails typically are written in broken English and include misspellings, punctuation errors and poor grammar. The emails sometimes state that the “client” is unavailable to be called. Also, the “client” asks for account balances which are followed by a check or wire to be sent out of the account. There seems to always be a sense of urgency by the “client” to complete these transactions, too. We want to provide you with some tips on how to better spot these emails and to protect your clients and their accounts from these types of threats.

Below are ten (10) general tips on how to identify whether an email has been spoofed or phished. Remember – if you are not sure whether the email came from the client then your immediate reaction should be to pick up the phone and call the client to confirm that the client sent the actual email. If you receive a questionable email and then the client confirms that they did not send the email, please forward any email communication that you had with the “client” on to Compliance along with the details of the conversation with the actual client. IPI is required to report potential fraudulent activity to the regulators which then forward the information on to law enforcement to attempt to identify and capture the hackers. Please let us know if you have any questions as we hope this information will be useful. Thanks, Renee and Julie