We have been made aware of a recent scam that has impacted on a client of a fellow financial planning firm.
The firm picked up a voicemail from one of their clients, the message was along the lines of “can you call me regarding the email you sent me last night please, I have been transferring funds to the bank account you recommended so wasn’t sure why you were emailing me on this” – the firm NEVER sent this email…
When the firm spoke to their client, it transpired that a few months ago they received an email from what they thought was their adviser, letting them know about an incredible opportunity to transfer funds to a bank account that would give 2.5% interest! The client did just this and ended up transferring more than £150,000 over a few months.
So how were they fooled?
Firstly, the client had their email account hacked. The hackers must have trawled through their inbox and found communications from the firm to their client, indicating a relationship and wealth.
This is when they started their plan of emailing the client pretending to be the firm.
The scammers sent the client an email which looked very similar to the usual firm email address. Using my own email as an example: firstname.lastname@example.org and comparing this with email@example.com LOOK CLOSELY and you will see the ‘i’ in Serenity has been replaced with a ‘l’.
This email was dressed up to look as though it had come from the firm. Their footer, links, and signatures had all been copied.
The receiving bank has been contacted but as the company who has received the funds is a legitimate limited company, the bank is declaring it is out of their hands. It is now over to the police and fraud department to try and help.
Here are some ways that you can protect yourself:
- Ensure that you have anti-virus software on all devices used.
- Do not allow any third party, regardless of whether they say they’re from a bank or provider, to access your laptop. I.e., do not allow TeamViewer access.
- Whenever you see an email purporting to be from a familiar company, take the time to read it properly. People often skim read. When they receive an email, they see who it is from, the email heading and skim read the main content. When you’re really busy with work and life, it is easy to just skim read, respond, and then feel the email has been dealt with.
- Does the email footer look correct? Does the language look correct? Does the email have names spelt correctly? Are there many typos which you would not expect from the firm?
- If you receive a random email suggesting that you invest into a product, even a bank account, then regardless as to whether the subject has been discussed before, give the office a call to ensure the email is legitimate.
- In the event that you do get scammed, you should change all of your passwords. If the scammer has accessed your computer, it may mean that this would need to be wiped back to factory settings.
What we do at Serenity to help keep you safe:
Our Serenity Client Portal
Many of our clients will be familiar with our Serenity Client Portal. Our first method of sending client documents will always be via the portal, unless this has been agreed otherwise.
Secure portals are a great way to keep your email accounts separate so even if your email is hacked, the portal and the documents within it will remain safe.
Password protecting documents
In the event that we are unable to send you documents using the Serenity Client Portal, we do have the option to send things to you using a Dropbox Link. This link will always be password protected.
As a reminder our office number is 01522 845004 and the team are available from 9am until 5pm, Monday to Friday.
If you call us out of hours, you can leave us a voicemail, and someone will get back to you the next working day.