26 Percent Of Brokers Have Lost Money To Scam Emails: SEC

26 Percent Of Brokers Have Lost Money To Scam Emails: SEC

Reports from the SEC and FINRA on cybersecurity in the finance industry show varied levels of preparedness and the potential for big, unforced errors

Two reports on cybersecurity in the finance industry from the SEC and FINRA released this week are light on detail but give the impression that there’s still a lot of work that needs to be done if high profile attacks like the one against JPMorgan earlier this year are going to be avoided.

Play Quizzes 4

SEC gives more information on the current state of finance cybersecurity

Of the two reports, the SEC gives us more information about what the finance industry is currently doing to protect itself, while FINRA is focused on best practices that it believes brokers and advisors should take (it’s careful to point out that none of the suggestions imply any new regulations in the pipeline). But even then it’s hard to know what the survey really means.

How Value Investors Can Win With Tech And “Fallen” Growth Stocks

Valuation Present ValueMany value investors have given up on their strategy over the last 15 years amid concerns that value investing no longer worked. However, some made small adjustments to their strategy but remained value investors to the core. Now all of the value investors who held fast to their investment philosophy are being rewarded as value Read More

For example, the SEC says that 98% of brokers and 91% of advisors use encryption in some form, but it doesn’t tell us if they’re using it correctly (there are plenty of dumb ways to use any security tool) or what is being encrypted: client data, email communications, login credentials? That the vast majority of brokers are doing something doesn’t mean they are following best practices.

Scam Emails Brokers SEC

Brokers are still falling for phishing attacks

Probably the most disturbing finding in the SEC report is that 26% of brokers reported individual losses above $5000 because they fell for scam emails asking them to transfer client funds with one broker losing $75,000, and it doesn’t say how many accidentally sent off smaller amounts. That’s not just embarrassing, it shows how little thought brokers are putting into cybersecurity. If you can’t even get people to stop falling for phishing scams, it’s not terribly realistic to expect them to follow more demanding operational security protocols.

While the client who lost $75,000 was made whole, the SEC writes that “written policies and procedures generally do not address how firms determine whether they are responsible for client losses associated with cyber incidents.”

Vendors also need proper security training

While the quality of security training that brokers and advisors offer their staff needs to improve, only 51% of vendors and 13% of advisors have policies about the training of their vendors’ staff, even though vendors have access to their clients’ network and many firms report being attacked indirectly through vendors.

Updated on

Michael has a Bachelor's Degree in mathematics and physics from Boston University and Master's Degree in physics from University of California, San Diego. He has worked as an editor and writer for several magazines. Prior to his career in journalism, Michael Worked in the Peace Corps teaching math and science in South Africa.
Previous article Purdue University The First To See A Physical Amazon Store
Next article FCC Proposes Regulating Internet Like A Utility

No posts to display