A series of high-profile cyber-attacks on major companies in the past year has compromised tens of millions of data records — so many Australians have had their data accessed. Most Australians have either been directly impacted or know a close family member or friend who has fallen victim to these data breaches.
Financial advisers play a prominent role in protecting clients.
Australians lost more than $3 billion1 to scams last year and the rising danger of identity fraud from stolen personal information means advisers must be vigilant in safeguarding against this threat.
But what is identity fraud? How does it happen? Why does it matter?
And how can you protect yourself and your clients?
Merryl Tidyman, BT’s Executive Manager Fraud and Financial Crime and Vicki Misitano, BT’s Senior Manager Fraud and Financial Crime, explain.
“The most common type of fraud we see in the wealth management industry is identity fraud,” says Misitano.
Fraudsters need a set of information known as personal identification information to perpetrate identify fraud.
Sometimes, this happens in the real world — stealing bags or wallets can allow criminals to get access to licences and credit cards.
But theft of personal identification information more often happens online through internet scams like fraudulent emails and text messages pretending to be from a familiar organisation, fake banking and payment websites, or malicious software code that takes information from computers.
Increasingly, telemarketing is also playing a front-line role — cold calls purporting to be from a bank, the ATO or internet service providers.
“And social media — we’ve seen people creating fake social media profiles and then friending people in order to glean information,” says Misitano.
Misitano says all sorts of information can be stolen from names, addresses and dates of birth to mother's maiden names, birthplace details and even credit cards, Medicare cards and passports.
The end result? A fraudster assuming someone else’s identity and using it to commit a crime or steal money.
Compromising a person’s identification information is just the start for cyber criminals.
Once someone has access to an identity, they can use it for accessing and operating accounts, withdrawing money or making requests for early releases of superannuation.
They can also open new bank accounts which can be used to receive stolen money.
One of the most concerning types of cyber-crime is a remote access scam where vulnerable people are tricked into allowing a fraudster to remotely access their computer — often under the guise of fixing a problem. Once the fraudster has access to the computer, they can impersonate the user to operate online banking or send emailed instructions to advisers and banks.
“We see this a lot, unfortunately, in the older age group of our client base,” says Tidyman.
“Be aware that it may happen to your clients, which is quite distressing for them and also can be complex to work through.”
Misitano recalls a recent multi-million dollar fraud that targeted superannuation and share trading accounts.
The perpetrators included a 21-year-old Melbourne woman who acted as the Australian face of the scam.
They used stolen identity information and single use telephone SIM cards to set up as many as 70 bank accounts in the names of the victims and then made withdrawals from the victims’ superannuation and share trading accounts. The scam netted more than $2.5 million into the fraudulent bank accounts, which was swiftly spent in Hong Kong on jewellery and other valuables that were then sold for cryptocurrency.
Misitano and Tidyman have developed some tips for financial advisers to protect themselves and their clients from scams:
“Get into the habit of having robust, strict controls around what it is you do every day,” says Tidyman.
“Don't let that become lax. Make sure that you not only are running good security, but make sure it's up to date… it's incumbent upon you to update when you get that prompt.”
And if something goes wrong?
“Your first port of call in regard to any kind of suspicious activity for BT is through your distribution partner.
“The distribution team know to come to us — so go to them as your first port of call.
“And then if we can't fix it immediately, we may set up a call or we may want to have a talk to you or give you some advice and guidance.
“We stand absolutely ready to help you.
“We've got a strong team of deep subject matter experts covering everything from fraud to financial crime and privacy.”
This document has been created by Westpac Financial Services Limited (ABN 20 000 241 127, AFSL 233716). It provides an overview or summary only and it should not be considered a comprehensive statement on any matter or relied upon as such. This information has been prepared without taking account of your objectives, financial situation or needs. Because of this, you should, before acting on this information, consider its appropriateness, having regard to your objectives, financial situation and needs. Projections given above are predicative in character. Whilst every effort has been taken to ensure that the assumptions on which the projections are based are reasonable, the projections may be based on incorrect assumptions or may not consider known or unknown risks and uncertainties. The results ultimately achieved may differ materially from these projections. This document may contain material provided by third parties derived from sources believed to be accurate at its issue date. While such material is published with necessary permission, Westpac Financial Services Limited does not accept any responsibility for the accuracy or completeness of or endorses any such material. Except where contrary to law, Westpac Financial Services Limited intends by this notice to exclude liability for this material. Information current as at 26 July 2023. © Westpac Financial Services Limited 2023.