We take your data security very seriously at Foresight, but protecting personal details gets more difficult as technology evolves. Ten years ago paying for something by tapping a card on a device seemed futuristic, yet this is an everyday occurrence now. We are using services such as PayPal for more and more purchases and are even starting to get used to paying for items with our mobile phones.
A report in the papers at the end of August really hit home with us and the whole financial services industry. The Financial Ombudsman Service ordered a Financial Adviser to compensate a client after deeming that the Adviser failed to prevent fraud. When seen in black and white the situation does sound quite ridiculous, but in the course of day-to-day life, I’m sure it did not seem so at the time.
Fraudsters hacked into a client’s email and instructed the client’s financial adviser to make a payment into a solicitor’s bank account in Hong Kong. The platform where the money was held refused to send the payment as they could not verify the solicitor in Hong Kong. Instead, they contacted the advisor, who contacted the client via email to advise of the situation. The fraudsters intercepted the email and, acting as the client, provided details of a UK bank account in the client’s name for the transfer. Although the platform queried the instruction because the details did not match those held on the system, the adviser asked that the withdrawal proceed. In the end, the fraudsters got away with £250,000.
At no point was the client contacted by phone to make sure that the request was legitimate.
There are other stories regarding Solicitors being scammed for the proceeds of house purchases on a Friday afternoon and I am sure there are others that go unreported.
We have decided to implement a new set of security measures to protect our clients. We will shortly be asking you to provide us with a password that we will ask you for whenever you contact us for information. If you intend to make any changes to your financial plans then we will also ask two other questions to verify your identity. Any emailed requests for withdrawals will be verified by a phone call from us, even if you have clearly stated what you need, when you need it, and how you need it. And if bank accounts change then we will ask you for written proof of the changes.
We will do everything we can to protect your details but please also help us – if you notice that something is not quite right or is out of the ordinary, don’t be afraid to pick up the phone and let us know. Better to be safe than sorry.