Tips for protecting your personal information
Over the past decade, most people have likely had at least one experience where a fraudster has tried to use their credit card or steal their identity. According to SCAMwatch Australia, a reported $4 billion is expected to be lost to scams in Australia in 2022. We are all working to be more vigilant to protect our online identity and information.
People most vulnerable to identity theft are children (lack of awareness) and seniors (less tech savvy). Prolific social media users also often share information that contains identifying personal details.
Our team has certainly seen improvements in cybersecurity across the financial institutions and custodians we work with over the years. Two factor authentication is now common for accessing all client information we deal with.
Conversely, we have seen the quality of scam texts and emails also improve. Just this week I received a text reporting to be from ANZ. I don’t bank with ANZ so knew instantly it was a scam, but at first glance the text looked legitimate.
To help ensure your ‘scam radar’ remains strong, here are some practical tips for dealing with emails, texts and phone calls:
Is the individual, organisation, or government body who they claim to be?
If you receive a phone call from someone claiming to be from a well-known organisation asking for personal or financial information, we recommend you:
Hang up immediately.
Consider contacting the organisation as they may be able to confirm your suspicions.
Please note when we initiate a withdrawal payment (at a client’s request) from a cash account under our management, such as a cash account attached to a Macquarie or Netwealth custody platform, once we submit the signed withdrawal form, it is now standard practice for the custodian to call the client to verbally confirm the transfer. As part of the phone call, they will request confirmation of some personal details to verify your identity. We endeavour to forewarn you of this phone call when processing withdrawal forms. If you are uncomfortable with this process, you can request a transaction ID number and phone the custodian back (so you feel comfortable you are talking to the actual financial institution) on:
Macquarie: 1800 806 310
Netwealth: 1800 888 223
BT: 1300 784 207
Consider using tools to help protect and secure digital devices from scams
Protecting devices and online security is critical and should occur continuously. You can:
Install anti-virus software (not just on your computer, but also on your phone).
Monitor credit/debit card transactions to ensure there is no unauthorised activity. Unknown $1 transactions are common in identity theft. The thieves make a tiny innocuous transaction to make sure the card works before they sell the card-info to someone else. You need to report even small fraudulent charges ASAP and get a new card, before they're inevitably followed by much larger charges. (This has happened to me twice over the past 7 years – I now use one credit card for regular direct debits and another for all online purchases because it is painful resetting all your regular direct debits).
Do not click on any suspicious links sent via text or email - even if it states it is from a trusted organisation like Australia Post
If you receive a text or email containing an urgent call to action followed by an unusual link with suspicious random numbers and letters, it is most likely a scam. Avoid clicking on the link provided and delete the message immediately.
If you are approached by a scammer, there are several things you can do:
Report the scam to SCAMwatch Australia – scamwatch.gov.au/report-a-scam
If you have lost money to a scam, contact your financial institution immediately. Also let your advisers at Lorica Partners know so we can be vigilant reviewing your investment accounts for unusual activity.
If you have provided personal information and are concerned your identity may be compromised, contact IDCARE for free support on 1800 595 160.
We also wanted to share actions we take at Lorica Partners to help protect your information:
We never accept email instructions to transfer funds to a bank account not already known to us and linked to your bank accounts. We will always call you to confirm the transaction first
When providing you with bank details for transactions, we will either send it in a PDF document or provide the details by phone or text. Be mindful cyber criminals can easily amend bank account details sent via email.
We use LastPass to protect our passwords.
We have regular cyber security training for team members, including sending fake phishing emails to test if people delete them or click the links.
If we receive an unusual request via email, we will always call you. Over the years Gmail accounts have appeared particularly vulnerable to hacking – we have received numerous emails from client Gmail accounts which have been hacked. Thankfully to date we have identified each threat and been able to notify the client.
Christmas is a particularly busy time for scams - like Christmas e-card and parcel delivery scams – so please remain vigilant over the months ahead.
Author: Rick Walker