Investors and identity thieves prefer online brokerage accounts for the same reason: convenience. The popularity of online investing has led to an increase in unauthorized access by identity thieves. Once the thieves access the accounts they often transfer money to private checking accounts overseas. According to the U.S. Securities and Exchange Commission (SEC), over the last few months there have been numerous instances of unauthorized access.
Vulnerable computer systems are contributing to the problem. Many of the identity thieves are gaining access through malicious computer programs that monitor keystrokes, which reveal account passwords. Another method of unauthorized access is the all-too-common phishing scheme, where a fraudster uses emails and copy-cat websites to trick you into revealing valuable personal information. However, the SEC cautions that low-tech methods are still used, including eavesdropping and dumpster diving.
The SEC has issued a guide for investors. The guide details ways to reduce your risk by tightening your computer security. Online investors should install extra precautions, such as firewalls and anti-virus software. Additionally, investors should be careful to use complicated passwords, log out completely after each use, and not respond to emails requesting personal information. Further, don't access your online account at Internet cafés and libraries. The full guide is available at www.sec.gov/investor/pubs/onlinebrokerage.htm
The National Association of Securities Dealers (NASD) has also issued an alert warning online investors to guard their accounts. Echoing the concerns of the SEC, the NASD also warns investors to be cautious when using wireless connections to the Internet. The NASD encourages investors to take precautions, because unlike credit cards, brokerage firms may not reimburse lost money. The NASD recommends carefully reading the account agreement to determine if you are responsible for securing your own account information. It is also important to know the steps you should take if your information has been compromised.