As online scams become more prevalent and sophisticated, it is important to understand what you can do to protect yourself. Cybercriminals use a variety of techniques to exploit you, and can even trick you into transferring money or allowing them to access your sensitive data.

One common strategy is to collect information about you from social media. The scammer will then reach out using this personal information to create an emotional connection. Some scammers will pose as a romantic partner, persuading you to send money toward an end goal of being together. An investment scam usually offers a “once in a lifetime opportunity” to get rich quick. A lottery scam aims to delude you into believing you have the winning ticket. There are also fear-based scams, where the cybercriminal poses as the IRS saying you owe money to the government. These criminals may impersonate technology support or customer service to try and encourage you to change your password. In an emergency scam, you are duped into believing a loved one is in trouble and needs cash to escape a perilous situation. In each instance, they will use the relationship they have established to convince you to transfer funds to a third party or allow them to access your data. There will often be a sense of urgency created to speed up the process and prevent them from being caught. You should be wary of people who reach out online especially if they refuse to connect over the phone or in person and are requesting money. It is important to ask questions, do research, and check credentials. If you are offered an investment opportunity, you should not feel pressured to invest immediately, but rather check with your advisor before acting.

While many are familiar with telephone scams, email remains the primary gateway to cyber fraud. In a business email compromise, also known as an email account compromise, a cybercriminal will leverage email to request an unauthorized transfer of funds. Spoofing is another technique where the bad actor creates an email which resembles a legitimate email, but with one different character, allowing them to communicate with you unknowingly. If you notice a change in tone, spelling or grammatical errors, or a false sense of urgency, you should be cautious and carefully check the address from which the email is sent. Another tactic cybercriminals may use is a phishing attack, where malware is installed when you click a link or open an attachment. It is important never to click links or open attachments in emails that look suspicious. Malware may give them the ability to record your keystrokes, steal your password, and access your email or accounts. This enables the criminal to impersonate you online and request or change fund distributions instructions. For this reason, Nelson Capital will never distribute wire funds to third parties from email instructions alone and will request a phone call to verbally verify instructions. We also always recommend clients avoid using email to send documents with sensitive information such as tax returns, social security numbers, or account numbers.

One simple step you can take to protect yourself online is to change your passwords.

• Passwords should be at least 12 characters in length with a mix of upper and lower case, letters, numbers, and symbols.
• It is best to avoid using personal information such as the names of family members or pets.
• A good way to create a complex password is to string together a series of words.
• The best practice is to have different passwords for different website in the event you get hacked.
• If you use a password manager, ensure it is reputable.
• A multifactor authenticator is a tool which will require a code generated from a personal device to verify the password. Multifactor authentication makes it 99% less likely you that will be hacked.
• You should never share your passwords with anyone, and you should review your accounts daily.

Many custodians now offer Trusted Contacts on brokerage accounts which enables you to designate someone you know as a backup contact on your account. If you come across a suspicious email or are contacted by someone online you do not know, reach out to your advisor immediately to verify the authenticity.

Individual investment positions detailed in this post should not be construed as a recommendation to purchase or sell the security. Past performance is not necessarily a guide to future performance. There are risks involved in investing, including possible loss of principal. This information is provided for informational purposes only and does not constitute a recommendation for any investment strategy, security or product described herein. Employees and/or owners of Nelson Capital Management, LLC may have a position securities mentioned in this post. Please contact us for a complete list of portfolio holdings. For additional information please contact us at 650-322-4000.