The holiday season is a time of generosity, but also prime season for cybercriminals. As grantmaking activities escalate this time of year, so does risk of exploitation for your clients and their good work. In fact, a recent Financial Advisor article points to family offices being hit by a wave of cyber threats. Cyber criminals are leveraging advanced technologies from generating convincing phishing emails to creating realistic deepfakes. Now is the time for advisors and firms to stay vigilant and prevent costly mistakes for your clients.
The Changing Landscape and Today’s Red Flags
Subtle signs of fraud can be easily overlooked, especially at this busy time of year. With the onset of artificial intelligence (AI), cybercrime is evolving, and today’s scams are increasingly bypassing traditional safeguards. High-Net-Worth Individuals (HNWI) and the advisors who manage their wealth are often markedly vulnerable to cyber threats due to their public presence and financial standing. Fraudsters easily find information through social media and public records to gain insights on the activities of donors and foundations.
Key Warning Signs To Watch Out For:
1. Requests for urgent payments and/or last-minute changes.
2. Emails from domains that look almost, but not exactly, correct.
3. Video or voice calls with slight distortions or off timing.
Practical Steps to Reduce Risk
You don’t need to be a tech expert to reduce the risks and protect your clients’ philanthropy.
1. Verify before acting.
Confirm any payment or transfer request through a second, trusted, channel. Cybercriminals often create a sense of urgency to avoid anyone having the time to question them, especially during the busy giving season. Double-check any sensitive requests by calling or separately emailing a known verified contact. Replying to the thread might play into the fraudster’s hand!
2. Use multiple authentication methods.
Multi-factor authentication (MFA) combines more than one identity-based security measure (e.g., knowledge, possession, and/or biometric factors) to provide multiple layers of assurance. All money transfer requests should be verified using MFA. Identity can be confirmed in a few ways, such as asking specific security questions, calling a prescreened number, or sending a text message with a specific code.
3. Limit public details and operational information.
Hackers gather intelligence from publicly available information and use it to launch attacks. Audit what is visible on websites and social media to limit how much is being shared about internal processes and financial details. Remove specifics like exact dates for grant cycles and staff contact information.
Cybercrime is evolving, and so must we to ensure donors’ generosity makes it into the right hands. A few proactive steps like increased vigilance, verifying requests, and reducing public information can make a big difference. For more tips to prevent fraud, check out our Best Practices For Philanthropists in our Tech For Good Series.
Learn More About How We Support Advisors
Schedule a call or reach us at 800-839-0054 to learn how we can best support your clients who are passionate about philanthropy. Together, let’s #begiving.
Want More Topics on Tech?
Check out our Tech For Good Series and be sure to subscribe to our blog so you don’t miss a beat!
