ALERT! On Heels Of SEC’s Complaint Against Alleged Latvian Hacker Accused Of Manipulating Stock Prices By Hijacking Brokerage Accounts, FINRA Warns Of Plots Targeting Email Accounts
The Financial Industry Regulatory Authority (FINRA) yesterday issued an alert and regulatory notice, saying that it “has received an increasing number of reports involving investor funds being stolen by fraudsters who first gain access to the investor’s email account and then email instructions to the firm to transfer money out of the brokerage account.”
FINRA’s announcement occurred on the same day the SEC charged that a 34-year-old Latvian trader “broke into” customers’ brokerage accounts between June 2009 and August 2010 and made trades to manipulate the prices of stock he owned to create a personal windfall while causing losses to customers and broker-dealers.
In just one 32-minute period on Oct. 26, 2009, Igors Nagaicevs “generated more $14,000 in illegal profits” by twice taking a position a NYSE-listed security, driving up the stock price by purchasing shares through a hacked account and then “liquidating his position at a profit.”
All in all, Nagaicevs repeated his fraudulent scheme 159 times over 14 months, manipulating the prices of “104 different NYSE and Nasdaq securities” and pocketing more than $850,000 in illegal profits, the SEC charged.
Nagaicevs, in effect, caused his hacking targets to lose at least $2 million while passing the bill for the losses to broker-dealer firms, which reimbursed the affected customers, according to the SEC complaint in federal court.
FINRA did not reference Nagaicevs in its alert yesterday, but warned that email intrusions were on the rise.
“In some instances, the perpetrators appear to have obtained customers’ brokerage information by accessing customers’ email accounts and searching contact lists or emails sent from the account,” FINRA cautioned in its regulatory notice.
After breaching the email accounts, FINRA said, the scammers typically “email brokerage firms from customers’ personal email accounts with instructions to wire funds to an account, often overseas, controlled by the perpetrator.”
Document forgeries may follow the initial email chicanery, FINRA said.
“The instructions may be accompanied or followed by fraudulent letters of authorization also emailed from compromised email accounts. In some instances, firms have released funds after unsuccessfully attempting to verify emailed instructions by phone. In at least one case, the fraudulent email stressed the urgency of the requested transfer, pressuring the firm to release the funds before verifying the authenticity of the emailed instructions.”
Read the FINRA Alert.
Read a new alert from the FBI, the Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Internet Crime Complaint Center (IC3) that warns that scammers are using devious email plots to siphon cash from “banks, broker/dealers, credit unions and other institutions.”
NOTE: If you follow the criminal madness on the various Ponzi-scheme boards, you’ll notice that the new alert from the FBI, FS-ISAC and IC3 cites the type of scam-talk frequently seen on the huckster forums.
An outtake from the alert (emphasis added):
“The excuse is typically based on an illness or death in the family which prevents the account holder from conducting business as usual.”