As advisors, it is our duty to protect the financial interests of our customers. Not only in ensuring their assets are allocated correctly to achieve the maximum return on investment, but also protecting these funds and their owners’ identities from falling into the wrong hands. Unfortunately, cybersecurity threats that seek to steal clients’ assets and identities are increasing at an alarming rate. Here’s what advisors need to know about the various fraudulent methods that are being used by these cybercriminals so they can protect their clients’ interests.

What do these cyberattacks look like?

Identity theft is one of the most common methods of fraud currently in use by cybercriminals. Identity theft attacks can be carried out in multiple ways. Hackers will either infiltrate a customer’s email account or create a fake account to impersonate the customer, either of which can be used to send or intercept communications about the customer’s finances.

Another common method of fraud is carried out by sending “urgent” email or text messages in the hopes that the recipients will click on bad links or supply personal information without taking the necessary due diligence precautions. For example, an individual might receive an email that appears to be from their bank with a subject line “Urgent: Identity Confirmation Required.” The email makes it appear that the bank requires the customer to confirm their identity by following a link and entering in their personal information, usually ending with a threat of closing their account if no immediate action is taken.

Another threat comes from hackers infiltrating non-secure, non-encrypted systems to collect personal data from unknowing individuals to use it against them at a later point in time. There have been multiple headlines over the past few years of attacks which were successfully carried out against retailers possessing customers’ personal information on their network databases.

Fraudulent websites that are used to steal passwords or get victims to click on attachments with harmful malware are becoming more and more prevalent. A real-life example of this is the fake DocuSign emails received by many financial advisors during the summer of 2023, which provided a link to the fraudulent DocuSign imposter website to convince recipients to enter their DocuSign login and password information.

How can advisors protect against cyberattacks?

Advisors should communicate regularly to their customers about the existing threats that are out there so they can be on the lookout. Personal information should never be sent via email without encryption. It is also imperative that URLs and email addresses be verified before clicking on any links or responding to any electronic communications. Many cybersecurity attacks originate in foreign countries where English is not widely used. This helps with detection, as frequent misspellings, grammatical errors or odd groupings of words are almost always telltale signs of hacked communications.

Email accounts are frequently being compromised. Any out of the ordinary, suspicious or urgent email requests, even those that come from a trusted sender, should be verified directly by a phone call or face-to-face discussion. L.M. Kohn has taken additional precautions against attacks by requiring Multi-Factor Authentication (MFA) on all electronically signed documents. Advisors should always take advantage of tools such as MFA whenever possible.

Advisors should verify money movement requests whether by wire, ACH, or overnight check requests to new addresses, bank accounts and especially any third-party requests. Wires are a cybercriminal’s best friend, as they are completed almost instantaneously. If the fraud isn’t detected within 48 hours, the likelihood of recovery is minimal. Always comply with your firm’s WSPs to ensure, when compromised, the validity of Fidelity Bond and/or E&O Insurance claims.


Cybersecurity threats continue to grow in number and sophistication. They have become a very serious and extremely costly business expense. No one is safe from these threats, not even FINRA, which fell victim to several hacking attempts in 2023. Advisors should take the greatest care to remain vigilant, communicate these cyber risks to their customers, verify URLs and email addresses, monitor for suspicious misspellings or other grammatical errors, avoid wire transfers when possible, and know their customers to be able to identify when a communication or request just doesn’t feel right.

To learn more about these threats and ways to avoid them, refer to FINRA’s Common Cybersecurity Threats resource here, or contact us.