Hackers allegedly emptied brokerage accounts with a simple email scam — here’s how to protect yourself
In November, prosecutors in New York stated that a Lithuanian man named Vytautas Parfionovas and an unknown co-conspirator emptied the brokerage accounts of several victims, ultimately stealing hundreds of thousands of dollars. The cybercrimes occurred over eight years, starting in 2011, and consisted of the two perpetrators tricking day traders and financial advisors into liquidating securities, wiring cash from brokages and establishing fraudulent trading accounts under the victims’ names. Parfionovas was extradited to the US from Ukraine on November 21.
In an email compromise attack, the scammer often spoofs the email of a trusted third party and using the spoofed email to communicate with the victim. In one case, Parfionovas found credentials to a compromised AOL account and used it to find the victim’s financial advisor, eventually emailing the victim from the compromised email account to request a wire transfer of USD $225,000 into a UK based account. In light of the Parfionovas case, experts advise people to know their advisors well, pay close attention to signs that an email account may have been compromised, and to communicate fast if you believe you may have been scammed.