We hope you are enjoying fall! Recently we have received several calls from clients regarding text messages purportedly from Fidelity about “fraud detected on accounts”. If you receive a text message like this, please note that it is a Phishing attempt and not real. Fidelity will NEVER text clients if there is fraud detected on their accounts.
To help you better protect yourself and your accounts, below is information from Fidelity’s website on how to Identify, Avoid and Report any Phishing attempts to Fidelity.
How to identify phishing, fraud, and other scams
Keep an eye out for the common signs of phishing and other types of fraud, and act quickly to protect your accounts.
What is phishing?
Phishing attacks are fraudulent communications pretending to be a person or institution you trust to access your personal information. Cyber criminals are constantly trying to access private data through emails, text messages, and phone calls. These communications may appear legitimate, but they can be filled with malicious links, attachments, and other deceptive methods designed to steal your information.
You may be familiar with the term “phishing," which specifically refers to email scams. But there are more locations and tactics being used by criminals than ever, including:
- Smishing: Text messages claiming to be a business you trust that usually contain a fraudulent link
- Vishing: Phone calls that attempt to trick you into providing sensitive information, or giving access to your computer, by claiming to be a representative from a company you do business with
Tips to identify phishing and other fraud attempts
Be on the lookout for these common tactics used by scammers.
Be wary of unexpected communications
Avoid opening links or attachments in an email or text message you are not expecting. Don't answer the phone unless you recognize the phone number and are expecting the call (it’s easy for fraudsters and cyber criminals to "spoof" a phone number, and make it appear as though they're calling from a reputable organization).
Reputable businesses will not contact you to request your personal information
Fraudulent emails, text messages, and phone calls will often contain a request for personal information to obtain access to your financial assets, identity, and/or personal computer.
Verify the sender—looks can be deceiving
Sometimes, it's tricky to tell when an email, text, or phone call is legitimate, or just looks or sounds like an authentic communication. With the prevalence of artificial intelligence, it’s easy and quick for cyber criminals to craft messages with perfect spelling and grammar.
Make sure the company that is represented is one you trust, and that you’re expecting the communication.
Don't let your emotions get the best of you
If the email, text message, or phone call sounds too good to be true, it likely is. If it's attempting to play on your fear or emotions, e.g., provoking a strong sense of loss if you "don't act now", that should be a red flag.
Common types of scams
Many times, these scam attempts follow a certain playbook. Here are a few of the most common types of fraud that you may encounter.
- Grandparents scam: Scammers call or email posing as a grandchild/family member in distress who needs money (usually via gift card or cash) immediately.
- Romance scam: Criminals using dating websites, apps, or social media to build rapport and trust—and then start asking for money.
- Lottery/inheritance scams: Fraudsters send fake letters or emails telling people they must pay an up-front fee to claim the prize
- Imposter scams: A criminal calls pretending to be from Fidelity Investments or another reputable service provider, and requests you send them back a one-time passcode that the criminal has generated through fraudulent web activity, such as attempting to reset your password.
- Remote access scams: A criminal will call and claim to be from a well-known company. They’ll request access to your computer, and, if granted access, they’ll try to make you believe that you have a serious problem like a malicious software infection that you’ll have to pay them to fix. Or they may use this access to your computer to login to various accounts you have with different providers, using your stored browser passwords.
Where to report suspicious activity to Fidelity
If you receive communication that you believe is attempting to impersonate Fidelity, please email
phishing@fidelity.com with:
- The suspected email as an attachment
- Your full name, email address, and phone number associated with your accounts. Do not include any account number, username, or password.
- Your yes-or-no answers to the following questions:
- Did you open any links or images within the suspected email?
- Did you enter or submit your login credentials?
Fidelity’s security experts will investigate to determine if it's a fake. If it is, They'll get the source of the email, and any fake websites shut down as quickly as possible. Reporting these emails helps you protect yourself - and everyone else, too.
IMPORTANT DISCLOSURE INFORMATION
Please remember that past performance is no guarantee of future results. Different types of investments involve varying degrees of risk, and there can be no assurance that the future performance of any specific investment, investment strategy, or product (including the investments and/or investment strategies recommended or undertaken by New England Capital Financial Advisors, LLC [“NECFA”]), or any non-investment related content, made reference to directly or indirectly in this blog will be profitable, equal any corresponding indicated historical performance level(s), be suitable for your portfolio or individual situation, or prove successful. Due to various factors, including changing market conditions and/or applicable laws, the content may no longer be reflective of current opinions or positions. Moreover, you should not assume that any discussion or information contained in this blog serves as the receipt of, or as a substitute for, personalized investment advice from NECFA. To the extent that a reader has any questions regarding the applicability of any specific issue discussed above to his/her individual situation, he/she is encouraged to consult with the professional advisor of his/her choosing. NECFA is neither a law firm nor a certified public accounting firm and no portion of the blog content should be construed as legal or accounting advice. A copy of the NECFA’s current written disclosure Brochure discussing our advisory services and fees is available for review upon request or at www.newenglandcapital.com. Please Note: NECFA does not make any representations or warranties as to the accuracy, timeliness, suitability, completeness, or relevance of any information prepared by any unaffiliated third party, whether linked to NECFA’s web site or blog or incorporated herein, and takes no responsibility for any such content. All such information is provided solely for convenience purposes only and all users thereof should be guided accordingly. Please Remember: If you are a NECFA client, please contact NECFA, in writing, if there are any changes in your personal/financial situation or investment objectives for the purpose of reviewing/evaluating/revising our previous recommendations and/or services, or if you would like to impose, add, or to modify any reasonable restrictions to our investment advisory services. Unless, and until, you notify us, in writing, to the contrary, we shall continue to provide services as we do currently. Please Also Remember to advise us if you have not been receiving account statements (at least quarterly) from the account custodian.