Smarter Scams, Sharper Defenses: Cybersecurity in 2025

October is “Cybersecurity Awareness Month” – a timely reminder that protecting wealth isn’t just about the markets and investments.

Increasingly, fraudsters see financial accounts as prime targets, and their scams have become more polished, more convincing, and harder to detect. Our team has seen firsthand how convincing these attempts can be: emails that appear to come from custodians like Schwab or Fidelity, urgent calls that sound professional, or even messages that look like they came from a trusted contact’s own inbox. Fraudsters know that if they can compromise email or financial accounts, the consequences can be severe.

The Big Shift in Cybercrime

Not long ago, scams were often easy to spot – riddled with typos or obvious red flags.

Today, fraudsters use professional language, realistic logos, and even spoofed caller IDs to impersonate trusted sources. Their goal hasn’t changed – separating you from your money or information – but the tools are sharper and the attempts harder to distinguish from the real thing.

For clients, this means that financial accounts, wire transfers, and online logins have become a top target. That’s why vigilance is as essential to wealth protection as diversification and planning.

How Scams Target People Differently

Some ways in which fraudsters attempt to gain access to information or account details may include:

• Phone calls or emails that appear to come from trusted institutions like the IRS, Social Security, Medicare, banks or even custodians.
• Attempts to gain access to email or “account takeovers” by using communications that look like authentic instructions from a financial institution, employer, or even a Litman Gregory Wealth Management team member – often requesting an urgent response (i.e. providing information or clicking a link).
• Targeting users on social media and other applications with phishing links, fake investment schemes, or giveaways designed to harvest personal and financial information.

No matter the method used, the endgame is the same: gaining access to your accounts or personal information. That’s why it’s critical to recognize the tactics and respond with a consistent set of defenses.

Core Defenses That Work for Everyone

To keep your personal information and accounts secure, a few key principles remain powerful:

• Verify before you act: If you receive a request involving money movement or account access, confirm it independently. Call your institution or advisor directly using a known phone number.
• Protect your accounts: Use strong, unique passwords and enable multi-factor authentication. Consider setting up alerts from custodians like Schwab or Fidelity for logins and transfers.
• Be wary of urgency: Fraudsters rely on pressure. If you’re told you must act immediately, slow down – that pause can save you from a costly mistake.
• Use secure channels: Never email sensitive personal identification or financial details (ID numbers / cards, birthdates, passcodes, account numbers, bank statements, etc.). Email compromises are very common. Think of email as a postcard – would you want strangers having access to the information in your email account?
• Protect your personal information: Limit the amount of personal information you post on social networking sites. Sharing too much can make you susceptible to fraudsters who collect personal information to customize their attack to a real life event/transaction and pass authentication tests more easily.

These are the same practices we use in our own operations. For example, no client funds move without verbal confirmation, no matter how authentic an email may appear. Our team also undergoes regular cybersecurity training and simulations so we can stay alert to the latest tactics.

Our Role as Your Advisor

Protecting wealth is not just about making the right investment decisions – it’s also about defending against risks that could erode it. At Litman Gregory Wealth Management, we’ve built multiple layers of safeguards into our processes:

• Client fund transfers and other sensitive requests are subject to multi-factor verification, which may include verbal confirmation
• We use encrypted communication channels and maintain systems designed to protect client data in accordance with industry standards
• Strict internal controls that limit access to client information

Fraudsters may be getting smarter, but by combining vigilance at home with the protections we maintain as your advisor, you can keep both your finances and your peace of mind secure.

Disclosure:

This material is provided by Litman Gregory Wealth Management, LLC (“LGWM”) for informational purposes only and should not be construed as personalized advice or a recommendation to engage in any specific security, transaction, or strategy. The information provided herein is believed to be reliable but may change without notice and is not guaranteed for accuracy or completeness. Cybersecurity measures reduce but cannot eliminate all risks of unauthorized access to information. Clients are responsible for maintaining their own security practices. LGWM is an SEC-registered investment adviser. For additional information about our services, please refer to our Form ADV, available at adviserinfo.sec.gov or upon request at [email protected].