Schwab Account Owners Targeted in New Phishing Scam

May 24, 2023

Recently, Schwab notified our team of a new sophisticated scam targeting account owners which we want to share with our clients and friends of our firm.

This advanced scheme combines elements of electronic tech support scams with impersonations of real personnel at the Federal Reserve and Schwab to attempt to obtain access to your assets and other sensitive data. While this latest scam is specifically targeting individuals with Schwab accounts, we want to share this information more broadly in the case that these attempts begin to emerge with other financial institutions.

Most importantly, if you are contacted by someone perpetrating this fraud please reach out to your Litman Gregory advisor or client service team immediately.

How this fraud attempt works

  1. The Schwab account owner receives a pop-up message appearing to be from either Microsoft or Apple warning that their computer has been compromised.
  2. The pop-up message instructs the account owner to call a provided “tech support” number that connects them to a fraudster.
  3. After the account owner speaks with the fraudster, they are contacted by another individual claiming to be a “security officer” with Schwab and who will inform them that their Schwab account is “compromised.” The Schwab impersonator will then tell the account owner they must transfer their funds into an account in “federal custody,” and their money will be returned in three business days once the Schwab account has been “encrypted” for safety.
  4. Once the account owner follows these instructions, their money disappears.

Additionally, Schwab account owners involved in the scam have received personalized letters in the mail that purport to be from the Federal Reserve, referencing the real names and titles of genuine Schwab personnel, tech company employees, and FDIC analysts who are supposedly the individuals contacting them by phone. The letter encourages account owners to verify each person’s identity through their LinkedIn profiles, making the scam even more convincing.

Steps you can take to protect your accounts

To protect yourself from this and other fraud attempts, the following are some online safety tips to keep in mind:

  1. Do not click on links or call phone numbers based on instructions from a computer pop-up.

  2. Always verify the phone numbers for tech support providers independently by going directly to the vendor website.

  3. Never grant remote access to your Schwab accounts (or any other financial institution) to anyone.

  4. Do not share verification codes received by text or email with anyone.

You can find more steps you can take to protect yourself against cybersecurity risks as well as actions our team takes to protect our clients’ financial information in our blog post published last Fall. Schwab has also provided the following resources to learn more about scams, phishing and other fraud tactics: Cybersecurity Resource Center and Scam Brochure.

Please reach out to your Advisor and/or our Client Service team if you suspect that you have been involved in a fraud attempt or have any questions.

 

Posts from Litman Gregory Wealth Management represent opinions only and are not intended as investment advice. We ask that you do not share any personal investment experience regarding our products and services. Litman Gregory Wealth Management reserves the right to remove user comments for any reason, and we are not responsible for, and do not endorse, any opinions, statements, or links posted by third parties on this page.
Please review our important risk information with the following link: https://lgam.com/terms-of-use/