Finra warns of old-school phone phishing scam

Wall Street regulator Finra has put out an alert warning investors about an uptick in old-fashioned phone-based phising scams.

  0 2 comments

Finra warns of old-school phone phishing scam

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

Crooks are cold calling people claiming to represent at least one well known brokerage firm, warns the watchdog.

The scammers offer information about certificates of deposit with yields well above the best rates in the market in an attempt to lure victims into handing over personal or financial account information.

Gerri Walsh, SVP, investor education, Finra, says: "If you are not sure that the person on the other end of the line is a legitimate representative of your firm, quickly end the call and get in touch with your firm's customer service centre".

Sponsored New Event Report – Natural Capital Finance

Comments: (2)

A Finextra member 

It's good advice but calling the FI's customer service number usually results in an interminable voice-response based menu in which the option of talking to a real person is deliberately well hidden, then you are req’d to hold for an indeterminate period (so you can’t do anything else except wait)……….surely there's a better way?

Pat Carroll

Pat Carroll Founder/Executive Chairman at ValidSoft

There are two parts to solving a telephone scam like the one that Wall St regulator Finra is warning investors about.

The first part is mutual authentication, whereby the bank has to properly authenticate itself to the customer. It could stop this style of scam at source. If, for instance, customers recorded their own greeting with their bank – using their own voice – and the bank replayed that greeting whenever it contacted the customer by phone, then the customer could have a very high level of confidence it was indeed their bank on the phone.

There is increasing emphasis on the need for customers to prove their identity to banks, but in my opinion, banks should also bear the responsibility of proving their own identity to customers. The technology already exists to do this, and could also be applied as another layer in solutions to combat online and mobile banking fraud too.

The second missing piece of the jigsaw is customer education. I strongly support the views of people like Shirley Inscoe, senior fraud analyst at AITE, who advocates banks educating their customers about the types of fraud that could affect them.

Banks not only need to highlight the types of scams in existence but also explain to consumers how security technology could work for them. Being able to get the customers’ buy-in on using the likes of voice-based mutual authentication is essential if this is to work. That is not to say security procedures should be overly onerous. The security industry already rightly appreciates that there is a fine balance between strong authentication and user-friendliness. Finding that balance can be tricky, but having a mix of visible and invisible layers of security would make the process easy for the consumer, but still sufficiently strong for the bank.

[Webinar] PREDICT 2025: The Future of Faster Payments in the USFinextra Promoted[Webinar] PREDICT 2025: The Future of Faster Payments in the US