UnThreaded | Threaded | Whole Thread (8) | Ignore Thread Prev Thread | Next Thread
Author: TMFLonghorn One star, 50 posts CAPS All Star Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: of 195  
Subject: Hacker methods for online brokerage accounts Date: 3/9/2008 3:34 AM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Hi all - thought I would pass along some interesting techniques hackers are using online these days - from the most recent Barron's edition (3.10.08):

Hacking in to transfer money to an outside account.
This one was quite interesting: "Rigging an investor's computer to buy penny stocks being sold by a crook at hugely inflated values."
Changing your account address so future checks go directly to them.

The article focused more on what brokerage firms are doing to combat security breaches and gave some overall advice on what best to do:

First off, make sure to use 'https' when logging in to view online information.

Some brokers are using token passwords that change every few minutes - the drawback is you'd have to "carry the token...usually on a key ring or in a wallet."

Fidelity uses encryption so that the user info you enter cannot be read while it is going over the Internet.

TD Ameritrade is introducing technology that remembers which computer client's use to log in to accounts - if from a different computer it requests additional information. I think this is pretty widely available for most brokers/banks already...

Here's a novel approach: to eliminate hacker's ability to steal computer key strokes, TradeKing has users enter passwords "on an on-screen keyboard, using your mouse to select the appropriate characters."

Other than that, there was a general description of algorithms firms use and other firewall or "intrusion detection" technology. Interesting stuff to read about overall, and so far it looks like brokers in general have been able to stay a step ahead of hackers..

Any horror stories out there of ID theft or having account information compromised? I've had credit card information stolen from a Fidelity account, but they promptly credited the amounts after I alerted them...
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Print the post Back To Top
Author: Precedex One star, 50 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 155 of 195
Subject: Re: Hacker methods for online brokerage accounts Date: 3/14/2008 2:09 AM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Another reason I love IBKR. No way in hell someone can hack into my account. I have a token device and I had to jump through numerous hurdles just to change my email address with them. Had to fax them a copy of my driver's license and everything. Their security is insane and over the top, but well worth it.

Print the post Back To Top
Author: TonV Old School Fool Global Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 160 of 195
Subject: Re: Hacker methods for online brokerage accounts Date: 5/28/2008 12:18 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Hi,
I had the pleasure of being called at 1 AM (I live in Vietnam) by a Ameritrade rep: The conversation went more or less like this...

"Do you now what time it is? "
"Yes sir we do, it is now 1AM in Hanoi"
"Then why the ..."
"well we were wondering if you really intended to buy $200,000 worth of penny stocks on margin..."
"gulp.."

Probably checked my account on a public computer that had a key logger installed.
Glad they intercepted the trade. All trades were annnulled (and I had a net profit of 10,000 by then...sigh)

Ton

Print the post Back To Top
Author: TMFDoraemon Big red star, 1000 posts Old School Fool CAPS All Star Global Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 161 of 195
Subject: Re: Hacker methods for online brokerage accounts Date: 5/28/2008 1:11 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Wow. Kudos to Ameritrade for their service. I often wonder how good the discount brokers are at catching these things.

Glad they caught this for you!

Best,

Nate

Print the post Back To Top
Author: jgunnar Big red star, 1000 posts Old School Fool CAPS All Star Global Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 162 of 195
Subject: Re: Hacker methods for online brokerage accounts Date: 5/28/2008 6:09 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Its a big problem, in fact its an actual industry, so hacker is a bit of a misnomer, its organized crime. If you go here you can see some new research from McAfee on market value for online banking

http://www.avertlabs.com/research/blog/index.php/2008/05/07/...

All the big name banks are represented, and you can buy a username and password for about 8% of the account value. So a username and password for an account with $10,000 would sell for about $800. Here is the kicker - they offer a money back guarantee! So if it doesn't work you get a refund and can try again. Its a big industry with a lot of upside and no barriers to entry.

-Gunnar

Print the post Back To Top
Author: Diprivan12 One star, 50 posts Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 163 of 195
Subject: Re: Hacker methods for online brokerage accounts Date: 5/29/2008 1:47 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
I don't understand how hacking into a brokerage account and conducting rogue trades can be "helpful" to the criminal. How do they get the money out? BTW, if you want the ultimate in security, I can't recommend IBKR enough. Accounts over 100K get a physical token and you wouldn't believe the hoops I had to jump through just to change my email address. It is almost annoyingly tight, but that's better than any change of a break in.

Mark

Print the post Back To Top
Author: jgunnar Big red star, 1000 posts Old School Fool CAPS All Star Global Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 164 of 195
Subject: Re: Hacker methods for online brokerage accounts Date: 5/29/2008 2:03 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 1
Mark - they buy a bunch of a penny stock in their "real" account that they control. Then the steal/buy your username/password, log into your account and buy 6 figures worth of penny stock which drives up the share price. Then they sell at the higher price in their "real" account.

http://www.google.com/search?q=pump+and+dump&ie=utf-8&oe=utf...

Good times.

-Gunnar

Print the post Back To Top
Author: Diprivan12 One star, 50 posts Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 167 of 195
Subject: Re: Hacker methods for online brokerage accounts Date: 6/6/2008 12:16 AM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Gunnar,

Wow! That is pretty damn scary!!! Makes me really glad I have a physical token. Hopefully, this device is full proof. I guess one needs to check their account daily in this day and age....

Mark

Print the post Back To Top
UnThreaded | Threaded | Whole Thread (8) | Ignore Thread Prev Thread | Next Thread
Advertisement