High-tech hackers using spyware are costing US discount brokerages millions of dollars in repayments to clients who have been victimised by fraud, the brokerages have revealed.
The US Securities and Exchange Commission notified earlier this month that scammers were hijacking online brokerage accounts, using spyware and operating from remote locations.
TD Ameritrade Holding on Tuesday became the latest brokerage to confirm the problem. It said it cost $4m (£2m) in the third quarter to repay customers whose accounts had been hacked.
Harder-hit was rival E*Trade Financial, which last week said its fraud losses ballooned by $18m in the third quarter from swindlers who stole clients' identities and manipulated their accounts.
Both brokerages promise to repay clients who lose money through such frauds. A delegate for a third discount brokerage, Charles Schwab, said the company hasn't seen "anything unusual enough to merit a disclosure".
"During the quarter E*Trade, like a number of our competitors, experienced a significant increase in losses resulting from fraud relating to identity theft," said Jarrett Lilien, president and chief operating officer of E*Trade, on last week's conference call.
TD Ameritrade chief executive Joseph Moglia said that all those who stole clients' identities did so by using public computers rather than hacking into the Omaha, Nebraska-based company's internal systems.
He called the $4m hit "not material at all. This gets a lot of attention but it's not affecting the share price," he said.
TD Ameritrade shares fell 79 cents, or 4.8 percent, to close at $15.84, making them the top decliner on the Amex Securities Broker Dealer index. Moglia blamed the share price fall on a cut on its projections for 2007 earnings.
Both E*Trade and TD Ameritrade said they were strengthening their defences.
"We've seen that level of fraud in the last three weeks or so reduced to almost zero as a result of the changes we're making," E*Trade chief executive Mitchell Caplan said in last week's conference call.
But Gwenn Bezard, an analyst with Boston-based consultant Aite Group, said E*Trade had previously made big efforts to bolster security and the $18m increase was a sign of hackers' resiliency in combating fraud prevention efforts.
"It's a reminder that though you may have stronger authentication, it may not protect you from other types of scams," he said.
Both E*Trade and TD Ameritrade said they are working with investigators at the SEC, the FBI and other agencies to crack down on the scammers.
About 25 percent of US retail stock trades are made by online investors through roughly 10 million online accounts, according to brokerages regulator NASD.
In many of the schemes outlined recently by SEC officials, crooks will load a victim's computer or a public PC with a spy program to monitor a user's activities and capture vital information, such as account numbers and passwords.
The program then emails the stolen information back to the thief, who can use it to open the victim's accounts.
Once inside, the thief may sell off an account's portfolio and take the proceeds. Or electronically hijacked accounts may be used for "pump-and-dump" schemes to manipulate stock prices for profit, SEC officials have said.
|
