Safeguard Your Assets Against Cyber Attacks

cyber attackThe cyber attack this summer on JPMorgan Chase compromised the accounts of 83 million households and 7 million small businesses. Last year, the information of 40 million cardholders and 70 million others was breached at Target. In September, hackers got 56 million names, addresses and phone numbers at Home Depot. Fortunately, it has been reported that the various hackers did not get detailed information such as account numbers, passwords, social security numbers and dates of birth. Even so, cyber attacks are on the rise.

The financial industry is working on prevention- JPMorgan, e.g. plans to spend $250 million per year on security. Congress is discussing legislation. Regardless, individuals need to take primary responsibility for the safety of their identity and assets.

Therefore, we thought we would recap some of our earlier comments regarding prevention of identity theft. In addition, we’ll update you on the safety of your accounts at Schwab and your 401(k) plans.

Here’s what you should do re digital security:

  • Choose tough to decipher passwords
  • Use anti-malware/spyware and anti-virus programs
  • Don’t respond to “phishing scam” e-mails
  • Shop online only on secure sites
  • Don’t use the same password for multiple sites

Here’s what to do at home:

  • Shred everything with sensitive information
  • Protect snail mail
  • Don’t fall for telephone scams
  • Use a bolted-down safe for important documents

When out and about:

  • Limit the amount of information you provide at store checkout registers
  • Avoid “shoulder surfers”
  • Watch what you carry
  • Carry your wallet in your front pocket, if possible


  • Change your credit card to include a PIN
  • Monitor your credit card and bank activity at least every few days
  • Order a free credit report
  • Put a security freeze on your credit files to prevent new accounts

At the same time, we’re pleased to report that assets held at Charles Schwab & Co. or company 401(k) plans should be secure. Here’s Schwab’s guarantee: “Schwab will cover 100% of any losses in any of your Schwab accounts due to unauthorized activity.”

Schwab monitors every disbursement from each account. Anytime a transfer request comes through to send money to a third party, Schwab will first contact the investment adviser, such as DWM, to make sure we have talked with the client and that this disbursement is authorized. In addition, in many cases, Schwab will also contact the account holder directly. We’ve seen phone calls on transfers of as little as $600. We and Schwab recognize that it’s a bit of a pain to have to answer a call about a transfer for which you have already signed, but in this day and age of hackers, it’s a necessary and valuable procedure.

A few caveats about the guarantee. First, account holders need to safeguard their account access information including login ID, password and security questions. If they share it with anyone, Schwab will not cover the loss. This information is not shared by Schwab with us, Orion, or any other party. Second, if you suspect you have been a victim to activity you didn’t authorize within your Schwab account, Schwab needs to be notified immediately.

Unauthorized activity in a 401(k) or similar account would be very difficult to accomplish. First, there are only certain times that a participant could request funds from the account. They could do it to borrow money from their account, when they terminate employment, or when they have an in-service withdrawal. All of the requests are typically done through the human resources department of the employer and require signed documentation. In addition, we have only seen transfers from 401(k) plans either go directly by wire, trustee to trustee, to the same registration at a new custodian or, in the case of a check, mailed to the participant’s home address and made payable to the participant and the new custodian.

In addition, we have been asked about the cloud services DWM uses based on the breach of the Apple iCloud. We are pleased to report that Orion and MoneyGuidePro never request, nor receive, any client account access information.

DWM and Schwab are committed to safeguarding your assets and the privacy of your information. We want you to have the highest level of confidence when you do business with us. We will continually review our privacy policy and update it as necessary to protect you. If you have any questions about these very important matters, please let us know.

Target Security Breach Puts Spotlight on Identity Theft Prevention

(Click above for full size image)

Across the country, 110 million Target customers are now dealing with the fallout from the security breach in December. Hackers obtained e-mails, name, addresses, phone numbers and PIN numbers for the debit and credit cards. Target has just agreed to provide all of its customers with a year of free credit monitoring. Worse yet, the Department of Homeland Security reported last week that the attack on Target was likely a part of a broader and highly sophisticated scam that potentially affected a large number of retailers, including Neiman Marcus. Apparently, Target’s systems were amazingly primed for hacking- lacking the virtual walls and motion detectors found in secure networks like most banks. Identity theft continues to be on the rise. The good news is that there are actions you can take to protect your identity. We thought it would be a good time to review some of the suggestions we have provided in the past, as well as some new ones:

Digital Security:

  • CHOOSE GOOD PASSWORDS. Make them difficult to decipher. Vary them by account. Don’t store your passwords on your computer.
  • COMPUTER SECURITY: Use anti-malware/spyware and anti-virus programs and keep them up to date.
  • PREVENT PHISHING SCAMS. This is when a thief sends a legitimate-looking email from a company you have an account with and asks you to reply with information or click on a link in the email. Instead, contact the company directly through the website or phone number you would usually use.
  • RESTORE YOUR COMPUTER TO THE FACTORY SETTINGS. When you sell or get rid of your computer, make sure that you have wiped out all information first.
  • SHOPPING ONLINE is safe as long as you are on a secure website. The internet address should start with “https” and have a padlock icon in the lower right hand corner.

At Home:

  • SHRED everything with sensitive information. (This means anything you wouldn’t hand to a total stranger).
  • PROTECT SNAIL MAIL. Consider using e-delivery as much as possible. Consider getting a P.O. box for delivery of mail with sensitive information.
  • TELEPHONE SCAMS: Never give out information to someone who calls you claiming to be from your credit card company, bank, etc. If they are legitimate, they already have that information. Call the company yourself using a phone number from the back of your credit card or bank statement.
  • USE A SAFE for all your important documents including your social security card. Keep your birth certificate, passport and other identifying documents in a bolted-down safe at home and use the hotel safe when you’re travelling. Also consider scanning and moving these documents to a “safe vault” in the cloud, such DWM/Orion.

When Out and About:

  • AVOID “SHOULDER SURFERS”. The person behind you at the ATM or supermarket may be just another shopper or maybe not. Be cautious.
  • WATCH WHAT YOU CARRY. Take only what you need. Change your credit cards to a PIN option only, if possible.
  • CARRY YOUR WALLET in your front pocket or your purse in front of you to reduce the likely-hood of pick-pocketing.


  • CREDIT FILES can be protected by placing a security freeze on your credit reports. When a freeze is set at all three credit bureaus, a thief cannot open a new account because the potential creditor will not be able to check the credit file. When you need to apply for credit, you can lift the freeze temporarily. See:,, and
  • Order a free credit report through from one of the three agencies every four months. You are entitled to one free copy a year from each agency, so you can rotate your requests.
  • MONITOR YOUR CREDIT CARD AND BANK ACCOUNT ACTIVITY. Most credit card companies and banks have a smart app that allows you to monitor your activity. It’s a good idea to check it every few days. If there is a fraudulent purchase, you’ll catch it quickly.
  • PAY FOR AN OUTSIDE MONITORING SERVICE. Both Target and the State of SC (when tax files were breached 15 months ago) provided a year free service with (now part of Experian). The service typically costs $16 per month. It monitors your credit and notifies you of new accounts or applications for credit. It includes $1million identity theft insurance- however, this is limited in scope and primarily pays for incidental expenses, not monetary loss. The only loss covered is if funds are electronically transferred from your account.

These days, risk management includes much more than simply sufficient life insurance or auto insurance. It needs to include a program to safeguard your most important asset- your identity. Please give us a call at DWM, if we can help in any way.