The FBI’s Philadelphia field office offers tips for investors about how to avoid getting scammed — and who to call if you do.
We don’t think of G-men tackling securities and investment fraud, but in fact, they do most of the nitty-gritty investigating for the regulators such as the Securities and Exchange Commission.
For instance, the FBI set up key wiretaps on hedge-fund big Raj Rajaratnam and crony Rajat Gupta — helping indict and convict them and about 60 others of insider trading. The FBI used wiretaps as a legal first in a securities case, and established a working group with other Wall Street hedge funds to ferret out bad apples.
But regular folks also get scammed — not just one-percenters who invest in hedge funds. And the FBI and local authorities gave out their phone numbers and websites to help people like us. One good one is IC3 (www.ic3.gov) which was established as a partnership between the FBI and the National White Collar Crime Center (NW3C) to receive Internet-related criminal complaints and refer the criminal complaints to federal, state or local law enforcement.
Richard Goldberg, chief of the economic crimes unit for the U.S. Attorney’s Office in the Eastern District of Pennsylvania, told a packed room full of local bankers, fraud officers, and corporate reps for local businesses last week at FBI headquarters that one recent scam cropping up among bankers involves false tax refund cases.
“The Internal Revenue Service is under mandate to get returns and refunds done faster,” Goldberg said. So criminals are quickly setting up operations to file bogus returns based on stolen Social Security numbers — to the tune of billions of dollars.
Goldberg’s office handled the investment fraud case involving Philadelphia’s Life’s Good Inc. whose head, Robert Stinson Jr., was recently sentenced to 33 years in prison. Stinson operated a Ponzi scheme involving short-term real estate loans that pledged investors a 16 percent annual return — way too good to be true.
For those who suspect they may be getting scammed, especially locally, Goldberg gave out his office phone number for investors: 215-861-8439. “If you come across something that doesn’t seem right, call us,” he said. “We’d like to hear from you.”
Social media networks are also prime hunting grounds for “spear phishing,” in which hackers try to grab your passwords — especially those to your bank accounts, brokerage accounts and other investment assets.
If you log in to your bank or brokerage account on a mobile phone, you are most vulnerable, said Russell Handorf of the FBI’s Philadelphia field office.
“If you have programs like Skype on your phone — whether an Android or an iPhone — you’ve allowed that software to tag your location, take pictures of you and whomever you are talking to, and read your calendar, all of which can then be sent to other people,” Handorf said.
Ask yourself if you really need the latest application on your phone, and install anti-malware software for Android, BlackBerry or iPhone. While not foolproof, it’s a first line of defense.
Investors can take startlingly easy precautions with usernames and passwords. Do you use the same key for your house, your car and your bike lock? Of course not. Then do the same for your online persona, Handorf added.
Here are some things to keep in mind:
• Instead of “ABC123″ as your username for all your financial accounts, use “ABC123BROKERAGE” for your investments, “ABC123CHECKING” for your checking account, and “ABC123MORTGAGE” for your home payment. Same thing for passwords.
• The FBI’s Michael Ruibal said one hacker gained access to a victim’s bank account by way of the person’s gym membership. The hacker called the local gym, saying “I’m so-and-so, and I forgot my password.” Armed with that password, the scammer then cracked the victim’s bank account. “By creating similar yet slightly different usernames and passwords when you access your bank or your broker on your smartphone, you minimize the ability of someone to figure out how to hack into your phone,” Ruibal said.
• Create unique challenge questions, such as “What is your grandmother’s maiden name?” Your mother’s maiden name is probably on Facebook or Ancestry.com and a thief doesn’t even need to be a hacker to figure that out.
• Set up a Google alert for your own name — you’ll be notified if any pertinent information such as birthday, Social Security number or address shows up on the Internet.
• Establish spending limits on money-market bank cards, and create text or e-mail notifications if big amounts start flooding out.