In the expat’s personal financial strategy, financial self-defence is the bottom line. Here, we explain the principal ruses the villains are using to penetrate your financial defences and outline a few simple steps you can take to stay ahead of them.
Every year billions of pounds/euros/dollars are being lost to fraud - an astonishing £1 billion to so-called ‘boiler room’ scams alone (see below). Affluent expatriates are, it seems, a particularly attractive target for the bad guys. Wherever you are in the world, you must exercise caution in your financial dealings. Never give away information about yourself or your finances to persons or organisations contacting you uninvited. Delete unsolicited emails if you have the slightest doubt about their integrity and consider carefully before opening any email attachments. Bear in mind that there is already far more data about you ‘out there’ than is desirable from a personal finance perspective. Data security, even in the hands of the most prestigious bodies, is not always what it should be.
Thieves use our personal details to access our bank accounts, steal our money, run up bills on our credit cards, and create false documents like passports in our names. As a precaution, never bin documents - especially financial documents like bills. Shred them in a cross-cut or diamond-cut shredder.
Learn to handle your personal finances in exactly the same way that you handle your car - by staying fully alert. If you transact money online, keep with the task. Don’t wander away from your computer to make a cup of tea or answer the telephone, and don’t forget to quit the online connection to your bank or broker the moment you’ve finished your transaction.
ID fraud and online banking
Identity fraud is on the increase. We all need to understand how to protect ourselves to prevent the distress and long-term disruption it causes. As a first step, read the small print in your banking agreement and implement any measures required to bring your computer’s firewalls and anti-virus software up-to-date. Failure to comply with the terms and conditions of your online banking agreement will abrogate the bank’s refund obligation. Keeping your part of the bargain obliges the bank to compensate you should the worst come to the worst. Look for the section in the small print entitled fraud protection or contact your bank directly and ask them to talk you through their identity theft protection policies.
Phishing is the term used to describe a particularly virulent online scam. Fraudsters set up ghost websites - exact copies of the genuine sites of bona fide financial houses, including well-known banks. Hapless online customers enter their personal account numbers and passwords onto the ghost sites believing them to be the real ones. The bait’s been taken and so has the victim’s money. Sometimes the expat is contacted via email. The pretext is usually along the lines that the bank is updating its security systems. The email will include a link to a ‘secure’ page which will ask for confirmation of the expat’s account numbers and password. Every day some poor soul will oblige, and - hey presto - their money vanishes.
Financial institutions like banks will never ask a customer to convey passwords online. To do so would breach fundamental security procedures. Verification is managed by asking for partial detail only, thus avoiding the risk of internal theft.
Expats who transact money online should be particularly on guard against so-called ‘Trojan’ programs which steal data from a computer by monitoring the user’s keystrokes. The latest version doing the rounds can sneak in with your emails, or when you’re visiting a website or downloading apparently innocent software. It can even ambush your files disguised as a music track. The Trojan program sits inside your system until you attempt to access your online account. Then, typically, it redirects you in phishing-style to a fake website where you will invariably be asked to type in your security information - passwords and account numbers - which will be intercepted by the fraudsters.
As a precaution, never enter the website of your bank, building society or investment broker other than by keying in the full website address. Under no circumstances should you enter any site connected with your financial dealings through links, or in reply to an unsolicited email, or via a search engine, as this may lead directly to a phishing site.
Be on the look out for any irregular activity in your account. This means checking your statements on a regular basis. If you think you are being targeted by fraudsters, notify the relevant authorities immediately.
There’s a cyber-defence guide available for Internet users at www.getsafeonline.org. It works for both PCs and Macs, offering good advice on how to avoid ID theft, fraud and how to buy and sell online safely.
Needles and PINs
Never reveal your personal identification number (PIN) to anyone, under any circumstances. As a matter of policy, banks do not ask customers for their PIN. The PIN is the customer’s secret. So if anyone asks you over the phone (or via the Internet) for confirmation of your PIN, the approach is fraudulent and you should report it immediately. As many expats have learned from experience, if you momentarily forget your PIN, you have only so many attempts at punching in the right character/number sequence before the account is locked automatically. The ‘three strikes and you’re out’ rule, however frustrating, provides a tier of safety to prevent card thieves unlocking your account. In the event of your account freezing you out, you’ll need to contact your bank to explain what’s happened, verifying that you are indeed the account holder, and ask them to send you confirmation of your PIN.
Check it out! How can I keep my PIN safe?
• Don’t keep your PIN with your cards.
• Don’t use personal anniversaries as PIN numbers.
• Don’t reveal your PIN either over the phone or online.
• Do follow the bank’s advice on keeping your online account secure.
• Do keep your anti-virus software up-to-date.
• Do log off immediately after you have finished your online banking transactions.
What are boiler rooms? Boiler rooms are sophisticated financial operations, usually based outside the UK (where the regulatory authorities can’t reach them), which use high-pressure sales techniques to offload worthless shares onto unsuspecting investors.
If someone you don’t know calls you up out of the blue and offers you cheap shares, the chances are you are being targeted by a boiler room. Boiler room scam artists are clever and sophisticated and know how to persuade us to part with our cash. So says the UK’s Office of Fair Trading (OFT). It’s a view shared by the Financial Conduct Authority (FCA) which reckons we are losing well over £200 million a year to boiler rooms. The police say it’s the most significant type of fraud they’re dealing with and put the figure lost annually at nearer £500 million.
It is estimated that there are between 300 and 500 boiler rooms working in Spain alone and new scams are appearing almost weekly, so it’s important you know how to spot them.
How do boiler rooms work?
Each operation employs up to 20 people who thoroughly research potential targets by any means possible and build up detailed victim profiles. These may include share-dealing histories, hobbies, taste in cars and more. After an initial ‘friendly’ telephone call, the lists of contacts will be handed over to ‘loaders’ - smooth-talking conmen and women whose job is to clean the victims out of their savings.
These guys won’t take no for an answer. They’ll call you constantly, trying to win your confidence and build a relationship. They will appear very knowledgeable and highly professional. The loaders often move from operation to operation taking lists of potential targets with them. One quarter of respondents reported that they had been approached by four or more different boiler rooms.
If you’re tricked into parting with your money you will probably be approached at a later date by a ‘slopper’, the gang’s apologist, who will explain to you how, for various unforeseen reasons, your initial share purchase has failed to bear the anticipated fruit. He or she will then offer you a ‘way out’ of your bind. He will tell you that he has found a buyer willing to purchase your shares but that offloading them will involve an upfront administration fee. Don’t expect a refund. Sounds too obvious to be effective? The UK’s Financial Conduct Authority (FCA) conducted a survey of callers who had contacted the Authority about fraud. More than half (58 per cent) of the respondents had fallen victim to a boiler room scam and purchased worthless shares. Of the victims, 13 per cent had been conned more than once. Three victims each reported losses of over £100,000. The average loss was in the region of £20,000.