Besides the American corporations facing threats from overwhelming cyberattacks, American retail businesses are also struggling to fight against the rise of hackers hacking into their accounts and investments. FINRA (Financial Industry Regulatory Authority), the market’s self-regulatory body, in a recent notice said that it received several complaints related to customer accounts being hacked. The incident involved attackers using stolen customer information like login credentials to hack into online customers’ brokerage accounts.
According to Market Watch “Ari Jacoby, chief executive and co-founder of cybersecurity firm Deduce, backed up this statement with data showing that account-takeover fraud increased by roughly 250% from 2019 to 2020. He told Security.org that account-takeover prevention is a $15 billion market that is “growing significantly year-over-year.“ FINRA finds two factors that might be responsible for the surge in account takeover incidents.
First is an increase in the use of online services and brokerage apps, that allows hackers to break into user accounts using login I’d and passwords that they buy from Darkweb. It becomes very easy for hackers to find the login credentials of the customers as many users use the same password combinations for multiple accounts. The second aspect is the Covid-19 factor. “Customer account-takeovers have been a recurring issue, but reports to FINRA about such attacks have increased as more firms offer online accounts, and as more investors conduct transactions in these accounts. In part due to the proliferation of mobile devices and applications and the reduced accessibility of firm’s physical locations due to the COVID-19 pandemic,” reports FINRA.
The Security and Exchange Commission is also keeping an eye on this incident and is pressing hard on brokerage firms for not keeping a check on suspicious activities. Market Watch says “But most individual investors don’t have to wait for the SEC or FINRA to come to their rescue, because this sort of criminal activity is largely enabled by a lack of vigilance on the part of victims, including requesting that their broker send them suspicious login alerts and using two-factor authentication, according to Jacoby.”