Why are cyber criminals targeting financial advisors?

Cyber criminals are targeting financial advisors at a much higher rate than other industries. To put this into perspective, any other business aside from a financial advisory firm is attacked by cyber criminals 4 million times per year. While the financial industry is victim to over 1 billion attacks per year. A huge difference! So why are cyber criminals seeking out financial advisors as their number one target? Simply put, as a financial advisor you have everything a cyber criminal wants: money, sensitive data, and lessened security. Those three things are a gold mine for hackers, and it’s up to you to protect your gold at all costs. You may be thinking, “Don’t all SMBs have those three valuable things that hackers want?” While you’re not wrong, let’s take a closer look at what makes financial advisors a prime target for cyber criminals.


Financial advisors have access to a lot of money

As a financial advisor, you manage a lot of money. And that’s exactly what cyber criminals are after; money. It’s no doubt you have a target on your back simply due to the nature of your job. In fact, the financial industry is the most targeted sector by hackers and has been the most attacked industry for three years in a row. Unfortunately, this risk won’t be going away any time soon as cyber criminals are after your data by a longshot compared to other industries. The financial industry is 300% more likely to be hit with a cyberattack when compared to other sectors like manufacturing, retail, and health care.

Again, the main reason for this target on your back is the amount of money you manage for your clients. According to TD Ameritrade, registered investment advisors are expected to manage $1.4 trillion by 2022. This is a highly attractive number to cyber criminals who are demanding their victims pay ransoms upwards of millions of dollars. You can think of it this way, as a financial advisor you likely prefer to work with clients who have more money to invest as that equates to a larger payout for you. The same goes for cyber criminals — They prefer to “work” with clients (you, the financial advisor) that have more money to pay them as well.


Financial advisors store valuable, sensitive data

Along with a lot of money, you have something else valuable that cyber criminals want. Sensitive data. This is the next best thing to money since this information will likely be sold on the dark web in return for payment or used nefariously to gain money. Sensitive data is seen as personal information like names, email addresses, SSNs, and financial information including pay stubs, insurance policies, bank statements, tax returns, employer benefit statements, and so on.

As a financial advisor, you are responsible for the safeguarding of this information. This includes proper security policies for receiving, handling, sharing, and storing sensitive information. With cyber criminals aware of the very valuable data you have access to, it aids in painting the financial industry as the perfect target for hackers. They also know all it takes is one mistake of improper handling of this data to gain access to your network where they can deploy a ransomware attack by locking up all of your files so you cannot access them until you pay the ransom or else your sensitive files will be leaked to the public or erased permanently. Or even easier for cyber criminals, successfully sending a phishing email to an employee at your firm posing to be Dropbox, requesting that the employee login to their account. It really is that easy for hackers, as a report from Verizon found that 90% of cyberattacks started with a phishing campaign. Therefore, cyber criminals are not using complex attacks to infiltrate your network and steal your sensitive data, they are using simple attacks that rely on human error to gain access to your firm’s data. This leads to the next section.


Independent financial advisors have less security than larger organizations

Financial advisory firms, especially independent firms that only consist of one or two advisors or staff members, typically have less security than larger advisory firms. This is simply due to fewer resources, time, money, and knowledge compared to larger organizations. Unfortunately, cyber criminals know of your lessened security, making you an easy target to go after.

Try putting yourself in their shoes. You could go after a large company that has more money and more sensitive data, however, you will have a lot harder time getting into their network and all your efforts could end up unsuccessful and get you caught. Or you could go after a smaller organization that has some security; they may even think they have no security flaws, however, they do they just don’t know it yet. And as the cyber criminal you are in this example, you have no trouble accessing their network. From there you can still gain money and sensitive data with very little effort and very little chance of getting caught. Which would you choose?

Not to mention, as a financial advisor your day is made up of prospecting, servicing current clients, administrative duties, financial planning, and continuing your education – Where does that leave IT and cybersecurity duties? Without someone completely dedicated to handling your everyday IT needs, your advisory firm is at a much greater risk for exposure to cyberattacks. And if you do have one person dedicated to the security of your organization, it’s important they are continuing their education and staying up-to-date with cybersecurity trends. By not doing so, the lack of knowledge could leave your organization vulnerable to attacks as well.


What can you do?

Now that you are aware of the large target on your back as a financial advisor, you can take the proper steps to secure your business. From using a fully integrated and active protection antivirus, malware, and threat detection solution to detecting threats early on, so that you can stop them before they happen. All the way to using a properly configured “hands-off” online data backup and enforcing strong cyber security policies for yourself and your staff.

While protecting your and your client’s data may sound overwhelming, it doesn’t and shouldn’t be that way. With Advisor Guardian you can transform from ‘A cyber attack won’t happen to me’ or the afraid financial advisor unsure of how to handle cyber threats to a confident and secure advisor that can assure their clients’ data is safe and protected from cyber criminals. With the daunting weight of cyber security lifted off your shoulders, you will have more time, efforts, and energy to put towards growing your business and not worrying about whether an attack will happen to you.


Take a closer look at how Advisor Guardian can help protect your financial advisory firm.

Other Cyber Security Education Articles for Financial Advisors: