Knowledge is Power: Protecting Yourself Against Online Fraud

First Republic Investment Management
October 7, 2015

For centuries, con artists have taken advantage of human nature, scheming to separate victims from their hard-earned pay by appealing to their motivations of fear and greed. By learning how criminals work, you can lessen your chances of falling victim.

Scams Dating Back a Century

Today’s Internet scams actually originated in the late 19th century. According to variations of “The Spanish Prisoner,” the victim is told that a wealthy (but unidentified) person is imprisoned in Spain under a false identity, and if the victim advances funds to secure the release of the prisoner, he will be financially rewarded. Once funds are advanced, either the trickster is never heard from again, or more difficulties arise requiring additional money until the victim declines to pay more funds.

More modern Internet versions called “419” scams have since emerged, named after the section of the Nigerian criminal code dealing with fraud. These scams have become so well known that they have almost stopped being effective.


A far more effective technique, known as phishing, uses an imposter e-mail or website to lure an unsuspecting victim into giving up their usernames, passwords and accounts details. These can be very convincing, often mimicking the “look and feel” of the actual institution. Victims think the emails are legitimate and provide the requested information. In some cases, money is taken directly, while in other cases your contacts are taken, and soon your friends, family and every financial institution where you have an account is informed (by “you,” via your e-mail) that you are out of the country, lost your wallet and need $10,000 transferred to a certain offshore account immediately.


The quickest and easiest way for a con artist to get access to any account is to simply guess a password. A significant percentage of passwords are Password, 123456 or 12345678 (in that order), with roughly a third of the population using the same password across all of their accounts. There is almost a one in 10 chance that the PIN for an ATM card is 1234, 1111 or 0000, and a criminal will likely have three chances to enter it before the account is de-activated. Use one of those passwords, and you are asking for trouble.

How to Protect Yourself

There are three very broad (but effective) ways you can protect yourself:

  1. Make sure all your devices (in addition to accounts and applications) use passwords, and make sure all usernames, passwords and PINs aren’t obvious.
  2. Never respond to any financial institution or urgent emails claiming to be from a bank or company requesting your account information or personal details. Banks don’t send SPAM emails phishing for this type of information.
  3. Be skeptical, especially regarding urgent requests that will result in huge windfalls. After all, how likely is it that the president of the state-owned Nigerian National Petroleum Corporation needs your five grand?

©First Republic Investment Management, 2015