Online stockbroking scams
Hacking into your trading accounts
Scammers have the technology to hack into your emails and online
trading accounts so they can pretend to be you, trade on your
behalf and generate profit for themselves and large losses for
Here we explain how online stockbroking scams work and how you
can avoid them.
How online stockbroking scams
There are two common ways scammers hack into your computer
to access your share portfolio.
Online trading hacking
Scammers steal your user name and password to access your online
trading accounts directly. They may infect your computer with
a virus to track your key strokes and obtain your passwords or they
may buy user names and passwords on the black market. The scammers
use your compromised online stock trading account to buy and sell
shares at an intentional loss - sometimes trading your account deep
into debt. The scammers then use a separate account to benefit
from these loss-making trades.
Scammers steal your email password then read your emails to
become familiar with the way you give instructions to your
They may even correspond with your broker to create a background
story to show why you need funds released (for example, you are
considering moving overseas, a family sickness, or a house
purchase). The scammer may delete emails they send, as well as
any replies to these, so you don't see them when you access your
The scammer will email your broker and request that they sell
your shares and urgently transfer the money from your account
to the scammer's bank account (usually overseas). The email
transfer request may even include a fake letter of authorisation
If this happens, your broker may not phone you to confirm your
instructions, having been deceived by previous stories of your
change of circumstances.
Case study: Warren's online stockbroking account gets
Warren has an online stock
trading account. He usually trades once a year and hasn't changed
his password since he opened the account 5 years ago.
Out of the blue, Warren receives a call from his online broking
service saying he has $1 million debt on his account from trades
made that day. The last trade Warren remembered making was 6 months
ago when his balance was around $50,000.
Shocked, Warren tells his broker that the trades were not made
or authorised by him. Warren asks the broker to freeze his account
immediately and tries to negotiate with the broker to get his money
back. He also notifies the police and ASIC of the scam.
Warren quickly installs updated anti-virus software and then
changes all his passwords to secure his financial accounts.
The broker works with authorities to investigate the unauthorised
Who scammers target
Scammers will target anyone with a stockbroker or online
stockbroking account who has poor computer security, such as
out of date anti-virus software. They may look for people who
haven't changed their email passwords and who don't trade
regularly, maybe only a few times a year.
How to tell if you've been
Here are some signs that your online broking account has been
- Unauthorised transactions on your broking account.
- Your account has been emptied.
- Your broker contacts you to confirm transactions or external
transfer of funds that you did not authorise or that are
- Your trade confirmations do not match trades you have made (it
is very important to check all trade confirmations received from
your broker either electronically or by regular post).
- The Cash Managed Trust account linked to your share trading
account contains unauthorised transactions.
- Your password has been changed.
- Your email provider has blocked you from your account.
How to avoid being scammed
Here are some practical things you can do to avoid being
- Avoid communicating trading instructions using a public domain
email address (as these tend to be less secure).
- Never disclose the log-in details of your online securities
trading account to anyone (even your broker).
- Always check trade confirmations provided by your broker.
- Regularly check your online broking account and any linked Cash
Managed Trust account.
- Place sensible trading limits on your account.
- Regularly check what 'rules' have been set up on your email
account to ensure that scammers aren't diverting emails from your
broker to themselves.
For more tips on how to avoid being scammed see protect yourself from
What to do if you've been scammed
If a scammer gets access to your online stockbroking account,
call your stockbroker, financial institution and credit card
provider immediately and ask them to freeze your accounts. See what to do if you've been
scammed for more detailed information on what to do
Online stockbroking scams can be devastating.
Keeping your anti-virus software up to date and changing your
passwords regularly are good ways to keep your investments
Last updated: 11 Feb 2019