Brokerages lose millions in hacker onslaught

High-tech crooks using spyware are costing U.S. discount brokerages millions of dollars to repay clients who have been victimized by fraud, the brokerages said in recent days.

The U.S. Securities and Exchange Commission warned earlier this month that scammers were hijacking online brokerage accounts, using spyware and operating from remote locations.

TD Ameritrade Holding on Tuesday became the latest brokerage to confirm the problem. It said it cost $4 million in the third quarter to make whole customers whose accounts had been hacked.

Harder-hit was rival E*Trade Financial, which last week said its fraud losses ballooned by $18 million in the third quarter from swindlers who stole clients' identities and manipulated their accounts.

Both brokerages guarantee to repay clients who lose money through such frauds. A representative for a third discount brokerage, Charles Schwab, said the company hasn't seen "anything unusual enough to merit a disclosure."

"During the quarter E*Trade, like a number of our competitors, experienced a significant increase in losses resulting from fraud relating to identity theft," said Jarrett Lilien, president and chief operating officer of E*Trade, on last week's conference call.

TD Ameritrade Chief Executive Joseph Moglia said that all those who stole clients' identities did so by using public computers rather than hacking into the Omaha, Nebraska-based company's internal systems.

He called the $4 million hit "not material at all. This gets a lot of attention but it's not affecting the share price," he said.

TD Ameritrade shares fell 79 cents, or 4.8 percent, to close at $15.84, making them the top decliner on the Amex Securities Broker Dealer index. Moglia blamed the share price fall on a cut on its projections for 2007 earnings.

Both E*Trade and TD Ameritrade said they were strengthening their defenses.

"We've seen that level of fraud in the last three weeks or so reduced to almost zero as a result of the changes we're making," E*Trade CEO Mitchell Caplan said in last week's conference call.

But Gwenn Bezard, an analyst with Boston-based consultant Aite Group, said E*Trade had previously made big efforts to bolster security and the $18 million increase was a sign of hackers' resiliency in combating fraud prevention efforts.

"It's a reminder that though you may have stronger authentication, it may not protect you from other types of scams," he said.

Both E*Trade and TD Ameritrade said they are working with investigators at the SEC, the FBI and other agencies to crack down on the scammers.

About 25 percent of U.S. retail stock trades are made by online investors through roughly 10 million online accounts, according to brokerages regulator NASD.

In many of the schemes outlined recently by SEC officials, crooks will load a victim's computer or a public PC with a spy program to monitor a user's activities and capture vital information, such as account numbers and passwords.

The program then e-mails the stolen information back to the thief, who can use it to open victim accounts.

Once inside, the thief may sell off an account's portfolio and take the proceeds. Or electronically hijacked accounts may be used for "pump-and-dump" schemes to manipulate stock prices for profit, SEC officials have said.

Story Copyright © 2008 Reuters Limited. All rights reserved.

[Methuss]

DUH!

Brokerages make millions in transaction fees. They should spend $50 for each account holder to send them an RSA token device that has a six digit, synchronized changing number that is part, but not all of the password.<br /><br />A physical device party to the authentication with a user memorized part, means no hacker can simply scrape the password from a user and break into an account. The since the token number changes every 60 seconds and the numbers are good only once, they are useless once the real person has typed it in. Stolen tokens are useless as well since the password has a memorized component to it as well.

[wbenton]

No surprise really!!!

The writing has been on the wall for quite some time now.<br /><br />It was perceived and thus it could have been prevented.<br /><br />I'm just wondering where the money trail to all that money went to?<br /><br />Could it be possible that they purposefully did it to themselves as they knew they would be untraceable.<br /><br />The attacks COULD have been prevented... but weren't.<br /><br />Lax security!!!<br /><br />Walt