"Bad actors" haven't sheltered in place, it seems. So found theU.S. House of Representatives Committee on Financial Services,which met with experts this week to hear testimony on fraudulent acts, particularly in cybersecurityand financial schemes. The COVID-19 pandemicapparently has brought even more schemes to light, especially as people havemoved online to do business, the committee found.

In fact, according the Federal Bureau of Investigation, thenumber of cybersecurity complaints has spiked to 4,000 a day from1,000 complaints a day four months ago. And those four months'worth of complaints are almost more than reported for all of2019.

In addition, a May 2020 survey of financial institutions found80% reported a 238% increase in cyberattacks compared to lastyear.

"The volume of attacks, as reported by many of the largest[financial institutions], moved across the globe towards the U.S.in line with the movement of the virus and continued to ebb andflow with the undulations of the COVID-19 news cycle," according tothe committee's majority staff report.

Bad actors are taking advantage of the unusually large numbersof employees working remotely and "lax telework securitypractices," the staff report found, which include weak passwords onhome computers, poorly secured home Wi-Fi routers and familylinking internet-connected devices. Malware, ransomware,man-in-the-middle attacks (cyber eavesdropping), phishing, businessemail compromise and cyber-supported fraud schemes continue to beways these bad actors are attacking both home and businessnetworks.

Pandemic attacks

The committee also found that during the pandemic,cybercriminals have "modified" traditional scams to cash in onCOVID-19 fears.

These scams are more likely to target senior citizens,lower-income communities and those who have been laid off orfurloughed, the report found.

Especially relevant for advisors, a North American SecuritiesAdministrators Association task force was formed in April to helpprotect investors by "proactively disrupting, discouraging anddeterring fraudulent or illegal activities of those seeking toexploit the coronavirus pandemic," Christopher W. Gerold, NASAApresident and chief of the New Jersey Bureau of Securities, statedTuesday.

The association has opened 91 investment-relatedmatters and have 54 active and open investigations, and are workingto "preemptively" identify schemes using online investigativetechniques to identify fraudulent websites or social mediaposts.

During testimony to the committee, Amanda Senn, AlabamaSecurities Commission chief deputy director and NASAA cybersecuritycommittee chair, said, "The pandemic coupled with dramaticvolatility in the markets has brought loneliness due to socialisolation and concerns for financial security. This is likely thereason that [we've] seen a significant uptick in thenumber of financial exploitation cases over the past twomonths."

Many of the schemes revolve around cryptocurrencies or promoteprivate offerings outside the stock market, as well as pitches thatinclude the usual suspects: investment opportunities in oil and gasventures, real estate, penny stocks, precious metals and foreignexchange markets.

Senn noted that state-registered investment advisors were"low-hanging fruit" for cybercriminals as about 75% of those are1-2 person shops. This is especially worrisome as last year betweenJanuary and June, state examiners found deficiencies relating tocybersecurity in 26% of examinations.

"These findings have spurred NASAA members to continue to focuson the importance of enhanced cybersecurity resources forstate-registered advisors," she said.

READ MORE:

• Report: Executives likely to be targeted forcybercrime
• Employee emails and other causes of databreaches
• Nearly $100,000 stolen from participant in EsteeLauder 401(k) plan