We have received reports from one of our trusted custodians, Charles Schwab, that scammers have been impersonating the company by phone and requesting personal client information, including Social Security numbers. In these calls, the caller ID may display the name “Charles Schwab” and a Denver area code.
Spoofing – making a phone number appear to belong to a person or an organization it does not (or making it appear to be from someone’s local area code) – is unfortunately common. No matter where the caller is located, they can appear to be calling from the victim’s local area code, or from the same area code as a trusted institution or government agency. Often times, if you don’t answer, they will leave a message asking you to call them back.
This type of scam is sometimes referred to as “vishing,” a type of phishing scam perpetrated by phone, where scammers rely on social engineering techniques to build trust and trick the recipient into providing private information over the phone.
How You Can Protect Yourself
- Always be mindful of such attacks and be suspicious of unexpected requests for sensitive information over the phone. Take time to think through the situation before reacting.
- If you receive a suspicious call from someone posing as Schwab or any other trusted party, hang up immediately, then call the other organization on their public phone number to verify the request. Feel free to contact your service team at JFS when related to your investment accounts.
- Do not give out your Social Security number, bank account number, or any personally identifiable information over the phone unless you’re the one who initiated the call. Remember that financial institutions generally do not call to request your personal information.
- Be extra cautious when responding to text messages or emails from an unknown source.
- Do NOT click links or provide any personal information to a sender that looks unusual. Rather than clicking links within the message, navigate directly to a provider’s website or mobile app.
- When online, confirm you are accessing secure websites. Secure websites begin with “https,” not “http” and are denoted with a padlock icon in the address bar.
Continue to be Vigilant for Suspicious Activity
Always be cautious in any situation involving personal data. We encourage you to continue utilizing your secure, online client portal to send and receive sensitive documents pertaining to your accounts.
For more about keeping your personal data safe, view our document, “Protecting Yourself from a Security Breach,” for helpful tips and guidelines. If you have questions, please contact any member of your service team.