This is doable. But what if the WiFi is compromised by another user/device? With the trading PC be immuned?
Keep up with the personal contact instead of doing everything online. Get in touch with REAL people!! "He called the real trustee and then a UK phone number provided by the scammer but neither picked up. It was only when the real trustee called back 45 minutes later and was flummoxed by John’s questions that John realised what was happening. " What was he doing before?? WHY did he wait until the last minute to call the real trustee? If he had called the real trustee when the fraudster first contacted him, he would've realized the scam right from the beginning. And he allowed the scammer to impersonate 30 of his business associates before actually calling on a real person to verify??!! Really?? Seriously?? And second, get into a habit of checking the email address before responding to emails. This fraud wasn't even sophisticated. He used a fake email suffix to phish for payments, that's the oldest trick in the book. That trick has been around for the past 30+ years!! Can't believe people are still falling for that. You just need to hover your mouse over the email address and you would see the fake email address. It's like peeking out of the door or peephole to see who is knocking on the door before opening the door. If people don't even do this much to protect themselves, don't want to say that they deserve to be scammed but really God helps those who help themselves.
And it's absolutely false that just because big banks spend millions of $$'s on cybersecurity that they are "tougher" to hack. Some of the most genuine-looking phishing emails that I have received were from the big banks that I bank with. They had all of the logos down to the T, the colours, the designs, the account names, the account types, everything absolutely indiscernible from the real ones. If they didn't hack those big banks, how did they get all those details so perfectly correct?
Use one PC only for trading and do all the rest on a second cheap one. Use a separate email address for trading only and keep it secret (just use it for specific trading tasks, like contact with broker). Make regularly backup. Restoring an infected PC from a disc images works much better than any virus scanner. Removing viruses is never for 100% to be trusted; restoring a disc image is. If you wish to work with only one PC, inform yourself about Qubes. Don't use Wifi, use cable, much safer. Wifi is much easier to intercept.
Anatomy of a hedge fund hack Complexity of scams, and the time and money fraudsters are prepared to invest, highlight growing threat to smaller firms Finance firms are 300 times more likely than other companies to be targeted by a cyber attack, according to a 2019 report by Boston Consulting Group © FT montage; Dreamstime, Bloomberg Share on Twitter (opens new window) Share on Facebook (opens new window) Share on LinkedIn (opens new window) Save Laurence Fletcher in London 8 HOURS AGO 18 Print this page It was only when John made a final phone call to confirm the transfer of about €10m to his family trust that he realised he was about to fall victim to a highly sophisticated financial scam. A fraudster had spent two months pretending to be one of John’s business associates in order to gain his confidence and trick him into diverting a standard loan repayment to a different bank account. Having obtained emails through an earlier hack of a financial services company in Liechtenstein, they studied the habits and conversational style of John’s business associate and then imitated him on email. John, a London-based private investor who invests his family’s money and who regularly works with a number of smaller financial firms across Europe, said the fraud was thwarted at the eleventh hour “purely by luck”. The Financial Times has pieced together the details of how the attack on John unfolded, and how a separate phishing attack eventually forced the liquidation of the main hedge fund run by Levitas Capital, a Sydney-based firm with $75m in assets under management. The complexity of the two scams, and the time and money the fraudsters were prepared to invest, highlight the threat now faced by smaller financial services firms such as hedge funds, brokers and administrators, as well as by family offices and wealthy individuals. Often, hackers who obtain valuable information through an attack on one financial firm will sell the stolen data on the dark web to criminal groups experienced in using such data for frauds. Large banks are attractive targets for hackers, but the millions of pounds they spend each year on cyber security makes them tough to hack. Smaller hedge funds can be more enticing targets because they handle large sums of money but may only spend tens of thousands of pounds protecting themselves, according to cyber security firm Remora. The array of third-party companies that hedge funds use, for instance trustees, administrators and auditors, increases the number of potential weak links in the chain that hackers can target, and their principals are often more visible and easier to target. Data on attacks is sketchy, in part because firms are often unwilling to admit they fell for a scam. According to a 2019 report by Boston Consulting Group, finance firms are 300 times more likely than other companies to be targeted by a cyber attack. “Hedge funds and family offices do not spend anywhere near enough [on cyber security] which is why they are targets,” said Alex Mendez, Remora’s co-founder. “Hedge funds are more vulnerable because the principals within hedge funds are more visible and easier to target.” The US Securities Exchange Commission last summer warned of increasingly sophisticated ransomware attacks on broker-dealers, investment advisers and investment companies, as well as on their service providers. In September it warned that hackers were using usernames, email addresses and passwords obtained on the dark web to try to log into firms’ websites and gain access to accounts. “There’s a significant worry [about cyber risks] across the hedge fund world. It’s becoming increasingly dangerous, the impact could be catastrophic,” said Nicholas Wells, managing director at recruiter Quantum Chase. “Hackers may not have stolen anything, but by damaging the reputation of the firm [they damage the firm].” How the hack unfolded John, the private investor, asked the FT not to use his real name. He was originally contacted by the fraudster, posing as the trustee, in early February last year in a genuine-looking email. The fraudster had even used the same central European greeting, “Servus!”, that the real trustee uses. The only, almost imperceptible, difference was a change to the sender’s email suffix, meaning it came from an entirely different source. The email mentioned a regular loan repayment that John was due to make at the end of March, and asked a few questions about the timing, the currency and the account to be used. “I had no idea it was not the real [trustee]”, said John, who answered the email cordially and said he would make the payment. Several days later the scammer emailed again, this time pretending to be John’s lawyers in the Middle East. In total there were close to 30 emails exchanged over a couple of months. In some cases they asked about John’s art collection or dropped in personal information, such as the name of the hotel the real trustee would usually stay in when visiting Vienna. In one email, John questioned the fake trustee about the interest rate on the loan repayment. The fraudster, who had already obtained a copy of the loan schedule, admitted the mistake within minutes and sent a corrected version of the loan spreadsheet. “None [of the interactions] aroused my suspicion in any way whatsoever,” said John. In fact, hackers had already obtained emails of Liechtenstein-based fund administrator Caiac Fund Management, which John says helped them to impersonate the real trustee. A spokesman for Caiac said “hackers intercepted email correspondence and unsuccessfully tried to use the information attained on a specific product to trigger payments”. It declined to comment on individual cases but said it informs relevant stakeholders in the case of any data breach. In early April, John gave the green light to his bank to make the payment. He called the real trustee and then a UK phone number provided by the scammer but neither picked up. It was only when the real trustee called back 45 minutes later and was flummoxed by John’s questions that John realised what was happening. He quickly called his bank, which had not made the payment because it needed to check the exchange rate. John went to the Metropolitan police’s cyber crime unit, who spotted a rare opportunity to investigate an attempted fraud still in progress and where the fraudster was unaware they had been foiled. They asked John to arrange a meeting in Mayfair’s Berkeley Square under the pretext of signing some routine documents. An undercover policeman would go in place of John. But at the last minute the scammer cancelled, so John asked him for an address to send the documents to. The address given was on an East London council estate and was known to the police for previous criminal activity. The police decided against raiding it, believing they would only find a mule there. John has contacted Liechtenstein police and said Europol has been informed. He is not aware of further progress on the case, which he said has been hindered by Covid-19 lockdowns. The Metropolitan police declined to comment. A fake Zoom invitation Police have also got involved in the case of Sydney-based Levitas, where money was transferred to the criminals. In September last year co-founder Michael Fagan clicked on an innocuous-looking but fake Zoom invite that allowed a hacker to infiltrate Levitas’s systems and use Fagan’s email. The hacker then sent fake payment instructions to administrator Apex Fund Services. Apex tried calling Fagan to check the payment but was unable to reach him. However, after receiving confirmation from Fagan’s email — sent by the hacker — Apex sent an instruction to trustee AET Corporate Trust to pay a ‘capital call’ notice for A$1.2m (US$936,250) to a company called Unique Star Trading, said Levitas CEO Michael Brookes. Fagan eventually discovered the scam by accident when checking Levitas’s bank account almost two weeks after the phishing attack. Another A$2.5m had been paid out and a further A$5m had been approved for transfer. Fagan quickly stopped the payments and was able to recover most of the money. Nevertheless, about A$600,000 had been stolen, according to Brookes. Had it been discovered a couple of days later, then the loss could have been A$8.7m, he said. The hack led Australian Catholic Super, Levitas’s largest client, to withdraw its money, and the fund is now being liquidated. Apex declined to comment. Australian Catholic Super said it had received back its full investment in Levitas’s fund. New South Wales police said its investigation was ongoing but declined to comment further. Certane, which owns AET’s corporate trust business, said it is co-operating with authorities and that its ‘Pay’ system for processing client instructions was not compromised. Brookes said the payment instructions should have aroused the suspicions of the trustee and administrator. “It’s why the structure is set up as such, so that somebody will pick this up,” he said. “It’s devastating.”
Stand-alone trading computer behind an external hardware firewall allowing the local IP connectivity ONLY to the broker server farm IP address range(s). All other traffic discarded. ALL other PERSONAL activity on another machine. Simple/effective/near zero maintenance.
I already wrote previously that you should use Kaspersky. Use Kaspersky Security Cloud for intrusion prevention and to enable/disable/configure every program that can run on every device, custom firewall/IP/Port handling, network monitoring, data encryption, ransomware protection, and whatever else you want security-wise. CrowdStrike is also popular within corporations.