How can financial advisers stay protected from common online threats?
Cybercriminals are getting more creative in their attempts to steal data, installing malicious software (malware), and tricking unsuspecting users. From fake security updates to misleading ads, fraudsters are using familiar-looking websites to deceive even the most cautious users. Once malware is installed, attackers can maintain persistent access to your device and network, and deploy attack after attack.
Financial advisers and their clients must be aware of the emerging threats to protect their assets, mitigate risk and avoid falling victim to these increasingly common online threats.
Five ways you can be tricked online and how to avoid them
1. Fake templates
A popular attack called ‘Gootkit’ is fooling advisers searching for financial content. Attackers are compromising legitimate websites, so when a user searches for a keyword like ‘Discretionary investment management agreement’ or ‘Fixed term contract to permanent letter/template’, they’re led to the compromised site, which looks legitimate.
Clicking onto these compromised sites takes you to what looks like a forum, answering the exact question posed, using the exact same wording as the search query. It will look like the site administrator has provided a ‘direct download link’ and when you click this, a .zip archive is downloaded and named to exactly match the original search query.
How to avoid it:
· Before downloading any documents or templates, verify the source and make sure the website is trustworthy. If it’s a site you’ve never heard of, do some quick research or avoid downloading files altogether.
· If you download a zip, check the file types within the zip and avoid opening unusual file types such as .js (JavaScript) and .exe (executable) – as they’re commonly used in malware attacks.
· Read more information on the Gootkit scam and how attackers can use fake templates to trick you. You can scroll down on this article to view the example Forum Post leading to the GOOTLOADER download so you can avoid it if you come across it.
2. Sponsored links in search engines and fake ads
When using a search engine like Google, how often do you click the top three links of the search results? If the answer is ‘a lot’, you’re not alone. Over 25% of people click the first Google search result.
Cyber-criminals are taking advantage of this, using Search Engine Optimisation (SEO) tactics to create fake ads or search results that look identical to legitimate ones. Clicking on these links can lead you to websites designed to trick you into downloading malware.
How to avoid it:
· Be cautious when clicking on sponsored ads – it’s best to steer clear of them altogether to avoid doubt.
· Verify search results - always check the legitimacy of websites you visit by looking at the URL/domain name as malicious websites often used misspelled versions of popular sites. For example amazn.com instead of amazon.com.
3. Fake CAPTCHA challenges
We’ve all seen CAPTCHA tests asking us to select traffic lights or type in distorted letters to prove we’re not bots. But criminals are now using fake CAPTCHAs as a disguise to spread malware. The requests ask you to complete an additional ‘verification step’ that tricks you into running commands that execute malicious code. Fake CAPTCHAs can be found on legitimate websites through purchasing ad space on the site, or if an attacker has compromised the site and it's gone unnoticed.
How to avoid it:
· Be wary of CAPTCHA pages that appear in unexpected places, especially if they have extra verification steps. A website should never ask you to run keyboard commands like the run dialog (Windows Key + R).
· Use up-to-date security software that can block malicious downloads.
You can find more information about CAPTCHA and how hijackers are using them here.
4. Fake software updates
A common trick cybercriminals use are fake browser or software update pop-ups. These messages urge you to download the latest version of Chrome, Edge, or other software - but instead, you’re installing malware. The fake software pop-up is likely to appear on a compromised or malicious website, impersonating a genuine update notification and urging you to download it immediately.
How to avoid it:
· Never download updates from pop-ups; close the window and go directly to the official source for updates, such as your browser’s settings, or the official website for the software in question. If you’re unsure, Google the update version number or content, scammers often make up fake numbers.
· Make sure you have up-to-date antivirus software that can detect and block malicious downloads or extensions.
Click here for more information on fake software updates and examples of how they’re used.
5. Malicious browser extensions
Another growing concern is malicious browser extensions. These extensions often seem like helpful tools, such as AI add-ons, ad blockers or productivity enhancers, but they can secretly install malware or steal personal data. These malicious extensions are often bundled with legitimate downloads from compromised websites, making it extremely difficult for users to detect the threat until it’s too late.
How to avoid it:
· Stick to reputable sources (e.g. official stores like Chrome Web Store) and double-check user reviews before downloading anything – generic or similar reviews may indicate fake feedback.
· Keep your browser updated. Regular browser updates can patch vulnerabilities that could be exploited by malicious extensions or websites.
· Always be cautious about what browser extensions you install and check the permissions it requests aren’t excessive, such as permission to access all sites you visit, reading and changing data, browsing history etc.
You can find more information about malicious browser extensions here.
Stay safe online – essential tips
Awareness is your best defence against online threats. Stay informed about the latest cybersecurity risks - websites can deliver malware or steal your data, so always be cautious. Avoid downloading suspicious files, templates, or extensions, and watch out for phishing emails and scams designed to trick you.
Stay one step ahead
Cyber threats are always evolving, but staying informed helps keep you secure. Get expert insights straight to your inbox - sign up for our fortnightly Adviser Insight newsletter using the ‘Sign up’ button on the left.
This article is for financial professionals only. Any information contained within is of a general nature and should not be construed as a form of personal recommendation or financial advice. Nor is the information to be considered an offer or solicitation to deal in any financial instrument or to engage in any investment service or activity.
Parmenion accepts no duty of care or liability for loss arising from any person acting, or refraining from acting, as a result of any information contained within this article. All investment carries risk. The value of investments, and the income from them, can go down as well as up and investors may get back less than they put in. Past performance is not a reliable indicator of future returns.
