In a world where Elizabeth Holmes, Anna Delvey and the Tinder Swindler co-exist, it seems like scammers are waiting for unsuspecting victims around every corner. Sometimes, those victims are even sophisticated finance professionals.
Andrew, a 27-year-old certified financial planner, learned this lesson the hard way last month when he was conned out of $3,000 by someone impersonating an investment advisor>1. A pitch that's too good to be true
It all started when Andrew saw his friend post a video> 2. A consistent back-and-forth
Still, Andrew wasn't sold. He reached out to the advisor tagged in his friend's post, inquiring about the impossibly high return>3. An ultimatum
Andrew, following instructions, put $1,000 in a Zelle account and another roughly $2,000 in bitcoin in Cash App. He gave the accounts' information to the advisor, who sent Andrew a link to a site that appeared to be Forex, an>4. Strange links
Andrew recorded a video with disclaimers, saying he wasn't endorsing the advisor's services, and sent it to the advisor. The advisor then sent Andrew a link to extract his profits, but instead of leading to Forex, the link opened what appeared to be Instagram's login page. Andrew entered his username and password, and was almost immediately locked out of his account.
At this point, Andrew says, he realized he had been conned. He called the police to file an incident report, opened up his side hustle's Instagram account and started broadcasting warnings about his personal Instagram account and the account of the so-called advisor.
Weeks later, he still doesn't have access to his personal Instagram account — which, until recently, was reposting edited videos appearing to show Andrew endorsing the scammer. When contacted by CNBC Make It, a spokesperson from Facebook, Instagram's sister brand, said they'd investigate further.
"We have sophisticated measures in place to stop bad actors in their tracks before they gain access to accounts, as well as measures to help people recover their accounts," the spokesperson said. "We know we can do more here, and we're working hard in both of these areas to stop bad actors before they cause harm, and to keep our community safe."
As for the money, Andrew called his bank — which immediately halted the $1,000 Zelle transaction, and directed him to file a separate claim through Visa and Cash App to recover the other $2,000. Ultimately, Andrew got the money back. But by this point, his credibility as a financial expert was at risk.
Together, he says, he and his boss alerted the CFP Board of Standards, which monitors the competency and ethical practices of all CFPs across several countries. Unsure of how his Instagram username and personal information could be linked to his company, he also asked his employer's IT department to monitor any suspicious activity.
Today, Andrew's career as a CFP remains intact. And as far as he knows, the scammer was unable to get into any of his other social media accounts or — more crucially — bank accounts.
Payton says that after the scam occurred, Andrew "did all the right things" to protect his personal information. For others hoping to avoid similar predicaments, here's her advice:
- Consider using different email accounts for your social media, financial and health care accounts. Use an encrypted service like ProtonMail for any account linked to highly sensitive or confidential information.
- Turn on multi-factor authentication for all of your accounts. If you get a notification of unusual activity on your account, don't click on any links. Instead, go directly to your profile and change your password manually.
- Authorize a friend or family member to have emergency access to your account. Some social media platforms allow you to assign a backup user on their "privacy and settings" page. Instagram doesn't yet, but the Facebook spokesperson told CNBC Make It that the feature is currently being tested.
- Report the account to the social media platform, file a police report and submit claims to FBI at IC3.gov and the Federal Trade Commission at ftc.gov.
