By Jonathan Keehner and Kevin Drawbaugh
High-tech crooks using spyware are costing U.S. discount brokerages millions of dollars to repay clients who have been victimized by fraud, the brokerages said in recent days.
The U.S. Securities and Exchange Commission warned earlier this month that scammers were hijacking online brokerage accounts using spyware and operating from remote locations.
TD Ameritrade Holding Corp. on Tuesday became the latest brokerage to confirm the problem. It said it cost $4 million in the third quarter to make whole customers whose accounts had been hacked.
Harder hit was rival E*Trade Financial Corp., which last week said its fraud losses ballooned by $18 million in the third quarter from swindlers who stole clients' identities and manipulated their accounts.
Both brokerages guarantee to repay clients who lose money through such frauds. A spokesman for a third discount brokerage, Charles Schwab Corp., said the company hasn't seen "anything unusual enough to merit a disclosure."
"During the quarter E*Trade, like a number of our competitors, experienced a significant increase in losses resulting from fraud relating to identity theft," said Jarrett Lilien, president and chief operating officer, on last week's conference call.
TD Ameritrade Chief Executive Joseph Moglia told Reuters that all those who stole clients' identities did so by using public computers rather than hacking into the Omaha, Nebraska-based company's internal systems.
He called the $4 million hit "not material at all."
"This gets a lot of attention but it's not affecting the share price," he said.
TD Ameritrade shares fell 79 cents, or 4.8 percent, to close at $15.84, making them the top decliner on the Amex Securities Broker Dealer index.
Moglia blamed the share price fall on a cut on its projections for
2007 earnings.Both firms said they were strengthening their defenses.
"We've seen that level of fraud in the last three weeks or so reduced to almost zero as a result of the changes we're making," E*Trade CEO Mitchell Caplan said in last week's conference call.
But Gwenn Bezard, an analyst with Boston-based consultant Aite Group, said E*Trade had previously made big efforts to bolster security and the $18 million increase was a sign of hackers' resiliency in flouting fraud prevention efforts.
"It's a reminder that though you may have stronger authentication it may not protect you from other types of scams," he said.
Both E*Trade and TD Ameritrade said they are working with investigators at the SEC, U.S. Federal Bureau of Investigation and other agencies to crack down on the scammers.
About 25 percent of U.S. retail stock trades are made by online investors through roughly 10 million online accounts, according to brokerages regulator NASD.
In many of the schemes outlined recently by SEC officials, crooks will load a victim's computer or a public PC with a spy program to monitor a user's activities and capture vital information, such as account numbers and passwords.
The program then e-mails the stolen information back to the thief, who can use it to open victim accounts.
Once inside, the thief may sell off an account's portfolio and take the proceeds. Or electronically hijacked accounts may be used for "pump-and-dump" schemes to manipulate stock prices for profit, SEC officials have said.
Copyright 2006 Reuters Limited.
NOTE: For more telecom/internet/networking/computer news from the daily media, check out our feature 'Telecom Digest Extra' each day at