Pain points

Cyber hygiene for high-net-worth clients

High-net-worth clients are uniquely targeted: their assets are public (Form ADV disclosures, business filings, news coverage), their email addresses are scrapeable, and the payoff for successful fraud is enormous. Sophisticated wire fraud, account takeover, and impersonation attacks specifically target HNW individuals. This guide covers the cyber hygiene conversation advisors should be having.

The threat model for HNW clients

HNW-specific attack patterns:

1. Targeted wire fraud (vendor / closing impersonation). Scammers monitor real estate transactions, art purchases, or business deals via leaked emails and impersonate the closing attorney, escrow company, or vendor. Wire instructions arrive 'updated' just before close. The wire goes to the scammer.

2. Email account compromise. Scammer gets access to client's email (phishing, credential reuse, or via a family member's compromised account) and watches communications until the right moment to inject fraudulent instructions to the advisor or bank.

3. Advisor impersonation. Scammer impersonates the advisor in emails to the client, requesting unusual transactions, or impersonates the client to the advisor requesting urgent wires.

4. Family member compromise. Adult children, spouses, or staff are softer targets and provide back-door access to family financial decisions.

5. Physical security exploitation. Stolen mail, dumpster diving, observed PINs at restaurants, or breached household staff.

Core protections every HNW client should have

The non-negotiable list:

1. Unique passwords + password manager. 1Password, Bitwarden, Dashlane. No reuse across accounts. Master password should be strong and not stored digitally elsewhere.

2. Two-factor authentication on every account. Especially: email, bank, brokerage, retirement, crypto, social media. Prefer authenticator apps (Authy, Google Authenticator) over SMS — SIM swap fraud is a real HNW attack vector.

3. Dedicated 'high security' email. A separate email used only for financial and government accounts. Never publicized. Different from the email used for shopping, newsletters, and social.

4. Credit freeze at all three bureaus. Free, permanent, prevents new account fraud. Lift temporarily when needed.

5. Verbal verification for any wire instructions. Period. No exceptions. Call the recipient at a known number — never use the number in the email.

The wire fraud conversation

This is the single highest-impact conversation. HNW wire fraud losses average $50K-$500K per incident and are rarely recoverable.

Establish with the client:

A. Wire instructions never change by email. If you receive 'updated wire instructions' for a real estate closing, business deal, or any large transaction — assume fraud until verified by phone.

B. Always verbally verify, using a number you find independently. Not the number in the email. Not the number the email tells you to call. The number from the title company's website you Google yourself.

C. Use distinct workflows for different parties. Real estate closings, business transactions, and vendor payments each have characteristic patterns. Train staff and family to recognize when a request 'doesn't match' the normal pattern.

D. Build in delays for large wires. A 24-hour cooling-off policy on any wire above a threshold (e.g., $25K) saves more money than any other single rule.

E. Document and rehearse the verification protocol. Make it cultural, not optional. Verification should never feel awkward.

Family education

HNW fraud often comes through family members:

— Adult children clicking phishing links that compromise shared accounts.

— Spouses using the same passwords across personal and financial accounts.

— Household staff with credential or physical access being targeted.

— Aging parents whose compromise affects the client's accounts (joint, beneficiary, etc.).

Annual family cyber-hygiene briefing covers the same fundamentals — password manager, 2FA, dedicated financial email, wire verification. Position it as standard care for the family enterprise, not as a critique of any individual.

For clients with household staff, separate training and clear protocols matter. Document who has what access. Review annually.

Specific HNW patterns to flag

Red flags advisors should specifically watch for in HNW relationships:

— Sudden email from the client requesting an unusual wire, especially with new urgency or secrecy.

— Email signatures that look slightly different from the client's normal pattern.

— Communication from a slightly altered email address (e.g., john@smith-family.net vs the normal smithfamily.net).

— Requests to update wire instructions for in-progress transactions.

— Communication style or vocabulary that doesn't match the client's normal voice.

— Requests routed through a 'new assistant' the client hasn't introduced.

Verification protocol: any unusual wire request gets verified by phone using a known number. Build this into your standard procedure, not just exception handling.

Recovery posture

When fraud does occur:

— Speed matters. Wire fraud reported within hours has a non-trivial recovery rate via the FBI's Recovery Asset Team (ic3.gov, then call your local FBI field office).

— Document everything immediately. Preserve emails, logs, account access records.

— Forensic IT review of compromised accounts. Don't just change passwords — assume persistent compromise until proven otherwise.

— Coordinate with cyber insurance if applicable.

— Review and harden all related accounts (assume the compromised credential pattern extends elsewhere).

Built for advisors. Trusted by advisors.

Double Check is the client protection tool advisors deploy when prevention matters. Catch scams before the wire goes out. Family alerts built in. Per-advisor pricing scales with your book.

Advisor Login See the advisor platform Cost of one scam →