One client’s story highlights the need to set ground rules for online activity—especially when the family is traveling

A client shared this story

While our family was vacationing in Europe, thieves targeted our family office. The CFO mistakenly authorized a $250,000 wire transfer to a fraudulent bank account. While I typically approve any money movement verbally, the fraudster (or fraudsters) knew enough about the details of our family trip (including flight times and itinerary) to impersonate me, and was able to convince the CFO to submit the wire transfer request.

We immediately called our client service team at J.P. Morgan when we discovered the fraud, and initiated an investigation. Our family felt violated by how much these criminals knew about our private travel plans. It soon became clear that the fraudster didn’t hack us, stalk us or read our mail, but simply figured out our travel plans via our son’s public social media profile. While waiting for our departure flight, our son posted a photo of the airport gate with the caption: “Headed to Paris with the family! See ya in two weeks!”

This incident led our family to institute a new family rule: None of us now posts vacation photos or information on social media until after a trip ends, nor do we “check in” to locations on social media during a trip. This event also forced us to take a closer look at our family office wire protocols, and we added an additional layer of approval as well as a phone confirmation requirement for large transactions.

Our cyber specialists offer these travel tips

“This story illustrates how a family’s wealth and security can be compromised by children, who may not realize the larger implications of their actions,” says Gary Sorrentino, Global Head of J.P. Morgan Asset & Wealth Management Client Cyber Awareness and Education. “In this case, the family responded by establishing better controls and social media ground rules for future protection.”

While traveling, adds Ileana van der Linde, the Global Program Lead for our Cyber Awareness and Education efforts, consider asking your children, all family members, friends and travel companions to: 

  • Keep private your current location and travel plans—A lawyer recently traveling with her husband and their friends was unpleasantly surprised to find out that their traveling companions were “tagging” them in public social media photos, thereby giving away the fact that they were not at home or in the office, leaving them vulnerable.  
  • Avoid using public wi-fi available at hotels, in airports and on airplanes—It is surprisingly easy for hackers to “spoof,” or imitate, such network names; so while you may think you are on a legitimate hotel Wi-Fi, you may actually log into a hacker’s Wi-Fi and expose your personal information.
  • Wait until after a trip to post any photos and descriptions of your travels—Even then, consider that less information shared online is probably wisest.    

For more on how to protect your children’s cyber safety and educate them about finances, ask your J.P. Morgan representatives for a copy of our guide, Teaching your children about wealth. And, if you are a frequently on the road, ask for a copy of our cyber tip sheet: Protect yourself while traveling.