An advisory practice was the target of an attack, whereby themalware allowed the fraudster to gain access to an adviser’s logindetails for all systems he had used recently. The fraudster now hadaccess to every website or account that required a login. Thisincluded personal banking, platform desktop software, Xplansoftware and Facebook. The next time the adviser tried to log in tohis platform desktop software, he was locked out. He rang ouraccount executive team to report his access was locked. He couldn’tlogin, even though he was using his correct user name and password.The platform reset his password. The next day when the advisertried again to login, he was locked out of the system again. Itbecame obvious that the adviser’s user ID had been compromised. Atthis point, the user ID was deleted.
1. Identify the malware attack experienced in the abovescenario
2. What recommendations would you provide for preventing suchtype of attacks? The recommendations should be discussedindividually for the scenario and should not be a general list ofrecommendations?
