Global Market Comments
August 9, 2022
Fiat Lux
Featured Trade:
(THE CROOKS ARE GETTING SMARTER)
(ROM), (THO)
Global Market Comments
August 9, 2022
Fiat Lux
Featured Trade:
(THE CROOKS ARE GETTING SMARTER)
(ROM), (THO)
I sent out a trade alert for my Concierge members to buy LEAPS in the ProShares Ultra Technology Fund (ROM) a year ago to catch the yearend rally. Everyone got a great execution except those with a Tastyworks account, which unfortunately got hit with a hack attack that day.
I am passing on their detailed response which could have hit anyone. Unfortunately, the crooks are getting smarter.
“We have had to set a number of symbols to closing trades only due to fraudulent activity that has been taking place in those symbols. The simple answer on why we had to take about 1,500 symbols down only is that the criminals have dialed up their game to a new level.
Let me explain. Back in the day, a criminal would try to gain access to an account by brute force attack, key stroke logging, or buying credentials from other bad actors. They would then go into the account (never accessed by violating our security), liquidate the holdings, and then make losing trades in the compromised account with the winning side being their account at another firm.
It only happened a few times and if I remember correctly, the compromised account contacted us to ask why their account was being liquidated and we were able to stop the action.
Fast forward to today.
They have moved to a new level and that is identity theft. I have talked to friends at other firms, and they have all confirmed that they have seen the same action. They own someone as they have access to their SSN as well as most of the other information needed to open an account (they pass our security checks).
They also have bank information for the person whose identity they have stolen so they ACH money into tastyworks, wait for the funds to settle, and then gut the account within minutes. Look at how wide these markets are in (THO) for example:
The fraudsters would enter an order in their real account to pay $0.10 for the $110 puts and then put a sell order in the bogus account. Then within seconds, they put a sell order at $3.60 in their account, and in the bogus account they buy back at $3.60.
You can see that they have just cleaned $3,500 per 10 lot in seconds. If they do 100 contracts, that is $35,000, and so on. The problem does not end there.
The exchanges hide behind some horrible rules that say we have 30 min to file an obvious error objection and 60 min for catastrophic error. Clearly, it is basically impossible for us to hit either one of those targets. So, they throw their hands up and say not our issue and when the person who is the subject of the identity theft realizes that they have been attacked, they go to the bank and sign paperwork that allows the bank to pull the fund back with no questions asked.
We are left holding the bag and I could not allow that to continue. So, while we are doing a lot of things on the backend to limit someone’s ability to open a fraudulent account, we have to leave these symbols as closing only and ask you to call our desk 888-247-1963 to place a trade.
Please let us know if you have any further questions or concerns. We can be reached at 1-888-247-1963 or online via chat from 7am-5pm CT Monday-Thursday and 7am-4pm CT on Friday. We appreciate your business and happy trading!”
Regards,
Tastyworks
I am noticing an increasing pattern across many accounts. That’s to the rise of Bitcoin, there has been a huge increase in identity theft through phishing attacks. By simply getting access to your email account, they can obtain all the information they need to open a brokerage account in your name and commit the kind of fraud described above.
I’ll show you an example. I get hit with phishing attacks every day now. Today’s looked like this.
Looks pretty convincing, doesn’t it? Your natural instinct is to log in and see what’s going on, isn’t it? If you do, you just gave hackers your PayPal login ID and password. They can now go into your “my account” section and get all of your personal financial information.
One quick way to see if this request is legit is to hover your cursor over the sender’s address. This is what I found with this email:
Notice that the PayPal name shows up nowhere in this address. In fact, I had the FBI trace this address to a server in Russia where most of these attacks originate (it helps if you know the head of the FBI).
Here’s a better solution. Never respond to any email from a financial institution. If your bank is trying to contact you about an important issue, they will do so through their own internal email system. You can only see this message by first logging into your own personal account.
Here’s another tip.
Never access financial accounts through a free hotel WIFI. They don’t offer security anymore because they kept getting sued by guests who were hacked. If it is an emergency, then access your account only through your cell phone, but only through the cell phone network and not through the hotel WIFI. This provides an extra layer of security….for now.
I hope this helps.
John Thomas
CEO & Publisher
The Diary of a Mad Hedge Fund Trader
Global Market Comments
November 2, 2021
Fiat Lux
Featured Trade:
(THE CROOKS ARE GETTING SMARTER)
(ROM), (THO)
Legal Disclaimer
There is a very high degree of risk involved in trading. Past results are not indicative of future returns. MadHedgeFundTrader.com and all individuals affiliated with this site assume no responsibilities for your trading and investment results. The indicators, strategies, columns, articles and all other features are for educational purposes only and should not be construed as investment advice. Information for futures trading observations are obtained from sources believed to be reliable, but we do not warrant its completeness or accuracy, or warrant any results from the use of the information. Your use of the trading observations is entirely at your own risk and it is your sole responsibility to evaluate the accuracy, completeness and usefulness of the information. You must assess the risk of any trade with your broker and make your own independent decisions regarding any securities mentioned herein. Affiliates of MadHedgeFundTrader.com may have a position or effect transactions in the securities described herein (or options thereon) and/or otherwise employ trading strategies that may be consistent or inconsistent with the provided strategies.
This site uses cookies. By continuing to browse the site, you are agreeing to our use of cookies.
OKLearn moreWe may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.
Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.
These cookies are strictly necessary to provide you with services available through our website and to use some of its features.
Because these cookies are strictly necessary to deliver the website, refuseing them will have impact how our site functions. You always can block or delete cookies by changing your browser settings and force blocking all cookies on this website. But this will always prompt you to accept/refuse cookies when revisiting our site.
We fully respect if you want to refuse cookies but to avoid asking you again and again kindly allow us to store a cookie for that. You are free to opt out any time or opt in for other cookies to get a better experience. If you refuse cookies we will remove all set cookies in our domain.
We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.
These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.
If you do not want that we track your visist to our site you can disable tracking in your browser here:
We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.
Google Webfont Settings:
Google Map Settings:
Vimeo and Youtube video embeds: