For High-wealth Families, Social Broadcasting creates significant leakage
By Kevin Heaton, Founder, i3, LLC, Family CFO & Private Asset Management
As detailed in a recent Forbes article, “Cybercrime statistics indicate that family offices are becoming more frequent victims of targeted data breaches. Twenty-eight percent of international families, family offices and family businesses have already been victims of cyber-attacks, according to a new study from Campden Wealth and Schillings, and this trend is expected to escalate going forward, unless family offices draw up the necessary cybersecurity policies and governance structures and address under-investment in the required information technology systems.”
Recently in conversation with a colleague, we were discussing the types of security risks the aforementioned Forbes article highlights — both physical and cyber —that are most threatening to families of high-wealth. My colleague mentioned an incident that happened a few years back involving Alexa Dell, the daughter of Michael Dell of Dell computers. The now 25-year-old billionaire heiress to the Dell fortune left social media after exposing her family to security risks by posting their activities on Instagram. She has since returned, but at the time, she shared a specific image of her brother posted aboard the family’s private jet. The image — including its geo-data — was re-shared by a then popular Tumblr page called Rich Kids of Instagram (RKOI).
Rich Kids of Instagram documented the adventures of the world’s wealthiest offspring and circulated the image. Within a week of the posting, Dell and her brother, Zachary, disappeared from social media.
Bloomberg BusinessWeek broke the story that Dell had been documenting her every move on social media, complete with GPS locations from her phone. According to BusinessWeek, Dell’s father’s security detail had her Twitter and Instagram accounts suspended. The article cited concerns over the family’s safety, singling out fears of kidnapping for ransom.
This happened a few years ago and illustrates a known risk. What we need to look at now are the risks facing high-wealth families in the current “privacy-vulnerable” environment. Even today, the same RKOI hashtag (now standing for Rick Kids of the Internet) is used to document a trend that started in Russia, spread to China, and is now copied worldwide: the “falling stars” challenge shows high-wealth young people posing face-down and surrounded by luxury goods. As the fad’s popularity grew, social media users began calling it the “flaunt your wealth challenge.” The images have a decidedly disturbing POV.
Smarter Cyber
Cybercriminals are developing their own apps to increase their anonymity, avoid detection and otherwise keep anti-fraud forces from tracking them down and exposing what they’re doing.
RSA, the U.S. information security company (which is coincidentally, a part of the Dell family) recently released their annual “Current State of Cybercrime Report” for 2019. The report summarizes:
“As organizations become increasingly digital, the challenge of finding and fighting cybercrime becomes tougher. In a relatively short time, we’ve gone from individuals presenting themselves in person when making purchases to not being present at all, across a multitude of transaction channels—even to the point of being represented by devices in the age of IoT. Cybercriminals are exploiting this trend, both by taking advantage of the increasing difficulty of authenticating identities and by taking advantage of digital technologies themselves. As the digital transformation of both business and cybercrime continues, organizations must be increasingly vigilant, and increasingly well-equipped technologically, to protect themselves from sophisticated attacks. In this way, digital transformation becomes both a critical contributing factor in the problem of growing cyber risks today—and a critical resource for solving it.”
High-wealth families must view themselves as organizations, as they are equally if not more vulnerable to criminal threat via technology. They must employ the same safeguards and multiple levels of security as do best-of-class organizations.
Leakage
Much like the story of Alexa Dell, broadcasting a constant stream of information publicly allows sophisticated criminals to approach targets with what seems to be familial information. For example, a criminal may study the parent, sibling, or advisor accounts of a target in order to approach a target with a purported connection; “Didn’t we meet at [insert close contact name] charity dinner? Wasn’t that a great evening? Your mother’s speech was great!” and suddenly, the bad actor may have made a connection into a high-wealth individual’s life.
The grift has been around for ages, but never before have we handed the grifter such a full dossier of research information. Pet names, personal shopping preferences, types of vehicles (with license plates visible), and other leaked, personal information make for convenient targets.
Even if people do not reveal their personal information online, others may do so without knowing. The problem of involuntary information leakage via social accounts is very real, and may happen inadvertently by friends, relatives, employees and co-workers through content messages and images.
Ransomware
The use of ransomware — a software program which blocks access to systems or data until a ransom is paid — also poses a threat to high-wealth families. An estimated 4,000 ransomware attacks occur each day, and while businesses are often the target, individuals and family offices aren’t immune.
In May of 2019, the City of Baltimore was hit with a ransomware attack, halting some city services. The hackers demanded $76,000 in bitcoin to unlock the computers, which Mayor Bernard C. “Jack” Young refused to pay. The cost of the ransomware attack was estimated around $18.2 million in lost or delayed revenue and direct costs to restore city systems.
However, due to increased due diligence on the corporate side of risk management, attackers find it increasingly challenging to breach corporate and business accounts. As such, criminals are shifting focus to attack high-wealth families, their estates and businesses.
FOMO
You may have seen recent documentaries regarding a 2017 festival fraud. The Fyre Festival was billed as “luxury music festival” founded by Billy McFarland, CEO of Fyre Media Inc, and rapper Ja Rule. A high-wealth youth demographic was targeted using high-profile Instagram and other social media site influencers. Through a sophisticated marketing campaign, “secret” luxury accommodation packages were sold for tens of thousands of dollars each.
Upon arrival at the venue, attendees – transported from the airport by un-air conditioned school buses – found little more than rain-soaked mattresses and FEMA tents with no potable drinking water; thousands of gallons of drinking water went unclaimed at the airport due to the promoter’s inability to pay the import taxes due.
Fyre Fraud, an American documentary film directed by Jenner Furst and Julia Willoughby Nason, premiered on January 14, 2019, on Hulu. Fyre Fraud is described as a “true-crime comedy bolstered by a cast of whistleblowers, victims, and insiders going beyond the spectacle to uncover the power of FOMO and an ecosystem of enablers, driven by profit and a lack of accountability in the digital age.” On January 18, 2019, Netflix released the film Fyre. Both films should be required educational material.
Lack of a Centralized Office
What if a hacker could gain access to a member email account of your high-wealth family and send fraudulent invoices to an accountant or bookkeeper for almost a million dollars because the email password was the family dog’s name – a dog featured heavily on social media accounts? How much do you know about wireless spoofing? What other vulnerabilities exist that you don’t know you don’t know about?
One of the key advantages of a centralized family office lies in the ability to create and secure a confidential communication vehicle – in both the “real” world and digitally – for family members to discuss and gain a more comprehensive understanding of their individual and collective financial goals and position. Next, the Family CFO helps craft and gain consensus for family-wide financial policies and procedures, much like a corporate CFO. These policies must include cyber security and like-digital protection. These may include:
- Defined policies and procedures. Specific policies and procedures for classifying sensitive data that follow national law enforcement agency and best of class guidance.
- Training to assure the risk and solutions are understood. Just as in a corporate environment, members of a high-profile family must be educated on existing and evolving risks and must understand how to report a breach or suspected issue and to whom.
- Cyber insurance provisions. Policies with fraud protection in the event of a social attack are exceptionally important, however not all cyber insurance policies explicitly cover social or other digital attacks. A Family Office/ CFO adds structure, research, implementation and training to this and other areas.
Lack of Financial Education
A key role for the family CFO is to provide on-going financial education of family members, especially the next generation.
At the core of our philosophy at i3 and based on more than twenty years of experience, we believe that those families that approach wealth as a gift from one generation to the next are better positioned for the continued growth of wealth and achievement of investment goals than those that view generational wealth as an entitlement.
Families that value the generational gift of wealth define core values and document these in a Family Constitution. This Constitution becomes the cornerstone of the generational asset management strategy and articulates the investment policy of the family. It also becomes the beginning of the family wealth playbook from which to train. The i3 mission is to work in concert with the family to create the framework for this Constitution and provide the training platform to support the management of future wealth within it.
For i3, and for our families, the education of subsequent generations to maturely and responsibly continue to implement and manage sound investment policies is the foundation of asset management. We provide a framework for maximizing cash flow from existing assets with a strategic blueprint for how to manage the assets into the future. Our process includes a Family Constitution, a Family Investment Philosophy and an Investment Policy. Within these policies, families may consider the addition of cyber security and social engagement policies.
Laptops, smartphones, tablets, routers and connected devices ranging from printers to refrigerators to cars can provide access points for cybercriminals. Learn the risks and manage continuity through awareness, education and training. To learn how we can help, visit us at i3resources.com and ask us how.
About Kevin Heaton
Kevin Heaton is a CFO who understands the cycles of wealth, the dynamics of family change and resultant behaviors. His expertise is in developing and implementing focused tactics to protect and manage private assets through the objective application of information tools, infrastructure support and investment strategies.
Mr. Heaton is the founder and principal of i3, LLC, a Family Office Private Asset Management firm, and has grown the organization into a team of professionals who provide clients with access to relevant information to make informed decisions, the infrastructure (team and tools), to actively manage their assets and investment opportunities (directly or through managed funds) to (re)invest their capital.
As an accomplished speaker and presenter, Kevin’s talks give in-depth analyses of his own experiences in family office asset management and makes even the most complex asset strategies clear with concrete action plans.
About i3
i3 is a Boutique Private Asset Management Family Office with a passion for helping families manage the complexities of family wealth and behavioral dynamics.
i3 Private Asset Management’s value proposition is in our breadth of market knowledge, transaction and due diligence experience. We combine this experience with senior-level, on-going management and comprehensive reporting necessary to insure our clients have the information to make informed decisions about their private assets.
We offer a proprietary, open-architecture platform that allows high-wealth families, closely-held companies and private institutions to access relevant information allowing key decision-makers to make informed decisions, the infrastructure to acquire and manage assets, preserve and grow a portfolio of private holdings (e.g. partnership interest, operating companies, direct investments and real estate), and investment options that allow the preservation and continued reinvestment of capital.
i3 does not replace current professional service advisors; rather, we augment and enhance existing services and relationships.
Most important, i3 brings a unique passion, perspective and real-world, family dynamics management skill-set to every engagement.
To learn more, visit us on the web at i3resources.com.