Back to Blog

Bonus - How to protect your investors' sensitive data from hackers

Part 4 in a 3 part series
Josiah Mann


I almost forgot to write this one but this is probably the most important lesson! One of our early clients lost $200,000 in his first syndication to wire fraud.

Yes, you read that right - 200k on his first deal.

Another syndicator lost 50k to the same hack.

Here's the thing - emails can be spoofed. And bad actors get better at it day after day.

You've probably seen emails coming from Microsoft or Apple (I see them from "Apple" a lot) and they look exactly like the real thing. The only way I can tell myself sometimes is by checking the domain of the from address...

That's exactly what happened to one of our clients. Someone sent his investor an email with wiring instructions to fund his investment. The money ended up halfway around the world and it never came back.

If you're going to include wiring instructions, here are two ways to do so more securely.

  1. Include the instructions directly in the subscription agreement.
  2. To be honest, a lot of investors will miss this and you'll have to remind them after signing "It's on page 94 of the subscription agreement", but that's a lot better than losing $50k+.
  3. Provide wiring instructions over the phone.

When we were building Investor Deal Room we wanted to help prevent this problem altogether.

That's why as soon as an investor completes his subscription agreements inside the secure portal he is immediately given access the wiring instructions. This also had the added benefit of reducing investor questions during the capital raise and making the investor feel like everything was in order.

Share on social media: 

More from the Blog

How to protect your investors' sensitive data from hackers

Part 3 of a 3 part series

Asking small investment companies to not share investor data over email is tough - but when it comes to documents it’s a good practice to use a service specifically for sharing them securely - think Google Drive, Dropbox, etc...

Read Story

How to protect your investors' sensitive data from hackers

Part 2 of a 3 part series

Two factor authentication can seem like a hassle, especially when you have to log into a website over and over and it requires two factor authentication every single time you login.But the reason two factor authentication is becoming so popular is because it works.

Read Story

How to protect your investors' sensitive data from hackers

Part 1 of a 3 part series

Most small investment firms often don’t have an IT department at all, it’s no surprise that they don’t have great IT policies in place. As a result, email inboxes for these smaller companies are often packed to the brim with sensitive investor data - everything from banking information, to social security and EIN numbers, to entire investor profiles in the form of subscription agreements.After the most recent wave of leaked passwords, private equity and real estate investment companies would be wise to take a quick inventory to determine if their approach to storing and sharing investor’s sensitive personal information puts them at risk of being compromised in a data breach.

Read Story

Get more content like this

Receive helpful tips, tricks, training, and best practices from across the private equity real estate and syndication world.
We will never share your email address with third parties.