Security & Risks » E-mail and Internet Scams

The protection of one’s personal information is the type of thing that every online trader needs to be able to take for granted. At optionsXpress, we consider it to be among our most important responsibilities.

Although e-mail and Internet scams can be difficult to spot, they generally use fear tactics to get your attention then ask you to click a link and provide, update or confirm sensitive account or personal information.

Pump and Dump

“Pump and Dump” are e-mails which appear to have reached an individual by error due to a mistyped e-mail address and are intended to entice recipients to buy certain securities. Pump and dump scams involve the recommendation of a certain security through false and misleading statements. Pump and dump emails are issued to thousands of investors in an attempt to artificially inflate a stocks price so that the perpetrator of the scam may sell their stock at an inflated price and leave the victims with potentially worthless stock.

To learn more about Pump & Dump scams please refer to the FINRA press release and Investor Alert—“I hope this is your email” Scam Offers No Hope of Profits.


“Phishing” is a scam that tries to get people to provide certain confidential account information via fraudulent e-mails that look like they originated from a legitimate financial institution. The e-mails will often have links to a website that look like the financial institution, but aren’t. Follow the tips below to help keep your information safe.

Beware of e-mails that:

  • Urge you to act quickly because your account may be suspended or closed.
  • Don’t address you by name, but use a more generic title like “Dear valued customer.”
  • Ask for account numbers, passwords, or other personal information.

If you get an e-mail or pop-up message that asks you to provide, update or confirm your optionsXpress account or personal information, do not reply or enter any information, but call us at (888) 280-8020 or forward the e-mail to with your concern in order to verify its authenticity.

Even if you don’t intend to provide the requested information, don’t click on the link in the e-mail; simply clicking the link could trigger the installation of key logging software or viruses.


“Pharming” is redirecting Internet users to a fraudulent website, even when the correct address is entered. Pharming occurs through spyware, viruses, or sophisticated hacking tricks. These fraudulent sites often look real, but secretly collect account and personal information entered.

To help protect yourself from pharming, beware of any changes to our regular log-in screen. If you are asked for anything out of the ordinary, do not enter any information but contact us to verify its authenticity. Also, before typing in your username and password, be sure that the URL starts with “https” which indicates that the site is secure.

If you are suspicious about any e-mail or website claiming to be from optionsXpress, please notify us immediately at (888) 280-8020.

Help Protect Yourself

Do not reply to e-mail requests for financial information or click on a link within the e-mail message if you suspect the message might not be legitimate. Simply clicking the link could trigger the installation of key logging software or viruses.

Verify any suspicious e-mail or website with the company by calling a phone number you know to be legitimate, such as one that appears on your bill or monthly statement.

Avoid e-mails with obvious spelling errors. Purposeful use of spelling errors are often used to help avoid spam filters.

Never enter private information into a pop-up window.

Protect your computer with a personal firewall. Frequently update anti-virus and anti-spyware software. Anti-virus and anti-spyware software require frequent updates to keep pace with new risks.

Protect your password and change it regularly. Secure password changes may be made online at anytime from your account profile page while logged in, or from the login page if not logged in.

Never select the option to store passwords in your browser as malicious programs can seek them out.

Do not open an attachment unless you are expecting it. Watch for attachments that end with “.exe” or “.dll” as these often contain viruses.

Set alerts and check your account regularly as well as your mailed quarterly statements to verify all transactions. Notify us immediately of any erroneous or suspicious transactions.

IMPORTANT: Read FINRA’s alert Keeping Your Account Secure.