Open an Account | | Help
  • Home
    • Accounts
    • Trade
    • Research
    • Education
    • Banking

    Email Communication Security

    We take the threat of Internet fraud seriously and remain concerned with helping you protect your personal information. One of the most prevalent forms of Internet fraud is a process known as “phishing”, where deceptive emails and web pages are used to collect personal information.

    Phishing attempts commonly originate through an unsolicited email that appears to be from a company that the recipient trusts and one that has their personal information. These emails may ask you to help the impersonated business by verifying your personal and/or account login information and then provide a seemingly legitimate link to the business. These links may send you to a falsified web site that has been created to mirror the impersonated business, but with the sole purpose of capturing your personal information.

    If you are concerned that an email you have received from ShareBuilder may actually be a fraudulent phishing email, compare the email’s contents against the following checklist:

    ShareBuilder email communications to customers will always* include the following items:

    • Your first name
    • The ShareBuilder logo
    • Your account type and number (partially masked)
    • Instructions to view an alternate copy of the email on Web pages hosted by ShareBuilder
    • A link to contact Customer Service via a form on our secure Web site
    • Links to the ShareBuilder Privacy Policy and Email Communication Security statement (this page)

    • ShareBuilder’s street address

    ShareBuilder will never:

    • Request that you send us your Username or personal information (SSN, credit card, etc.) in an email.
    • Send email attachments, except upon your direct request to a specific ShareBuilder staff member
    • Request or provide account passwords, either via email or phone
    • Send “identity verification” email requests – such requests will only be made through the ShareBuilder Web site

    Although it would be very difficult for an identity thief to get all the items that we include in ShareBuilder emails, it is possible that a phishing email may include some of the more public elements (like our logo). The inclusion of some (or all) of the elements listed above does not guarantee that an email is legitimate. If you are still concerned about an email you have received – especially if it is asking for information that we have stated that we will never ask for - please do not comply with the email’s request. Instead, forward the suspect email to spoof@sharebuilder.com or to review the email and verify its authenticity.

    If you are concerned that the ShareBuilder web page you are visiting is a phishing page that is not hosted by ShareBuilder, navigate to the Login to ShareBuilder page and look in the lower-right corner of your browser window (if using Internet Explorer or Netscape) for a closed padlock icon. Double-clicking this icon will prompt your browser to open an informational window that will display information about the security certificate for this page. Our certificate is issued by Verisign, and if the page is authentic, you will be able to confirm that the "Issued To" (or "Common Name" for Netscape) URL reads “www.sharebuilder.com”.

    Please note: It is your responsibility to keep your password secure. As noted above, ShareBuilder will never ask you for your password. If you distribute your password to third-parties, you assume responsibility for their actions. We recommend that you never share your password and that it be changed frequently via the ShareBuilder web site.

    * The following email types are excepted from some or all of these requirements: email communications with our Customer Service team in response to a inquiry you sent/submitted, emails notifying you of and/or requesting a response to corporate actions and/or proxy votes.

    Account security

    In addition to phishing, a commonly used technique to illicitly gather information is the use of "spyware" software on your personal computer. Spyware can take many forms, from cookies that track web behavior for marketing purposes to programs known as "Trojan Horses" that can capture personal information entered or stored on the system, or even capture keystrokes as you login to a website. Trojan Horses are often distributed as part of a viral email attachment, but can also be unknowingly downloaded onto your computer while browsing on the internet.

    ShareBuilder recommends that you maintain up-to-date system software, current anti-virus and anti-spyware software, an internet firewall solution, and we suggest you become familiar with your browser and computer's security settings. There are now many software solutions available to combat programs whose purpose, legitimate or not, is to capture information from your computer. Anti-spyware software can often identify and remove these malicious programs. In some cases, one anti-spyware program will not be enough to fully protect your system and you may want to install multiple programs for more complete coverage.

    For your convenience, ShareBuilder has compiled a list of some suggested security upgrades and anti-spyware solutions available for download or purchase. Please note that this is not a comprehensive list of all the anti-spyware solutions available to you and these links are not intended as endorsements. ShareBuilder has no relationship with any of these software manufacturers.

    Guard your identity

    The following links provide some introductory information about phishing and other online identity theft scams: