Interactive Brokers “Missing Identity Information” Email Scam Exposed

Photo of author

Written by: Thomas Orsolya

Published on:

You open your inbox and see a message from Interactive Brokers: “Missing Identity Information.” It looks official, sounds urgent, and warns that your account access could be restricted. The link seems legitimate. But it’s a trap—one that’s catching thousands of investors off guard.

This article exposes the full details of the scam, how it tricks even cautious users, and what you must do immediately if you’ve been targeted.

scam 1 2

Scam Overview

The “Missing Identity Information” scam is a phishing attack designed to impersonate Interactive Brokers, a reputable trading platform used by millions worldwide. The email attempts to scare users into clicking a malicious link by warning that their identity documents are incomplete and that their account access could be restricted unless they act immediately.

What the Scam Email Looks Like

The scam email typically arrives with the subject line:

“Missing Identity Information”

It’s sent from an email address like:

Interactive Brokers <banking@hwcegob.com>

This is not a legitimate Interactive Brokers domain, but it can appear credible at first glance—especially since scammers often spoof or cloak sender identities.

Email Body Content

The message reads as follows:

Interactive Brokers
Missing Identity Information

Dear Valued Client,

As part of our ongoing efforts to maintain the highest security and regulatory standards, we noticed that your identity verification documents are incomplete.

To avoid any potential interruption in service, we kindly request that you update the necessary information by accessing the link below.

hxxps://interacctivvbreokers-en.it.com?token=xxxxxxx

We appreciate your prompt attention to this important matter.

Interactive Brokers

At the bottom, there’s a disclaimer to mimic authenticity, referencing NYSE, FINRA, and SIPC membership and using terms like “for informational purposes only.”

Why This Works

The email uses urgency and fear—two common psychological triggers in phishing scams. The idea of losing access to a brokerage account is enough to push many users into clicking quickly without verifying the source.

Additionally, the attackers use “homoglyph domains”—web addresses with slight spelling variations (like extra letters or different suffixes such as .it.com instead of .com). These domains are designed to visually resemble real Interactive Brokers links but actually lead to malicious servers.

The Fake Login Page

If a victim clicks the link, they are redirected to a fake login page at a domain like:

interacctivvbreokers.it.com/login

This phishing site looks almost identical to the real Interactive Brokers login page. It includes:

  • Username and Password fields
  • Branding and logos
  • Footer links that mimic real ones (IBKR Desktop, TWS, IBKR Mobile, etc.)
  • A “Live/Paper” toggle switch

But once credentials are entered here, the data goes straight to the scammers.

What Happens Next

Once the attackers receive a user’s login information, they may:

  • Attempt to access the user’s Interactive Brokers account
  • Use the credentials on other financial sites (if reused)
  • Deploy automated tools to steal linked personal data
  • Attempt wire transfers or unauthorized trades
  • Sell the credentials on the dark web

In more advanced scams, users may be prompted to upload ID documents, provide two-factor codes, or disclose banking information—leading to full-blown identity theft.

How the Scam Works

Understanding the tactics behind this scam is crucial for prevention. The attackers use a multi-stage social engineering process that capitalizes on urgency, realism, and human psychology. Here’s how the scam typically unfolds, step by step:

Step 1: Target Identification and Email Harvesting

Scammers begin by compiling lists of potential victims—often Interactive Brokers customers. These lists may be obtained from:

  • Data breaches
  • Leaked email databases
  • Purchased mailing lists from shady online forums
  • Guessing or targeting business domains

Once they have the emails, they launch a mass phishing campaign targeting tens of thousands of inboxes at once.

Step 2: Sending the Phishing Email

The crafted message mimics official Interactive Brokers correspondence. Hallmarks include:

  • Use of professional formatting and corporate branding
  • A vague subject line like “Missing Identity Information”
  • A tone of urgency and authority
  • A call-to-action with a malicious link

Because scammers often use compromised or lookalike domains (hwcegob.com, it.com, etc.), these emails might evade spam filters.

Step 3: Clickbait Link Redirection

The link within the email doesn’t direct users to interactivebrokers.com—instead, it points to a typosquatted URL like:

https://interacctivvbreokers-en.it.com?token=123456

This domain looks close enough to be trusted by a quick glance, but it’s entirely controlled by the scammer. Some of these phishing links even use SSL certificates (HTTPS), adding a false sense of security.

Step 4: Fake Login Page

Clicking the link takes users to a counterfeit login portal designed to replicate the real Interactive Brokers sign-in page. It typically includes:

  • Login input fields
  • A toggle for “Live” vs. “Paper” accounts
  • Branding elements like logos and links

The page is coded to capture everything typed into the fields.

Step 5: Credential Harvesting and Redirection

Once the victim enters their username and password, the credentials are immediately logged on the scammer’s server. Some phishing kits may also:

  • Redirect the user to the actual IBKR site post-login (to reduce suspicion)
  • Prompt for more info (2FA codes, security questions, ID documents)
  • Save IP address, device info, and browser fingerprint

Step 6: Exploitation of Stolen Data

After harvesting the login credentials, scammers may:

  • Log in to the user’s real account
  • Change contact or security settings
  • Initiate withdrawals or trades
  • Attempt bank transfers if linked accounts are accessible
  • Use credentials on other services (credential stuffing)

In some cases, stolen credentials are sold in underground forums or bundled into broader identity theft campaigns.

Step 7: Covering Their Tracks

Sophisticated attackers may erase login traces or trigger auto-forwarding of emails to monitor future activity. They could also disable 2FA or change email addresses linked to the account, locking victims out entirely.

What to Do If You’ve Fallen Victim to the Scam

If you clicked on the link and entered any information—even just a username—take immediate action. Follow these steps:

1. Disconnect and Exit the Website Immediately

Close the phishing site and avoid clicking any more links. Do not enter additional information.

2. Change Your Interactive Brokers Password

Visit the official Interactive Brokers site directly at https://www.interactivebrokers.com and change your password immediately.

3. Enable or Reset Two-Factor Authentication (2FA)

If you haven’t already, enable 2FA. If it was already active and compromised, reset or reconfigure it to secure your account.

4. Check Account Activity

Log into your real account and review recent activity. Look for:

  • Unfamiliar trades
  • Unauthorized logins
  • Changes in account settings
  • Suspicious emails or messages

5. Contact Interactive Brokers Support

Immediately notify IBKR’s support team and report the phishing attempt. Provide them with the details and URL. Use their official contact page:
https://www.interactivebrokers.com/en/index.php?f=1560

6. Report the Phishing Site

You can report the malicious domain to:

7. Run a Malware Scan

Phishing sites may also drop malware. Run a full antivirus/malware scan using trusted tools like Malwarebytes or Windows Defender.

8. Change Passwords on Other Sites

If you reused your Interactive Brokers password on other accounts, change those passwords too. Credential stuffing is a common follow-up attack.

9. Monitor Your Credit

Consider using a credit monitoring service and place a fraud alert or credit freeze with:

  • Equifax
  • Experian
  • TransUnion

10. File a Complaint

Report the scam to your country’s cybercrime unit. In the U.S., file a report at:
https://reportfraud.ftc.gov/

The Bottom Line

The “Interactive Brokers Missing Identity Information” email scam is a textbook example of modern phishing—sophisticated, deceptive, and dangerous. By mimicking official communications from a reputable trading platform, scammers are successfully luring victims into giving up sensitive login credentials and exposing themselves to financial loss and identity theft.

The deceptive emails look real. The fake websites feel authentic. And the urgency of the message pressures users to act without thinking. But by slowing down, verifying the sender, checking links carefully, and using basic cybersecurity practices, you can avoid becoming the next victim.

To protect yourself:

  • Never click on links in unsolicited emails, even if they appear legitimate.
  • Always verify domain names before entering sensitive information.
  • Use strong, unique passwords and enable two-factor authentication.
  • Stay informed by reading trusted security resources like this one.

If you believe you’ve been targeted or compromised, act immediately. Contact Interactive Brokers, change your credentials, and report the incident to authorities. Early detection and quick response can prevent long-term damage.

Remember: real financial institutions will never pressure you to act urgently through email alone. When in doubt, go directly to the company’s website—don’t trust the link. Staying alert and informed is your best defense against these increasingly convincing scams.

Frequently Asked Questions (FAQ)

What is the Interactive Brokers Missing Identity Information email scam?

It is a phishing attack where scammers impersonate Interactive Brokers and send fake emails claiming that your identity documents are incomplete. The email contains a malicious link to a fake login page designed to steal your credentials.

How can I tell if the email is fake?

Look for subtle red flags such as: – Sender email address that doesn’t match official IBKR domains – Typos or unusual formatting – Urgent language demanding immediate action – Suspicious links (e.g., interacctivvbreokers-en.it.com)

What happens if I click the link in the scam email?

You will be redirected to a counterfeit website that closely mimics Interactive Brokers’ official login page. If you enter your credentials, they will be harvested by the scammers for unauthorized use.

Will Interactive Brokers ever ask for identity verification by email?

Interactive Brokers may contact users about account issues, but they will never request sensitive information or verification documents through a generic email with embedded links. Always access your account directly by visiting the official website.

Is this scam targeting only Interactive Brokers users?

Primarily, yes. However, similar tactics have been used to impersonate other financial institutions. The scammers may adjust their approach to target users of various trading platforms.

Can scammers access my account if I have two-factor authentication (2FA) enabled?

2FA provides an added layer of security, but if scammers convince you to enter a 2FA code on their phishing page, they can bypass it in real-time. Never enter 2FA codes on suspicious or unfamiliar websites.

What should I do if I fell for the scam?

Immediately change your Interactive Brokers password, enable or reset 2FA, scan your device for malware, contact IBKR support, and report the phishing site. Monitor your account for unauthorized activity and consider notifying a credit monitoring service.

How do I report the scam?

You can report the phishing email and website to: – Interactive Brokers support – Google Safe Browsing – Microsoft’s unsafe site reporting – Your local cybercrime agency

How can I protect myself from future phishing scams?

– Never click on links in unsolicited emails – Always verify the sender and domain – Bookmark the official IBKR website and access it directly – Use strong, unique passwords and 2FA – Stay informed through trusted cybersecurity news and alerts

Are there other similar scams I should watch for?

Yes. Scammers often recycle tactics and adjust them slightly. Watch for similar phishing attempts impersonating banks, payment platforms (like PayPal or Stripe), and other trading platforms. Always be cautious with any email requesting personal or account information.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.

Leave a Comment

Previous

Lmipk SMGT-GLP-1 Nano Microneedle Patch Scam Exposed

Next

The Retina Clear “Eye Flow Hack” Scam: How the Ads Trick You Into Buying