Spend spend spend

by Doug Brodie

 

/1. What WAS her name??

black and white picture of Viv Nicholson winning £152,319 in 1961

It was Viv Nicholson, that was Bruce Forsyth (!), she won £152,319 (circa £4.5m today) and the win was on 23rd September 1961. Not good at decisions, her Wiki entry provides an outline of her marriages:

After Keith (husband #1) died after crashing his Jaguar on 30 October 1965, Viv's fortune rapidly dwindled to nothing; banks and tax creditors deemed her bankrupt. In 1970, Nicholson relocated to Malta, but the following year, after she was arrested for assaulting a policeman, the Maltese authorities deported her, and she returned to Britain. She remarried, but her new husband Brian Wright was later also killed in a car crash. She entered a mental home to escape from her next husband Graham Ellison, who abused her during the four days in which they lived together; the marriage lasted 13 weeks. Her fifth and final husband, Gary Shaw, died of a drug overdose.


/2. The pension revolution you didn’t spot

CDC stands for Collective Defined Contribution.

Unlike a DC scheme, a CDC scheme provides a whole-life pension income to members.

The contributions employers and members pay are fixed and pooled into a collective fund. By pooling investment and life expectancy risk amongst the membership, a CDC pension is expected to generate higher returns than an individual DC scheme resulting in higher expected benefits.

Annual increases to benefits depend on the performance of the scheme. This removes the possibility of the employer having to plug a funding gap.

As I write, today is the first day of the very first CDC scheme, The Royal Mail Collective Plan. From a layperson’s viewpoint, it is much the same as a defined benefit scheme but without the income guarantee and without the income being linked to the final salary. It’s a good thing, this is how we as a nation can level the pensions playing field. Members still get a tax-free lump sum, income is payable for life but subject to iteration if conditions dictate, and the Royal Mail employees pay 6% with the employer at 13.6%. Unlike a traditional DC scheme though, the member’s estate doesn’t get the capital pot on death. In this way, there is a collective cross subsidy, which is actually how much of our mutual industry started. Scottish Widows was - as the name says – set up for the benefit of widowed Scots, and Clerical Medical for the benefit of the clergy and early medical staff.

Royal Mail’s scheme is the tip of the iceberg; the unions have agreed to its implementation and that is always a significant hurdle.

return to top


/3. End of Q3 – income stats for each trust in our research pool comparing figures for 2023 to 2024.

We track data throughout the year. The table below shows the dividend increases for thirty of our research pool, for the year to the end of quarter 3. We track this against RPI and against the five-year average – we use tables like this to identify anomalies which we then investigate. Data like this is an early warning system. It is unique to us, we collate and analyse the data in-house, this is part of what makes us unique and a safe pair of hands for pension income. We don’t give opinions, we use data.

table showing the dividend increases for thirty investment trusts from 2019 to 2024

/4. Can you spot a TOAD? (Apparently it’s a thing).

Our overall aim is to remove financial anxiety from your retirement, to help everyone ‘retire well’. Along with digital simplicity in delivering services we have unfortunately collected myriad ways of becoming targets for crooks – and that is exceptionally stressful.

This is a very useful article from our chums at Fidelity:

headshot of Katie Beecroft
 

Katie Beecroft
Risk and Security, Fidelity International

Most people have heard of the term phishing and have, at some point, been targeted by a phishing attempt in one form or another. But would you know what to do if a TOAD attacks? In this article, we’ll take you through this new threat, explain what it is, the types of scam in operation and show you how to protect both you and your firm.

Although the phrase "TOAD attack" may sound bizarre, it's actually an easy-to-remember descriptor for a dangerous new threat plaguing businesses.

TOAD stands for Telephone-Oriented Attack Delivery, a form of multi-layered attack that combines elements of fraudulent contact, like text or instant message (smishing), voice call (vishing), QR Codes (QRishing) or email (phishing).

It includes social engineering techniques designed to trick users into compromising technology or disclosing company, personal, or financial data for the purpose of financial gain or malicious activity.

The rise of the TOAD

Before attacking, scammers will collect a victim's credentials and contact details from a variety of sources, such as previous data breaches, social media profiles and information purchased on the dark web. The victim then receives a message impersonating a reputable company or trusted authority with a fictional request which invokes a sense of urgency. The scammer uses the information they've gathered to 'prove' they are who they claim to be.

infographic showing the anatomy of a TOAD (Telephone-Oriented Attack Delivery)

After trust is established, they're likely to call the victim to talk them through resolving the invented ‘situation’ or they may send a supplementary text or email. Either way, the goal is to encourage the victim to click on a malicious link which will install malware onto devices, download an attachment to enable them to bypass traditional cyber defences, such as MFA (Multi-Factor authentication) or trick the victim into completing actions which will compromise their data, money or identity.

Know your TOAD

According to the Proofpoint 2024 State of the Phish Report, 10 million TOAD attack messages are sent every month and last year 67% of businesses globally were affected with this type of attack. To help you spot and stop one, here are three common examples showing how the attacks can work:

Invoice: Subscription Scam

Detail: You receive an email stating your account has been debited for auto renewal of a subscription. It goes on to state that you have 24 hours to call the company to cancel the payment.

Result: You are directed to a fake support site to download a file to ‘scan your system’ when it’s really trawling your computer, collecting personal info and passwords.

Shopping: Purchase Scam

Detail: You receive an email confirming a purchase you have supposedly made and requesting you contact the company immediately if you in fact did not place the order in question.

Result: You confirm your account/personal details and are then directed to download remote access software which provides the scammer with access to your computer.

Financial: Bank Scam

Detail: You are contacted via text message and informed that a bank account has been opened in your name. You are then requested to call the financial institute to confirm.

Result: You call the scammer (or the scammer spoofs the real bank’s phone number and calls you) and are instructed to transfer money which is redirected to the fraudster’s account.

Three simple steps to protect your and your firm from TOAD attacks

  1. Be cautious: Due to their multi-channel approach and targeting of specific individuals, we must all be on high alert for TOAD attacks. Check any emails/messages/calls you receive carefully for signs of phishing.

  2. Question everything: Before you act, ask yourself a few simple questions about the email/message/call:

    a. Were you expecting it?

    b. Do you know the person contacting you? Be aware; contact details like sender’s names, phone numbers and email addresses can be faked

    c. What are you being asked to do? Is there a sense of urgency or an ‘act-now’ call to action

  3. Investigate: Check and verify before you action any requests. Be cautious about calling phone numbers provided; always go to a reputable site and use the direct phone number listed or look the phone number up independently.

return to top