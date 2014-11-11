Phishing for emails and financial account numbers is a dastardly game that’s often played through email.

But some Vanguard investors with accounts at Vanguard Brokerage have received letters (real, honest-to-goodness snail-mail letters delivered by the U.S. Postal Service) that look like they are from Vanguard Brokerage, notifying them that automatic email delivery of shareholder materials, like annual reports from outside funds, has been suspended.

The letters then offer up a couple of website URLs, instructing the recipient to visit the site to re-enroll. One is called myedocumentsuite.com, and the other I’ve seen is netxinvestor.com.



Click to Enlarge The letters look really real, but according to Vanguard, to whom I sent copies, the letters did not come from them. I’ve included a screenshot to the right, or you can click here for a PDF of several letters I’ve compiled. All of the names and other personal data have been whited out.

But let’s get back to the question I originally asked Vanguard: What about the sites that these fake letters are sending Vanguard investors to: netxinvestor.com and myedocumentsuite.com? Are they fake?

“The sites are not affiliated with Vanguard, so I cannot comment on their legitimacy,” Vanguard public relations representative Katie Henderson said via email. “We urge clients to contact Vanguard or send the physical copies of these suspicious letters to Vanguard so that we may investigate further.”

But when one of my readers wrote to Vanguard about the very same letters, he said Vanguard gave him the same kind of non-answer, refusing to take any action or say anything more than that the letters were, as he put it, “bogus.”

So if the letters didn’t come from Vanguard, and the websites aren’t affiliated with Vanguard, who sent the letters, and why?

After looking up the domain registration for the two websites referenced, myedocumentsuite.com and netxinvestor.com, it appears they may be related to Pershing LLC, which used to run Vanguard’s brokerage operations.

But Vanguard Brokerage switched to self-clearing in 2009. So if Vanguard and Pershing aren’t working together anymore, why would Pershing send a Vanguard Brokerage customer a letter like this? Could it be a computer error?

I’ve emailed Pershing to see what more I can learn, but so far have not received a response. For the time being, however, it looks like Vanguard investors are on their own. Vanguard isn’t saying anything that helps get to the bottom of this. So until the matter is cleared up, I would avoid visiting the websites mentioned in these letters and instead call Vanguard directly to handle any updates to your contact information.

Meanwhile, I’ll be keeping my eye on this issue, and I await Pershing’s response.

But if you receive one of these letters, please let me know.

UPDATE: Late Tuesday, after we posted this story, Vanguard finally did a little more digging or decided it was time to provide a bit more detail about the Vanguard Brokerage letters it said hadn’t come from Vanguard.

“I did a bit more digging into this issue and we have determined that letters were sent as a result of a legacy issue when Pershing served as clearing agent for Vanguard Brokerage,” Henderson said. “We are currently working on the modest number of shareholders who received the notification, but to be clear, this is not a phishing issue.”

OK, there you have it. It’s not a “phishing” issue. However, whether it indeed is a “modest” number of Vanguard shareholders who received these letters or not (it could be dozens, hundreds or hundreds of thousands), clearly Pershing, which no longer works with Vanguard as far as I know, still has plenty of data on Vanguard’s investors. And that means that while Vanguard may be safeguarding your name and address and account numbers adequately, other former vendors and service providers may not be as careful.

The world of Big Data is a dangerous one. Tread cautiously.

