A Cambridge man says scammers posing as Fidelity employees drained $99,500 from his investment accounts, leaving him about $23,000 out of pocket even after the firm clawed back part of the money. The victim, 79-year-old Allen Merry, told reporters the callers talked him into downloading remote-access software and entering a one-time security code while they stayed on the line.
How the scam unfolded
According to NBC Boston, Merry said the caller claimed to be from Fidelity's fraud detection team and said they had spotted suspicious transfers to a bank in Florida. The supposed fraud rep told him to install remote-control software and then type in a one-time password that arrived by text. Once he did that, the scammers moved money out of his trust account. NBC Boston reports that Fidelity later recovered more than $70,000 after a fraud claim, but the company told Merry it would not reimburse roughly $23,000 because he had allowed access and supplied the security code.
Why Fidelity wouldn't reimburse
Fidelity's Customer Protection Guarantee says losses that occur after a customer shares account access or credentials may not be covered. Per Fidelity, if a customer grants access to a third party, "their activity will be considered authorized by you," language the firm uses to explain when its protections do not apply. Fidelity told Merry that because he had permitted remote access and entered the one-time code, the remaining loss fell outside the guarantee.
What regulators say
Consumer officials and security experts say Merry's ordeal is a textbook example of how vishing and remote-access scams work: attackers impersonate trusted institutions, apply pressure, then convince victims to hand over codes or control of their devices. The Federal Trade Commission advises never to share a one-time password or grant remote control of a device unless you were the one who initiated the contact using a verified phone number or the company's official app, according to FTC. Those basic steps are often the difference between an attempted fraud and a catastrophic loss for older account holders.
Why this matters
Fraud like this is part of a rising national trend. The FBI's Internet Crime Complaint Center has documented record losses in recent years and flagged investment and impersonation scams as especially damaging to older victims, according to FBI. The agency's reporting shows billions in losses tied to elder fraud and finds that schemes using tech support or impersonation are common starting points for large transfers. For local seniors and investors, the risk is substantial because investment fraud tends to generate larger median losses than many other types of scams.
What to do if you're targeted
If you get a call claiming to be from your broker, hang up and contact the firm using a phone number from its official website or your account documents. Do not call a number the caller gives you. Fidelity's security site lists 800-544-6666 as a contact to report suspicious activity, and the company asks clients to report unauthorized transactions promptly, per Fidelity. You should also file a complaint with the FTC at ReportFraud.ftc.gov and consider contacting local police. Preserve any records, and do not follow any additional instructions from the caller. Finally, consider switching to an authenticator app or hardware security key, turning on account alerts, and talking through any unusual instructions with a trusted family member before you act.
