We are issuing an urgent security advisory regarding a recent increase in reports of fictitious websites or emails impersonating where you hold your investments. These fraudulent sites closely resemble legitimate login pages or links and are being used by threat actors to harvest client credentials.
Always use our official website or mobile application. When in doubt contact us or your advisor.
Remember, if it seems too good to be true, it is.
What are fraudulent on-line websites or emails?
Fraudulent on-line websites or emails often look legitimate, but their sole goal is to get money out of you. Investors can be easily misled by these sites or emails, because they are well-designed and are often very professional looking.
In many cases, such platforms are managed from abroad, including from places in Southeast Asia, and the people who contact you are, in many cases, working in call centres called boiler rooms. Sometimes, the minds behind these platforms claim to have offices in reputable locations, like London or Switzerland, so as to appear more legitimate.
Getting your money back can be very difficult, if not impossible.
How to prevent fraud
Recognize spoofing
Spoofing is used by fraudsters to mislead victims and convince them that they are communicating with legitimate people, companies, or organizations.
Here are the main types of spoofing used by fraudsters:
Caller ID spoofing
Fraudsters have the ability to manipulate the phone number appearing on call display either by call or text message. Fraudsters can display legitimate phone numbers for law enforcement agencies, financial institutions, government agencies or service providers.
Email spoofing
Similar to Caller ID spoofing, fraudsters can manipulate the sender’s email address in order to make you believe that the email you’re receiving is from a legitimate source.
Website spoofing
Fraudsters will create fraudulent websites that look legitimate. The fake websites can pretend to be a financial institution, company offering employment, investment company or government agency. In many cases, fraudsters will use a similar domain/website URL to the legitimate company or organization with a minor spelling difference.
Protect yourself from spoofing by
- Never assuming that phone numbers appearing on your call display are accurate
- Hang up and make the outgoing call when someone claims to be contacting you from your financial institution, service provider, law enforcement or government agency
- Call the company or agency in question directly, if you receive a text message or email. Make sure you research their contact information and don’t use the information provided in the first message
- Never clicking on links received via text message or email
- When visiting a website, always verify the URL and domain to make sure you are on the official website
