Rogue online operators have found their next big lucrative scheme, and it involves impersonating prominent hedge funds and asset management firms.
The Financial Conduct Authority (FCA), a leading regulator of financial markets and financial services companies in the UK, has issued a staggering number of warnings as of late. The alerts cover a plethora of scams that involve fraudsters claiming to represent authentic, authorized investment firms, such as Winton Capital, Algebris Limited and more.
The criminals behind this are reaching out to investors to promote fake investment opportunities, assets, or shares. In each case, the property or opportunity is either non-tradeable, valueless, unreasonably expensive, or doesn't exist.
How the Scam Works
Crooks are employing a number of techniques to lure in victims, including but not limited to the following methods:
- Rogues create "duplicate" companies by leveraging the firm reference number (FRN), name and other company details of legitimate financial firms.
- Some are replicating websites of authorized organizations and making subtle revisions to the business' address or other contact information.
- Scammers may communicate to investors that the contact details listed on the Financial Services Register for their fund are outdated and assert that they are reaching out via the new phone number or email address.
How to Protect Your Firm and Investments
To help prevent your team from falling victim to this scam, we've outlined security tips below:
- Ensure you cross-reference the Register at register.fca.org.uk to guarantee you are dealing with an authorized financial services firm.
- You can request the fund's FRN, phone and email address, but ensure you always utilize the switchboard number to speak with them over the telephone. This information is provided on the Register.
- Avoid clicking on any hyperlinks listed in suspicious emails.
- Approach URLs with caution from businesses offering investment opportunities and perform adequate due diligence to verify the site's authenticity. For example, inspect the links by hovering over them or visit the Register's site listed above instead of clicking links listed on websites or in electronic communications.
Security Awareness Training
This hoax comes on the heels of the Securities and Exchange Commission's (SEC's) Office of Compliance Inspections and Examinations (OCIE) issuing its 2020 Cybersecurity and Resiliency Observations.
The report highlighted seven critical areas concerning cybersecurity that registered investment advisors (RIAs) should be focusing on, one of which is security awareness training. Against this backdrop, we urge companies to take action and bolster their cybersecurity preparedness by introducing security awareness training company-wide.
Align's Cybersecurity Education empowers clients with security best practices and emerging threat intel to create a first line of defense against cybercrime. For information regarding these services and our Cybersecurity Advisory Practice, please contact us at firstname.lastname@example.org or visit https://www.align.com/align-cybersecurity.
Do you think you may have been a victim of this scam?
If so, we recommend you contact the Align Cybersecurity team at +1 855-IT-ALIGN (1-855-482-5446) or via email at email@example.com.