Use the numbers provided below to report if you have noticed any suspicious activity on any of your Ninety One accounts, or whether there has been an event which makes your accounts more vulnerable to fraud.
We also urge you to report to the authorities online at the following websites:In the UK: www.actionfraud.police.uk
A physical report will also need to be files with your local RSA police station.
Boiler room fraud involves the mis-selling of worthless or bogus stocks and shares for the sole purpose of defrauding cash from unwitting investors. Organised criminals run ‘boiler rooms’ with a sales pitch designed to play to an innocent investor’s desire to make a profit. You can read more about this on the Financial Conduct Authority (“FCA”) website by clicking here.
You receive an unsolicited call or email from someone offering a free review to increase the returns on your retirement savings or promise early access to your pension. Similar to an investment scam, you may be promised huge returns on an investment that doesn’t exist. Alternatively, promises of early release of funds can be an attempt to convince you to transfer over funds, but be left with a large tax bill instead.
Bogus funds can be set up that share the same or a similar name to genuine funds provided by legitimate companies. Individuals who invest this way following a cold call are not investing in legitimate funds and are likely being defrauded by criminals.
This is where fraudsters will use a genuine investment company’s name and regulator registration number but their own contact information. This means the fraudulent company will appear genuine when you verify them on a regulator’s website. If you are ever unsure about the legitimacy of a company please use the contact information provided on the regulator’s register. In the UK please click here for the FCA’s register of authorised firms.
People are being contacted by fraudsters claiming to work for price comparison websites selling investment products. These platforms are often fake and the fraudsters are cloning the brands and documentation of legitimate investment management companies. The fraudsters are targeting members of the public through sponsored Google and Facebook links and are collecting personal details from illegitimate call centres.
Fraudulent companies have also been contacting members of the public offering to transfer investments into legitimate funds. Individuals who invest following a cold call from such fraudulent companies are likely to be victims of an investment fraud.
Postal interception is more than just an inconvenience, it is another way members of the public can become victims of fraudsters. It can seriously jeopardise the security around a person’s bank accounts and investments. When criminals intercept post they can use it to obtain confidential information and use this to steal a victim’s identity, take over accounts and potentially steal or transfer funds away from victims. The UK financial services industry has seen a growing number of non-UK residents becoming the target of postal interception. We have found South African residents are disproportionately affected by this although other countries’ nationals are also vulnerable.
People may receive emails or text messages from what seems like a legitimate source. These may be a form of malware that attempts to install malicious software onto the recipient’s device.
Individuals are creating fake social media accounts on Twitter, Facebook and LinkedIn using genuine company employee names. Customers are then receiving unsolicited contact from unknown individuals using these employee names and making reference to these fake social media accounts in an attempt to make the contact seem genuine. These fake social media accounts are merely intended to confuse and defraud customers. If you come across social media accounts like this and are unsure about authenticity please contact the relevant company directly.
Legitimate companies can be subject to having their brand and name used in recruitment scams. Individuals are being contacted via email, by a person alleging to be a member of a company’s HR team, regarding career opportunities at the relevant company. These operate using a number of stages:
As email has become more widely used, fraudsters are now looking to compromise email addresses and control inboxes in an attempt to either acquire personal details or alternatively communicate directly from a stolen email address. Using a stolen email address, fraudsters may look to contact financial services firms to change personal and banking details, with a view to subsequent fraudulent divestment.
Fraudsters to provide fraudulent estate late documentation, stating that they are executors of an estate, to gain access to an account. This is becoming particularly common in South Africa. There have been instances of fraudulent documentation being provided by insiders in legitimate organisations, making it more difficult for documents with fraudulent intent to be identified. You are urged to apply for estate late documentation and provide them to all financial services firms as soon as possible.
Please do not use free public Wi-Fi when trying to access your banking and online transactions.
In fact, do not try to access any account that requires a user name and password – even social media, when using free Wi-Fi, because of ‘sniffing’. ‘Sniffing’ is the phrase used by fraudsters to capture data from your laptop or mobile phone. When you launch an app (especially those that have stored your user ID and password), your security details are re-sent every time you launch the app, sometimes in an unencrypted form. Then, when you view your email accounts or social media posts, your security details are captured and used by fraudsters, who begin creating a profile of you.
Anti-virus can be installed on all of your devices, and often come with a Virtual Private Network (“VPN”) function. If you have to use public internet connections, it is strongly advised that a VPN is used.
Fake email messages or phishing
‘Phishing’ is when fraudsters send thousands of emails in the hope that they will catch a victim. It just takes one to make it worthwhile. The email may look real, but there are always small clues to warn you.
Always take time to read an unexpected email. Fraudsters are counting on you being far too busy or worried so you don’t think clearly and will do what they request.
Spoofing and hacking emails
A ‘spoof’ email is where a fraudster will send you a Phishing email, but it is from a name you may know. Well-known global corporates email formats are copied and fraudsters trick you into believing your package or order needs your attention by clicking on a link, to obtain your security details.
Recently this has developed into sending specific emails (also called ‘spear phishing’). This might relate to a real estate sale or purchase or hospital expense, claiming to be from a lawyer and requiring your payment, to the attached bank details.
Fraudsters obtain details through various means and can create a spoof mail that looks legitimate and you are expecting it, making it even easier for them to persuade you to make the payment.
Fraudsters have obtained access to your email account and are able to read and create emails in your name. This means they can mail your friends and contacts, as well as knowing what financial deals you may have underway, and create that ‘spoof’ email to encourage you to make a payment. Please change your password if you see or receive any unusual activity.
Don't unsubscribe on emails from random advertisers
To check if your email is valid, fraudsters send a spoof/spam email with shopping, sports, or holiday offers. If you click to unsubscribe, they will then have a valid email address and can target you as they try to obtain more information about you.
Review your sent and deleted items folder
Take time to check your sent and deleted items folder on your computer. Are there messages you have not sent? Your computer may have a virus or your email account may have been hacked or compromised.
Don’t store confidential information in your email folders. Store personal documents and emails on your computer in a secure folder on your computer.
Attachments or links
Avoid clicking on any links or opening attachments included in unexpected emails, texts, or social media messages. These may be disguised as a tax refund, parcel delivery, invoices to get you to click on them.
In the same way that email addresses can be spoofed, so can phone numbers. That way, it can look as though you’re receiving a call from a trusted number – even your bank’s genuine one. Text messages from spoofed numbers can appear in an existing thread of messages.
Fraudsters will also often text message from an unknown number pretending to be a trusted corporate organisation. In the UK this trend has tended to be from delivery companies such as Royal Mail or DPD. If the text message is legitimate, your mobile phone will automatically detect that the number legitimately belongs to that organisation. Do not click on any links in a text message until you are 100% sure it is not fraudulent.