Investment Scams Are Increasing

Criminals used the Covid-19 pandemic to target victims online, through impersonation scams, romance fraud and investment scams.

The UK’s Financial Conduct Authority (FCA) is warning people to beware of people posing as investment advisers and offering to help them set up new schemes via online meeting platforms. “Scams are increasingly sophisticated. Fraudsters can be articulate and financially knowledgeable, with credible websites, testimonials and materials that are hard to distinguish from the real thing." says the FCA.

They ask their victim to share the screen and enable remote access, which hands over control of their device and potentially, their bank account. 

Data from Action Fraud reveals consumers reported losses of more than £78 million between January-December 2020. Throughout 2020, consumers reported average losses of £45,242 each on average when investing with fraudsters imitating genuine investment firms. 

The data has been released as part of the FCA’s ScamSmart campaign, alongside advice to help investors avoid fake firms and protect their hard-earned cash. Around 2,100 cases were reported to the FCA since July 2020 and over £25m was stolen in the 15 months from January 2021. The FCA said the number of screen-sharing scams it had seen had risen 86% to 683 in the six months from July to December 2021 compared with 367 for the same period the year before.

Screen-sharing has become a familiar part of work life, as people use popular online meeting programs in their jobs. Remote access software is a legitimate tool for services like IT support to troubleshoot problems without being in the room. But scammers are increasingly hijacking this familiarity to lure victims into granting access to more than just a picture of their screen.

Most investment scams involve one or more of the following three elements:  

  • Promoting an investment opportunity that does not actually exist – the scammer then keeps the money.
  • Promoting an investment opportunity that does exist – the scammer takes your money rather than investing it.
  • The scammer pretends to represent a legitimate investment group  

The targets are then persuaded to grant the fraudsters control of their computer, by either expanding permissions or downloading remote access software, giving them direct access to online bank accounts. This also means they can install their malware which gives them full access at any time.

The criminals do this under the guise of being helpful, offering to set up a new investment scheme and monitor it. Mark Steward, Executive Director of Enforcement at the FCA, has said to the BBC: "Investment scams can happen over many months, but sharing your screen without making the proper checks can change everything in an instant." If scammers gain control of your computer, it gives them "access to your sensitive banking and investment information, the freedom to browse at their leisure, and the ability to take whatever details they want", Steward added.

If you’ve given your bank account details to a firm you think may be operating a scam, tell your bank immediately. 

To protect yourself against scams, it’s always best to seek the advice of an expert adviser before investing your money. Investing a little bit of time and money into getting trustworthy, expert advice could save you in the long run.

FCA:        NCA:       BBC:       Lloyds Bank:      Unbiased:     UK Finance:     Fraud!:   

You Might Also Read: 

Crypto Currency Fraud Costs £Millions:

 

« Threat Hunting Solutions
Bitcoin Tanks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Association of Information Security Professionals (AISP)

Association of Information Security Professionals (AISP)

The Association of Information Security Professionals (AISP) represents the interests of information security professionals in Singapore.

Vera Security

Vera Security

Vera is a data security platform that provides 360-degree visibility and control over critical business data, anywhere it's shared or stored.

Granite Partners

Granite Partners

Granite is a cloud service for the development of business risk management, cyber security and privacy and occupational safety and health.

Secudos

Secudos

SECUDOS is an innovative appliance technology and services provider focused on IT security and compliance.

Netsecurity AS

Netsecurity AS

Netsecurity is a Norwegian owned company focused and specialised within IT security and cybersecurity-as-a service.

Bellvista Capital

Bellvista Capital

Bellvista Capital connects entrepreneurs with capital and unmatched business expertise in the technology areas of Cloud Computing, Cyber Security and Data Analytics.

Angoka

Angoka

Angoka provide hardware-based solutions for managing the cybersecurity risks inherent in machine-to-machine communication networks.

Nubeva Technologies

Nubeva Technologies

Nubeva provide a breakthrough TLS Decrypt solution with Symmetric Key Intercept to gain the visibility needed to monitor and secure network traffic.

Q-Net Security

Q-Net Security

Protect your critical networks. Q-Net Security make hardware that provides the strongest drop-in security for your existing critical infrastructure.

Fluid Attacks

Fluid Attacks

Fluid Attacks specialize in red team operations as well as technology development that continuously enhance our security testing services.

Surefire Cyber

Surefire Cyber

Surefire Cyber delivers swift, strong response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities.

CDS

CDS

CDS is a strategic change agency enabling organisations and businesses to create and build better services to meet the evolving needs of customers, employees and citizens.

Redington

Redington

Redington offer products and services in solution areas including digital transformation, hybrid infrastructure and cybersecurity.

Cyber Proud

Cyber Proud

Cyber proud is leading a talent revolution to promote and create an inclusive skilled cyber workforce.

CyberKinetics

CyberKinetics

CyberKinetics specializes in cloud-based services and solutions for federal agencies and commercial clients with compliance mandates.

PriorityZero

PriorityZero

PriorityZero is a European company focused on remote security assessments and consulting services that operates on a global scale.