Staying safe online
Be safe online
Internet scams are increasing, particularly in the financial sector. Here is what to remember if you are solicited by someone claiming to act on behalf of Aviva or Aviva Investors.
- We will not solicit clients or individual investors directly and will not conduct any investment contracts by e-mail.
- We will never send you a subscription form for an investment offer. Any investment advertisement issued by Aviva or Aviva Investors will direct clients to our websites - either www.aviva.co.uk or www.avivainvestors.com - to obtain more information and either application forms or, where permitted, to subscribe online via the website.
- Also watch out for unsolicited calls, emails or letters offering unusually profitable investment opportunities. Fraudsters may be using this time of economic uncertainty to launch new investment scams. Go to official sources for information, such as home pages of Firms purporting to offer the investment and avoid following links embedded in unsolicited email communications. Exercise extra caution when it sounds too good to be true. The chances are, that it probably is.
Be vigilant about the personal information you provide, and the investment offers you receive.
Contacted by a fraudster or fallen victim to a scam?
Report this to us right away. We'll take it from here and let you know what you need to do to stay safe.
As the threat of Coronavirus continues to spread globally, criminals are exploiting fear by using phishing emails, text messages and phone calls to target people and spread fake news. Here are a few tips to keep safe:
- Go to official sources for updates on the Coronavirus, like Centres for Disease Control and Prevention (CDC - https://www.cdc.gov/ ) and the World Health Organization (WHO - https://www.who.int/ ) for up-to-date information on the outbreak. Be wary of websites and maps of the spread of disease when searching or googling the pandemic.
- Unfortunately, the Coronavirus 2019 (COVID-19) does not have a vaccine or cure. Be particularly weary of emails of this nature and report any fake or impersonating emails to the above organizations. You can report scams to:
- WHO https://www.who.int/about/report_scam/en/
- FTC (Federal Trade Commission – US) https://www.ftccomplaintassistant.gov/#crnt&panel1-1
- Action Fraud (UK) https://www.actionfraud.police.uk/
Depending on where you are in the world, there may be other options to report to the local law enforcements.
- Research any charities before donating money or providing personal information. There are already reports of fake charities claiming to need money to find a cure or help victims.
- Watch out for fake CDC and WHO email phishing attempts. Do not click on attachments or hyperlinks from an email you were not expecting or cannot verify the sender. Poor grammar, hyperlinks that do not match the real website address, spelling mistakes, odd attachments, threats, no logo or wrong logo, or an extreme sense of urgency are signs of phishing.
- Be wary of automated phone calls asking for your social security number, coronavirus symptoms or treatments. Best thing to do in this case is to hang up.
Remember that criminals will try and appeal to your emotions during this pandemic, especially fear and panic; and will play on your goodwill and desire to help others out at this difficult time. Slow down when making decisions and don’t be pressured into doing anything in haste- whether that is visiting a website, clicking a link, opening an attachment, giving to a charity, or trying to browse through un-approved treatments.
Stay safe and keep vigilant!
Brexit Scam Alert
Cyber attackers and fraudsters are using the theme of the United Kingdom’s withdrawal from the European Union to launch attacks against a range of targets including the Financial Services sector. To date such activity has often taken the form of BREXIT themed emails to phish or persuade the recipient to download malware, though to date we have seen limited instances of such attacks against Aviva. These emails could include a message appearing to come from a known contact letting you know that their details will change after BREXIT and inviting you to their new webpage. It is likely that the period around BREXIT we may see an increase in BREXIT themed attacks against Aviva. The Aviva Cyber Threat and Financial Crime Intelligence Teams continue to monitor the situation.
If you come across any scam emails you can forward them to the Global Financial Crime and Cyber Team on gfcc.Team@avivainvestors.com
Financial scams: Attack of the clones
Fraudsters have numerous methods for trying to get their hands on our cash. One that is becoming increasingly common is the fake or cloned website. These sites look like the real thing and may even have a web address that is very similar to a well-known site, such as the one operated by your bank or financial advisor. On closer inspection, however, the differences can be spotted, which it is why it is so important to remain vigilant – especially when you see links to sites you regularly visit.
We have been made aware of a clone website using the Aviva Investors Global Services Limited background. We have discussed the issue with UK regulator, the Financial Conduct Authority (FCA), and have taken the necessary actions to remove the fake website.
How cloning scams work
The criminals’ biggest challenge is getting people to click through to their fake sites, and they do this in one of two ways:
- Persuading victims to click on the link for a cloned site via an email message. The email might say, for example, there has been unauthorised activity on your account and you need to log into the company’s site – via a link in the message – to check everything is ok. The link takes you to a site that looks genuine, but is in fact a front that allows the criminals to harvest your log-in and account details.
- Getting their cloned sites at the top of Google rankings. This can involve the fraudsters paying to ensure that their site appears at or near the top of Google’s rankings for certain web searches.
How to stay safe
There are a number of precautions you can take to avoid this type of con.
- Get the web address from official correspondence you have with the company and type it in yourself, rather than clicking on a link sent via email or text.
- If you are searching for a government service online, the genuine web address should begin with “https://www.gov.uk...”.
- When you click through to a genuine site, you should also see a padlock symbol to the left-hand side of the address bar.
- This applies to genuine retailers as well: when you reach payment pages, if not before, the address should begin with “https” and the padlock symbol should be displayed.
- You can check if a financial services firm is authorised by FCA, by checking on https://register.fca.org.uk/ . To verify the identity of an authorised firm, ask for its FRN and contact details, but always call them back on the switchboard number given on the FCA Register.
- You should access the FCA Register directly from https://register.fca.org.uk/ rather than through links in emails or on the website of a firm offering you an investment. Also check the address of the website is correct and there are not subtle changes that mean it is a fake.
If you have been scammed
If you have been scammed or contacted by an unauthorised firm – or a firm you suspect is not legitimate – you can report this to FCA by contacting their Consumer Helpline on 0800 111 6768.
If you believe you have been sent a fake link purporting to be to an Aviva Investors website, please contact firstname.lastname@example.org.
Thank you and stay vigilant.
Email scams: What to look out for
Aviva’s Security team have become aware of fraudsters registering email domains which are variants of “Aviva Investors Holdings” e.g. avivainvestorsholding.com. This is usually done for the purpose of “mandate fraud” which is when someone tries to get you to change a direct debit, standing order or bank transfer mandate, by purporting to be an organisation you make regular payments to. Emails from these domains may also be used to spread malicious attachment and should therefore not be opened.
Aviva Investors’ security team take action together with law enforcement and industry bodies to take down known fraudulent domains. It is, however, a possibility that the fraudsters will use hitherto unseen variants or misspelling and create more fraudulent email addresses to keep going. Some examples of the fraudulent addresses are:
Carbon credit scams: What to look out for
We’ve recently seen an increase in reports of cold calls, emails and letters offering to buy unwanted carbon credits and invest the proceeds. You can find out more on the carbon credits on the Financial Conduct Authority’s official website.
This increase appears to follow on from the widespread carbon credit scams, which in 2014, 2015 and 2016 saw a large number of multi-million pound carbon credit companies shut down following Insolvency Service investigations.
Please visit the following links for more information on the carbon credits scams on the official UK Government website.
- More multi-million pound carbon credit companies are shut down following Insolvency Service investigations
- 8 companies involved in multi-million pound international carbon credit and wine investment scam ordered to close
- Major carbon credit network unpicked by Insolvency Service
In light of this ongoing scam, please take extra care and exercise caution if you receive:
- a cold call from a withheld number
- any unsolicited emails from an email address such as
email@example.com, firstname.lastname@example.org or email@example.com
- an unusually attractive unsolicited offer to buy unwanted carbon credits. If it seems too good to be true, chances are it is.
If you think you have been a victim of fraud please report to Action Fraud.
Additionally, if you receive any suspicious communications related to Aviva Plc, please report them to firstname.lastname@example.org or call + 44 (0) 1603 682412.
Lastly, when considering investing we recommend using the following Financial Conduct Authority webpage for verifying any potential investment opportunities that you may have been recommended. Check any carbon credits offer you receive here: https://www.fca.org.uk/scamsmart/warning-list.