Skip to main content

Investment Association warns of impersonation fraud: how can we adapt our cyber strategies in the ‘new normal’?

The Investment Association (IA) has this week issued a stark warning to investors about the emergence of a new fraud risk, aimed at private investors. In the latest of a string of cyber-scams, the IA reports that fraudsters are now targeting retail investors in large-scale scams that convince savers to purchase fake investment products.

The IA has issued the warning after a number of investment managers reported that organised criminals have begun to impersonate their products. Fraudsters are promoting false (or cloned) investment bonds through fake price comparison websites. They have cloned brands to produce fake documentation and, in some instances, have set up a range of impersonation email addresses that use the names of genuine staff members in certain investment management firms.

The scam aims to persuade investors to make investments that will not materialise – the IA reports that organised criminals operating under these schemes have so far made more than £4m in illicit profits.

Cybercrime rising

The IA’s warning comes at a time in which tensions are high surrounding cybercrime. As we highlighted in a recent blog post (Cybercrime rising: does the international wave of cybercrime present silver linings for tech?) the UK’s HMRC has seen a 74% rise in fraudulent communications since the beginning of January 2020 – just as the coronavirus pandemic started to take effect.

Moreover, in March this year, cybersecurity firm RedMarlin reported a 72% increase in attempted hacking activity since the beginning of the year. Cyber-criminals and fraudsters have taken advantage of the uncertainty and anxiety surrounding the pandemic to leverage illicit profits from businesses and individuals alike. The IA’s warning indicates that this activity continues even as the pandemic subsides in some countries.

CUBE comment

As cyber-criminals continue to take advantage of the ‘new normal’, financial services providers and regulators will undoubtedly move to close the gaps that coronavirus has created, or exposed. Regulatory technology (RegTech) offers a wealth of advantages in this regard; allowing firms to automate regulatory compliance, weed out inefficiencies, and focus instead on direct compliance issues – such as cybercrime and fraudulent activity. The financial services industry should move quickly to ensure that they’re one step ahead of the criminals by implementing watertight, automated systems that reduce the margin for error.

CUBE expects to see a swathe of regulatory activity surrounding cybercrime, which will only add to the mounting list of financial regulatory obligations for financial institutions. Now is the time for businesses to take stock of their cyber strategies and to ensure their systems are operationally effective.

CUBE’s cybercrime series

In the coming month, CUBE will be launching ‘Future ready: cyber strategies in the new normal’ in collaboration with the Canadian Regulatory Technology Association. The series will consist of a number of blogs from industry experts, exploring topics ranging from the human element of cybercrime to the potential transformation of cybersecurity operations in light of COVID-19.

The series will culminate in a live industry roundtable, in which the panellists will discuss how the ‘new normal’ may transform the way businesses approach cybercrime – from the adoption of RegTech to regulatory intelligence and much more.

Sign up to our newsletter to ensure you don’t miss the launch of our new series