Skip to main content

Staying secure online

The internet can be a complicated place and unfortunately there are many unscrupulous people who seek to gain access to people’s information and money. It is very important that investors take every step possible to protect themselves online. This page sets out some of the key things that investors should be aware of and consider.

Although the internet is a highly useful and valuable tool, it is also a place where fraudsters and crooks operate, so it is essential to at all times use it carefully and safely, be vigilant for potentially-fraudulent activity, maintain your security and look after your personal and financial data.

Here are some key best practices and resources for further assistance. Links go to the UK's National Cyber Security Centre website which provides further guidance and information.

Protect your email and online accounts by using a strong password

Cyber criminals can use your email to access many of your personal accounts, leaving you vulnerable to identity theft. The same applies to accounts that you may create online (for example, shopping, banking). Many passwords are easy for fraudsters to guess or discover (for example, your date of birth, your mother's maiden name).

  • Use a strong password: one technique is to choose three random words to create a password that's difficult to crack
    • Don't use the same password for multiple accounts
    • Never save your passwords on your computer: if it is hacked, they can be found
    • Use a password manager, a technology tool that helps internet users create, save, manage and use passwords across different online accounts and services

    Install the latest software and app updates

    Software developers and those creating apps for mobile phones constantly improve the security of their software by releasing updates on a regular basis. These contain vital security updates to help protect your computer and other devices from cyber criminals.

    • Install the latest updates when they are released
    • You can often configure your computer or device/phone to do this automatically

    Turn on 2-step verification (2SV)

    Also called 2-factor authentication, 2-step verification is recommended to help protect your online accounts.

    2-step verification means that when you go to log in to an online account, you don't just enter a password: you validate your login with a second security activity.

    When you set up 2-step verification, this usually means you’ll be sent a PIN or code, often by SMS (text message) or email, after you have entered your password. You then need to enter this PIN on your computer or device to prove that it's really you.

    More information about 2-step verification.

    Regularly back-up your data

    Safeguard your most important data, such as your photos, key documents, and financial contracts and records, by backing them up to an external hard drive or a cloud-based storage system. You should do this regularly (ideally after every time you update or change those files).

    More information about backing-up your data

    Tighten privacy settings on your social media accounts

    Social media accounts can hold a surprising amount of personal information, especially if you include data like your date of birth, where you live, friends and relatives and so on. To help control who has access and what information can be seen, review the privacy settings on the online accounts you use regularly. Pay special attention to:

    • Location tracking: consider turning off automatic geolocation data on your social media posts, photos, and comments
    • Public information: think carefully about what information should be public, such as your birthday, family details, where you live, where you work
    • Likes, shares, and commentsyour 'likes' and comments on other's posts are public information, allowing your profile picture, name and comments to show to companies and other people

    Instant messaging applications

    Artemis will never try to market or sell you a fund or investment via an instant messaging application (eg WhatsApp, Messenger, WeChat, Telegram etc). 

    Fraudsters may attempt to use the Artemis brand or impersonate representatives of the firm to add an appearance of legitimacy to their crimes. Please do not reply to, or act upon suspicious messages and report any suspicions to the application provider.

    Phishing and spam

    • Spam is a general term to indicate unwanted email and generally refers to mass-marketing emails, usually sent indiscriminately by automated programmes.
    • Phishing is the process of sending emails purporting or pretending to be from a person or organisation with the intention of fooling the recipient into disclosing information (such as passwords or personal confidential information) or downloading malicious files.
    • Spear-phishing is the same as phishing but is targeted at individuals and makes use of specific information relevant to the recipient.

    How to recognise malicious emails

    The following list details some of the things you should check when trying to assess if an email is genuine or not. If you answer ‘no’ to any of these, you should be suspicious. 

    Check Things to consider
    Were you expecting it?
    • Were you expecting an email from this person or organisation?
    • Is this the normal type of email that the user would send?
    • Is this the person that would normally send this type of email?
    • Are you the person they would normally send this email to?
    • Does this email require a deviation from your standard operating practice? (ie is it asking you to email a file that would normally be delivered by some other mechanism? Or to make a payment outside normal payment runs?)
    Is the sender who they say they are?
    • If you hit Reply, is the Reply-To address of the email what you would expect?
    Does it sound right?
    • Is the tone (eg formal, relaxed, urgent) and the content (eg spelling, grammar, vocabulary) of the email consistent with what you would expect from this sender?
    • And for this type of request? Does the email contain real or implied threats (eg disconnection or a fine) if you do not reply instantly?
    Does it have an unexpected attachment?
    • Were you expecting something to be attached to the email – for example, a photo, document, PDF, ‘zip’ file or other type of file?
    • Does the attachment name look correct?
    • Does the attachment ask you to override any security settings?
    Do you know where any links are leading to?
    • Does the email contain a link to a website?
    • If you hover over the link, does the website address look correct?
    • Is the email asking you to log in to another system to do something?
    Trust your instincts
    • Above everything else, does it pass the ‘sniff test’?
    • Often our instincts are very good at alerting us that something is intuitively wrong, even though we can't put our finger on exactly why

    More information about staying secure online

    Visit the National Cyber Security Centre

     


    This information is intended to provide you with help and guidance about investing generally and about investing with Artemis. It is not a marketing communication and should not be used to make investment decisions. You should always refer to the relevant fund prospectus and KIID/KID before making any final investment decisions.

    Artemis does not provide investment advice on the advantages or suitability of its products and no information provided should be viewed in this way. Should you be unsure about the suitability of an investment, you should consult a suitably qualified professional adviser.