Security and Fraud Awareness

With the world ever more connected, digital vulnerabilities have become a magnet for unlawful individuals looking to exploit and steal sensitive information for personal gain. Cybercriminals and fraudsters are becoming more cunning and deceptive, using manipulation techniques to trick people into engaging with suspicious links, downloading dubious attachments, or accepting questionable social media connections. Such strategies often serve as conduits for acquiring sensitive information. These fraudsters may impersonate trusted organizations such as the Sovereign Wealth Fund Institute® (SWFI®) or Sovereign Wealth Fund (SWF) Summit, creating false websites, sending deceptive emails, or making scam phone calls to elicit monetary payments.

Sovereign Wealth Fund (SWF) Summit, as part of the SWFI®, prioritizes cybersecurity and fraud prevention, implementing programs and technical safeguards to protect member accounts and information. To enhance your personal cybersecurity stance, we provide the following information about cyber threats and guidelines to prevent you, your loved ones, and your employer from becoming victims of cyber-attacks or fraud scams.

Recognizing Cybersecurity Threats

Any entity or individual can fall victim to cybercriminals. Here are some common strategies and attack types these actors use:

  • Deceptive Emails and Websites
    An unassuming email from your bank or preferred retailer might actually be a covert attempt to steal your identity or personal information. “Phishing” is a popular method used by cybercriminals, employing deceptive emails or fraudulent websites that mimic reputable ones to gather personal and financial information or infect your system with malware and viruses. This stolen data can be used to commit identity theft, credit card fraud, and other crimes. Phishing can also occur via phone and is becoming increasingly common on social media and professional networking sites.

    When you click a malicious link, you may unintentionally install malware on your device. Malware is software intentionally designed to harm a digital device. Viruses, the most common form of malware, are typically designed to provide criminals with access to infected devices. Ransomware, another prevalent type of malware, locks and encrypts a victim’s files, demanding a ransom to unlock them. This is essentially “digital kidnapping” of valuable data – from personal photos to client information, financial records, and intellectual property. Any individual or organization could be a potential target for ransomware.
  • Credentials – Based Attacks 
    If you use the same username and password combination across various websites or services, you’re particularly susceptible to this cybercrime technique where stolen account credentials are used to gain unauthorized access to various online accounts. Credential stuffing attacks often go unnoticed until funds are transferred.
  • Social Media Impersonation
    Increasingly, criminals use social media to build relationships with victims and ultimately steal data. They often create fake accounts that appear to be official accounts for an individual or organization. Social media impersonation can also involve the takeover of real accounts. These accounts can be used for phishing activities or causing reputational damage to an individual or a company.

How you can protect yourself

To safeguard yourself from such cyber threats, consider the following:

  • Establish Secure Email Protocols 
    Emails remain a popular entry point for hackers. Avoid clicking on links or opening attachments from suspicious-looking emails. Verify sensitive information, such as wire instructions, in person or by telephone. Typically, Sovereign Wealth Fund (SWF) Summit and SWFI will never send wiring instructions via email.
  • Use Strong Passwords
    Employ complex, unique, and lengthy passwords to stave off attackers. It’s a good practice to use long, memorable, and hard-to-guess passwords. Avoid reusing passwords. Consider using a password management application, such as LastPass, 1Password or Dashlane, to manage multiple complex passwords.
  • Enable Two-Factor Authentication
    Use two-factor authentication (2FA) for account login wherever possible. This adds an extra layer of security by requiring a secondary form of identification, often a PIN sent over text message or email. It’s most securely implemented via a hardware token or phone application. At the least, enable this for your email, cellular provider, financial websites, password manager, cloud file storage, and social media.
  • Secure Social Media
    Regularly review and adjust social media account settings to better control who can view your posted content. Cybercriminals often extract critical information about a target from social media sources. Be mindful of the potential risks associated with the information you post online.
  • Minimize Your Online Footprint
    Periodically review all your online accounts. Limit or obscure personal information on the internet, remove unnecessary data, delete unused accounts, and avoid sharing or reusing passwords across accounts to minimize exposure.
  • Safeguard Critical Data
    Know where all your sensitive personal information is stored. Ensure that your sensitive data is always stored encrypted, to prevent unauthorized access in case your device is lost or stolen. Consider having a second encrypted backup of your sensitive data, whether on a flash drive stored in a safety deposit box or in the cloud using a reputable service such as Dropbox, iCloud, or Google Drive.
  • Protect Your Devices
    Set up your devices securely, considering the potential risks if your device were stolen. Use a complex passcode as a backup to biometric security such as a thumbprint or Face ID, and ensure your device is encrypted. Be sure that sensitive data, such as email, is not displayed on the lock screen.
  • Regularly Update Your Software
    Keep all of your software up to date. Apply software updates as soon as they become available. Consider enabling automatic updates where available.
  • Secure Wi-Fi Access
    Be aware that using public Wi-Fi can expose your communications and devices to risk. If you must use public Wi-Fi, consider a virtual private network (VPN) to protect your communications, especially when traveling and using public Wi-Fi at an airport or hotel. Alternatively, consider using a mobile hotspot to protect sensitive information. At home, use a guest network for visitors.
  • Freeze Credit Lines
    Prevent identity theft and minimize fraud risk by contacting major credit-reporting bureaus Experian, TransUnion, Equifax, and Innovis, to set a security freeze on your credit reports. Consider signing up for an identity theft protection service such as LifeLock, Kroll, or Experian, which also offers credit monitoring. Apply these suggestions to all family members.

Understanding Financial Fraud

Financial fraud occurs when someone illicitly obtains money or other assets from you through deception or criminal activity. Common examples of financial fraud include:

  • Investment Scams
    Investment scams involve coercing you or your business to participate in a financial transaction based on the promise of a dubious financial opportunity. Scammers often approach victims via email, websites, or phone calls, investing considerable effort to gain the victim’s trust. These “too good to be true” offers are typically low-risk-high-reward investments. To evaluate whether you’re the target of an investment scam, consider the following:
    • How were you contacted? Any contact with Sovereign Wealth Fund (SWF) Summit or SWFI® will come from an official email address, not a free email account such as Yahoo or Gmail.
    • Did you find the investment opportunity through an unrelated website?
    • Have you shared your personal information on a non-affiliated website?
    • Have you received unsolicited contact offering a low-risk–high return investment opportunity?
    • Does the communication contain numerous spelling errors or misprints?
    • Have you provided a photo ID or proof of address documentation?
    • If so, consider notifying the organization that issued them and contacting your regional fraud prevention service. Did you feel pressured into transferring money to avoid missing an opportunity?
  • Identity Theft 
    Identity theft happens when someone steals your personal information and uses the Federal Trade Commission, FINRA, Anti-Phishing Working Group, or Better Business Bureau.