The growing fintech market is constantly developing ways to protect clients from scams, hackers, and fraudsters. However, internet users need to know what types of deception they might encounter and how they can protect themselves. This extensive guide by OctaFX is here to help.

Remember Viraj? After the promotion and significant growth of his personal funds, he decided he needed to invest some of it. He started looking for a reliable platform where he could put his money to work. After googling it, he found a broker with good reviews and favourable trading conditions. It was late, so he decided to register and make his first deposit the next day.

After a tough day at work, Viraj sat down at his computer to make a deposit and start profiting in the financial markets. He googled the broker's name and opened what seemed like its website. After registering, he deposited $300. The website said he had to follow the link in the email he received to confirm his payment. After Viraj did so, a file called MT4.exe got downloaded to his computer. Viraj heard that MT4 was a trading software program, so when the service asked him to open and install it, he did not hesitate a second.

Suddenly, his computer stopped responding to the mouse. The screen went black with only a tiny window which read: ‘All your files are encrypted. To restore them, transfer 0.5 BTC to the following wallet and send the Bitcoin transaction ID and your personal ID to this email.  You have 12 hours. Otherwise, we will upload all your files to the internet.’

Viraj felt cold sweat trickling down his forehead. It was the computer he used to work with thousands of files containing clients’ personal information. He quickly went to his banking app and was horrified to find that he had no money left in his account. The transaction history said dozens of small purchases were made on websites he never visited. Viraj googled how much 0.5 BTC was. The moment the screen showed the exact amount, he lost consciousness and… suddenly woke up.

‘Phew, it was just another nightmare,’ Viraj said to himself. ‘But how could all this happen?’

In his dream, Viraj got scammed two times. First, the website was not the broker he was looking for—but a copycat, a clone of the actual broker, created specifically to scam inattentive internet users. Such sites may only differ from the original one by a single letter in the web address (for instance, easyinvesting.com and easylnvesting.com with ‘i’ and ‘l’ looking nearly the same) with their content almost or entirely identical. Yet, when it comes to making a deposit, the money—along with your bank card details—goes to fraudsters.

The second scam, which fraudsters cunningly integrated into the first one, was a phishing one. It aims at stealing your personal information, such as bank card details, or, as in Viraj’s case, making you install some malware to later demand ransom for decrypting your files or unblocking your system. 

Here’s how you can protect yourself from these popular types of cyberattacks.

  • To identify the authenticity of brokers’ local pages, use their domain-checker extensions (e.g. Google Chrome extension for OctaFX). If the domain name is different, this is a fraudulent website, or someone uses intellectual property illegally.

  • When you see the broker’s logo online, double-check the domain name. Always assume that fraudsters will be using some version of the brand name to try and trick you.

  • Be careful when on social media. Broker’s official social media accounts are usually listed on their official website. Unfortunately, multiple copycats appear daily, so it’s important to stay vigilant, especially when engaging with Telegram and Facebook groups.

  • Cross-check the news published on the web about special offers and partner activities with official information on the broker’s website and social networks. If it's not mentioned there, most likely, you are about to be scammed.

  • All your payments must be processed through the Personal Area on the broker’s official website or in their official apps. This is most likely a scam if someone asks to send payments through other means or channels, like messenger apps or personal transfers. Don’t hesitate to report such a person to authorities or the broker's  Customer Support.

  • Do not share any personal information on the internet before you’ve thoroughly researched the service/site/organisation requesting it. 

  • Be careful when opening suspicious emails. Never download and open any files that come from unknown email addresses.

After learning the tips mentioned above, Viraj was ready to invest with a real broker, now sufficiently protected against copycat scams and phishing fraudsters.