Newsletter 1059: Identity Misuse via Fake Websites – Need for Increased Vigilance

Dear Sir or Madam
Dear Members

We are currently seeing a rise in patterns where unauthorised parties set up fake websites that imitate licensed financial institutions supervised by self-regulatory bodies. These sites typically use domain names that are identical or deceptively similar to the legitimate ones in order to gain clients’ trust and to promote allegedly attractive products. Some affected clients have already reported financial losses. Institutions without their own clearly identifiable web presence appear to be particularly exposed; securing relevant domains in advance and, where appropriate, setting up a basic website should therefore be considered.

If you become the target of such identity misuse, you should in particular assess the following response options:

• Technical/administrative measures: Blocking or taking down the fake website via the host/registrar
• Communication: Publishing a warning on your own website (if available); written communication to clients, requiring prior consultation before any transactions
• Legal action: Filing a criminal complaint; obtaining specialised legal advice (including evidence preservation)
• Supervisory notification: Contacting the competent supervisory authority and/or requesting a FINMA warning notification (https://www.finma.ch/en/finma-public/warnungen), taking into account the risk of negative publicity
  
  

Given the increasing number of incidents, it is advisable to prepare in advance from an organisational standpoint (e.g. defined incident-response concept, communication and escalation paths) to ensure that you can act swiftly, consistently, and in a legally robust manner when an incident occurs.

Thank you for taking note of the above.

Kind regards
VQF - Financial Services Standards Association