Ways to stay safe online
You may be aware, an Auckland based company reported a few weeks ago that some of its members personal information had been accessed illegitimately in a malicious attack. While this held no threat to the member funds themselves, it resulted in a personal data breach.
We understand that this attack may raise questions regarding our security procedures, and we wish to assure clients that we have very robust and stringent cybersecurity measures in place to safeguard client data.
1. Craigs conducts cyber security audits annually that are completed by an independent cyber security company who complete comprehensive testing to check that our security mechanisms are effective.
2. KPMG undertake an annual internal controls audit across key Craigs systems and platforms.
3. Craigs has an independent specialist cyber security partner who work with us to ensure our policies, procedures, prevention and detection mechanisms are best practice and effective. These mechanisms include enterprise grade Firewalls and Intrusion detection appliances.
Beware of increased cyber-fraud attempts
We encourage clients to be more aware of potential cyber scammers throughout this period of uncertainty. We also became aware of a scam earlier this year where a fraudster sent an email pretending to be a Craigs Investment Adviser. The savvy Craigs client raised suspicion, as they felt the content of the email was off-piste.
Please ensure that you check all emails sent to you from Craigs end with craigsip.com not craigsip.co, or any other domain.
Cyber fraud poses a significant risk, specifically affecting instructions to transfer funds to a bank account that we do not have details of. That is why it is important to be vigilant and stay aware.
We will never send an email instructing you to change your bank account details or notify you of any change to our bank details.
If you receive an email that appears to be sent from someone from Craigs Investment Partners notifying you that we have changed our bank details, it is very likely to be from a fraudster. Do not reply to the email. Do not click on any links or attachments that may be included in the email.
If you are concerned about any suspicious emails you may receive or are ever in doubt please phone your Craigs Investment Adviser as soon as possible, either using a direct dial number known to you or 0800 272 442. Do not phone any numbers included in the email you are suspicious of.
If you have any concerns that your email or personal information has been compromised, please contact your information provider immediately.
Outlined below are some tips on how to keep safe and protect yourself from cyber-criminal activity, if you wish to discuss further please speak with your Craigs Investment Adviser.
Some ways to keep safe online:
- When logging in to the Craigs website or any other bank website, check you have a secure connection and type in the full website details https://craigsip.com. The ‘s’ stands for secure.
- Do not access secure websites such as banks or the Craigs Investment Partners client portal, from public computers (e.g. libraries, internet cafes).
- Don’t give out your Craigs account details unless you made the phone call, and trust the number and recipient of that call.
- Keep your identity information safe, and only reveal this to trusted sources, for example date of birth, driver licence, passport details. Before divulging that information, ensure they will protect it.
- Do not share your passwords with anyone.
- Check your statements and alert your provider if anything is amiss.
- Do not click links, open attachments or reply to spam emails, and do not call any phone numbers from spam emails.