Individual

For people managing their own savings and investments.

Intermediary

For wealth managers and financial advisers managing savings and/or investments on behalf of someone else.

Institutional

For DC, DB and LGPS schemes, insurers, charities, universities, family offices and treasurers.

Aberdeen Group plc

For shareholders, careers and company information.

Change country site
Current share price:
  1. Home

Security

With scams and fraudulent activity increasing in sophistication, it can feel hard to stay on top of current threats and know the best actions to take.

The information below explains more about how to get help, what you can do to protect yourself, and some of the types of fraud and scams you should be aware of.

Getting help and reporting fraud

How we contact you

Fraudsters will often use names and branding of well-known companies, like Aberdeen, to gain credibility and deceive people into thinking that they are legitimate in their communications.

We will never contact you via any social media platform or through direct messaging platforms like WhatsApp or Telegram etc.

We will only ever send you emails with a link to an Aberdeen login page if you have registered for that service or opted in to receive emails from us.

How to report suspicious messages

If you receive any email, text or social media message claiming to be from an Aberdeen group company and you are in any doubt, please send it to emailscams@aberdeenplc.com

This helps us investigate fraud and prevent future fraudulent activity.

What to do if you think you’ve been the victim of fraud

If you think you have been defrauded, or that someone is trying to defraud you, contact the police. There are other actions you can take, depending on what country you live in.

If you live in the UK

The services in this list can help if you believe you have been a victim of fraud:

  • If you believe a crime is actively being committed or you are in danger, you should call 999.
  • If you live in England, Wales or Northern Ireland, report it to Action Fraud (the National Cyber Crime & Fraud Centre). If you live in Scotland report to Police Scotland by calling 101.
  • If your payment or banking information are involved, you should contact your bank or credit card company and make them aware.
  • Contact CIFAS to register and protect your identity from further attack.

If you live outside of the UK


Please check what services are available in your area, either from your government or consumer advice bodies. You can also search online for topics like "fraud prevention" or "report fraud".

Staying safe online

The best start to staying safe online is by being aware of online threats and the actions you can take to better manage your security.

You’ll find our top tips and guidance below on steps you can take to protect yourself and reduce the risk of fraud.

  • Protect your devices and secure your Wi-Fi connection
  • Set strong passwords and use multi-factor authentication
  • Be mindful of what you share online, especially on social media
  • Stay vigilant for fake adverts and websites when shopping and browsing online
  • Check the source of any communications to avoid phishing attacks

The National Cyber Security Centre (NCSC) also offers up-to-date guidance and advice on the best steps you can take to stay safe.

1. Protect your devices and secure your Wi-Fi connection

2. Set strong passwords and use multi-factor authentication

Here are our top tips for password security.

  • Never use information in your passwords that is linked to you, like birthdays or pet names.

    This personal information could already be available online which could make a password easy to guess.
  • Always use a strong and unique password for each online account.
    Setting different passwords for each account means that if one is stolen or leaked online, it doesn’t put your other accounts at risk.
  • Your email account should have the most secure password.
    If this account were lost it could be used to steal sensitive information, lock you out of other accounts and increase the risk of identity fraud.
  • Keep your passwords random, hard to guess and never share them.

It can be difficult to remember your passwords for all your accounts, so you may want to consider using a password manager.


How to set a strong password


The current recommended approach to passwords is to use three random words that are not linked to each other but are memorable to you.


Once you’ve decided on your words, input some numbers and special characters where you see fit, and this should be strong and long enough.


A strong password should have all of the following:

  • Uppercase letters
  • Lowercase letters
  • Numbers
  • Special characters (like !, &, $)

Use multi-factor authentication


As well as passwords you should also set up multi-factor authentication (MFA) or two-step verification (2SV) on all your accounts.


This means that should your password be stolen or leaked online, the fraudster will still not be able to gain access without your authorisation. If you receive an MFA request that you did not initiate, this could be a sign that your password to that account has been stolen, and your account is at risk.

3. Be mindful of what you share online

Your Digital Footprint is the trail of information you leave whilst using online services. This includes online activity like browsing websites, playing games, clicking adverts and interacting on social media. 

Your data trail reveals a detailed picture of who you are and what you like. And having too much information online can leave you vulnerable to being targeted by cyber criminals. For example, identity theft can occur when cyber criminals exploit your data to impersonate you or commit fraud. 

Be mindful of what you share online and regularly review the privacy settings of the apps and websites you use, to better control your digital footprint.

Staying safe on social media

The internet has made it easy for staying connected to people all over the world at the touch of a button. But the information on social media can provide cyber criminals with the information they need to scam victims, allowing them to tailor phishing emails and messages to specific individuals interests and using information about them for malicious acts. 

Could you be at risk of over sharing? Certain types of information should obviously be kept offline, like bank details, passport number and your National Insurance number. But there are more commonly shared types of information that can be easily used to target you, such as your phone number, home address and financial information. 

Before you post or comment online, consider if you want everyone on your social media knowing that information: do you know and can you trust everyone that can view that post? 

Here are some tips for helping you stay safe:

  • Understand your privacy settings
    Only allow people you know and trust to view your content. Lockdown your accounts to ‘private’ in the settings of your social media app(s).
  • Use multi-factor authentication
    You will find this in your ‘settings’, and along with a strong, unique password, this will prevent a person being able to access your account.
  • Be wary of unexpected friend requests and messages, it could be phishing!

4. Stay vigilant for fake adverts and websites when shopping and browsing online

Modern technology has made it easier for scammers to create fraudulent websites mimicking well-known, legitimate brands, and tricking users into providing sensitive information or downloading harmful software.

These deceptive sites are often made to look as real as possible using look-alike web addresses, real or outdated logos and once you're on the site you can move around as you would normally expect.

Be wary of deals that seem too good to be true and check the domain name closely of the website you visit - look for spelling mistakes or slight variations that seem out of the ordinary.

You can also try using an online website checker tool to check the legitimacy and security of sites for you.

5. Check the source of any communications to avoid phishing attacks

Phishing attacks are when cyber criminals send fraudulent communications that appear to come from a reputable source. The goal of these attacks is to trick the recipients in to giving away sensitive data, like login information and credit card numbers, or to install malware onto their machine.

These attacks can come in many different forms but most commonly through email.

  • Email phishing
    Emails could be sent to thousands of people at once or tailored to specific individuals. Cyber criminals often rely on open-source information to make more specific connections, like people’s names or where they work.
  • Phone phishing (vishing)
    Fraudulent phone calls, engaging with someone over the phone to trick their victim into giving away sensitive information.
  • Smishing
    Text messages or direct messaging via social media, often sending harmful links or asking for money.
  • QR code scams
    Scanning these barcodes could redirect you to fraudulent websites or cause your device to download malware.

Examples of phishing attacks


Phishing attacks rely on us making a mistake: whether it’s clicking a link, opening an attachment, or giving away sensitive information. Cyber criminals often deceive their victims using fear, urgency, or rewards to get what they want.

  • Fake invoice
    Emails targeting individuals (pretending to be a retailer) or businesses (by impersonating vendors or suppliers) presenting a fake invoice claiming unpaid services will be cancelled.
  • Over the phone
    Fraudsters often call pretending to be the bank, attempting to trick people into a false sense of security by revealing certain information that they have pertaining to their targets’ details that have been leaked online, such as account numbers, card numbers or an address. They will then try to get the victim to share credentials or authentication information.
  • Delivery notification
    Like text messages that appear to come from popular delivery services, such as DPD or Royal Mail. These messages can include a fake delivery notifications with a harmful link or harmful attachments.

General security advice to protect from phishing


  • If it sounds too good to be true, it probably is.
  • Be cautious with emails containing links and attachments. If something in an email does not seem right, make sure you don’t interact with any links or open any attachments.
  • If the sender is known to you or a reputable company, reach out to them by other verified means to confirm before engaging with them.

Cyber-attacks are constantly developing and growing in sophistication. Conducting your own research on current threats can help you remain safe online.

Remember to always be sceptical of unsolicited investment advice

If you cannot verify the source of information, then you cannot guarantee the intent behind it. You can report fraud or scams to Action Fraud UK or if you believe that you have been contacted by a scam pretending to be Aberdeen, please let us know by emailing emailscams@aberdeenplc.com.

Types of fraud and scams

Identity theft explained

Identity theft occurs when someone wrongfully obtains and uses another persons’ personal information, such as their name, National Insurance number, bank account details or credit card information, without permission. This stolen identity is then typically used to commit identity fraud for financial gain.

Fraudsters can use stolen identities to:

  • Obtain further information
  • Open bank accounts
  • Obtain credit cards, loans, and state benefits
  • Make online purchases or setup new contracts
  • Take over online accounts

To protect yourself, it is important to stay informed about data breaches and monitor your financial accounts for any unauthorised activity.


If you live in the UK and you’re worried that your identity may have been stolen, you can contact CIFAS to register and protect your identity from further attack.

Common scams