Fraud on the financial market takes many forms and often seems harmless at first:

• Ilse Meier, a pensioner, receives a cold call from a financial adviser about a once-in-a-lifetime opportunity to earn thousands of euros, easily and without any risk, by making an immediate investment of just a few hundred euros.
• Luisa Schneider, a student, receives an e-mail, asking her to click on a link to a bank's website and to update her online banking login details immediately.
• Hans Wagner, a job seeker, comes across a lucrative job opportunity online as a financial agent in the area of escrow services.

These examples may be fictitious – but they are based on real-life cases.

This article describes the risks that consumers face on the financial market, the warning signs you should look out for, the ways in which you can protect yourself, and what you should do if you become the victim of fraud.

Beware of investment fraud!

The call that Ms Meier received from a financial adviser is alarming for several reasons:

Cold call? No thank you!
Do not engage with cold callers: investment services enterprises and other financial services providers are not authorised to make such unsolicited calls. Consumers should be suspicious of any random calls they receive, as it is very likely that the offers made within this context are a scam.

All that glitters is not gold. Stay vigilant!
Cold calling is not the only method scammers use: they also seek to entice consumers via e-mail, on social networks, on websites that seem legitimate, or by making promising offers in digital advertisements. Another popular tactic is to name celebrities or well-known companies as references in advertising without their knowledge. Most investment offers are aggressively advertised as a hot tip for investing in trendy assets or industries, such as precious metals, crypto currencies, start-ups or renewable energies.

High returns without any risks? There is no such thing!
romises of unusually high interest rates or returns that are far above the standard market rate may be an indication that the offer is a scam.

Do I have to make a decision right now?
Be wary of providers that put pressure on consumers to make a decision very quickly. You should never be rushed or pressured into making a decision, as legitimate offers are available not only today but also tomorrow.

Is this a serious investment or a scam? Look for more information!
Fraudsters have a number of tricks up their sleeves. Some companies, often with no business activities and a registered office outside the European Union, are established solely for the purpose of scamming investors. Before accepting an investment offer, you should look for as much information as possible about the provider and find out what exactly your money would be invested in.

Illiquid shares with a low trading volume or “penny stocks” are also popular among scammers to persuade investors that they are offering a bargain. These are often shares or other securities that are traded over-the-counter, as only few information requirements apply here. Fraudsters pursue an aggressive sales strategy to inflate demand for such illiquid or worthless shares in order to drive the price up, and they often use social networks for this purpose.

Fraudsters or the third parties they work with buy the shares at a low price in order to sell them at a profit after the price has gone up. The price then drops to zero, with unsuspecting investors suffering dramatic losses or even losing all the funds they have invested. This is known as scalping, which is a form of market manipulation that is punishable by law.

Fast money for all? Watch out!
A Ponzi scheme is another well-known scam: in this case, people are made to believe they will make a profitable investment when, in fact, the money paid by new investors is used to pay sham profits to earlier investors, with a portion landing in the scammer’s pocket. Scammers often pay new investors quick returns at first to gain their trust. Then, they call them to suggest that they invest more money. The scheme then falls apart, at the latest when a sufficient number of new investors can no longer be acquired, resulting in a total loss of capital for any unsuspecting investors who have put money into the scheme.

Look closely!
Ponzi schemes and similar scams are, for the most part, run on the black, i.e. illegal financial market. This includes providers offering financial products without having obtained authorisation from BaFin as required and those who even engage in prohibited business activities. The risk that investors will lose all their money with these providers is very high.

Investors should also be cautious with offers on the unregulated capital market.
The unregulated capital market refers to providers that are not subject to BaFin’s ongoing supervision and do not require authorisation from BaFin in order to distribute their products. A few examples include equity holdings, direct investments (e.g. investments in containers, wood or precious metals), participation rights, subordinated loans and numerous types of crowdfunding offers. While not all offers on the unregulated capital market are dubious, you should only invest in such products if you understand how they work and the risks they entail and you are fully convinced by the company and its business model.

Subject to government supervision
In Germany, BaFin is responsible for granting authorisation to financial institutions that wish to conduct banking/insurance business and/or provide financial services. It also monitors compliance with the applicable supervisory laws.

BaFin logo – a stamp of approval?
You should be wary if a provider claims, when advertising their services, that they are supervised by BaFin or have a prospectus approved by BaFin. BaFin’s legal mandate for financial supervision and the examination of prospectuses is limited. It is also illegal for a provider to refer to BaFin when advertising their services.

It is important to remember that even if a company observes all the rules and requirements, you can still suffer losses or lose all your money with an investment, depending on the product and contractual terms. Before making an investment, you should always seek information about how and when the investment amount would be returned to you and check whether the contract includes a right to repayment.

Stay vigilant!
There are a couple of simple rules you can follow to protect yourself from scams on the financial market:

• Do not let anyone rush or put pressure on you!
  Take your time and seek advice from someone you trust if need be.
• Do not do business with providers that fail to supply clear information. Do not take up an offer if you do not understand the contractual documents.
• Before making an investment, check carefully whether a right to repayment is set out in the contract.
• If you are unsure, do not make the investment!
  If doubts remain even after receiving investment advice, do not make the investment under any circumstances!

Cyber crime

Criminal offences that are committed online or using state-of-the-art information technology are known as cyber crime. For example, this can start with an e-mail, like the one Ms Schneider received.

Who sent this e-mail?
Sending fraudulent e-mails like these is known as phishing. These e-mails are sent by computer programmes to addresses with well-known e-mail providers, using all sorts of letter or first/last name combinations. Banks, for instance, are sometimes named as the sender. As in the example with Ms Schneider, it is often impossible for the recipient to determine at first glance whether the e-mail was indeed sent by their bank or whether this is attempted fraud. The subject (e.g. "Your transfer") is worded in such a way to arouse the recipient’s curiosity, prompting them to open the e-mail and enter the requested data, such as their internet banking PIN and TAN, which the fraudsters then collect.

Banking Trojans are another type of phishing mail. These e-mails include a link or an attached file with malware that is installed onto the recipient’s computer or mobile device after the link/file has been clicked/downloaded. Customers are often redirected to fake login pages or data entry forms imitating their main bank’s website, or malware is used to gather data, running in the background to manipulate transfers so that money is diverted to the fraudsters’ accounts. Payments online and online purchases and sales also entail such risks.

Can I trust this number?
Vishing (or “voice phishing”) involves a combination of computer and psychological manipulation. Fraudsters manipulate voice-over IPs to conceal their identity and telephone number. As a result, the person who is receiving the call will, for instance, see a bank’s actual number appear on their phone although a fraudster is on the line. Scammers come up with a story that seems plausible to their victims and put them under pressure so that their victims act quickly and disclose sensitive data, for instance.

Here is one example: a fraudster claims to be a bank employee and tries, by holding a convincing conversation with their victim, to get them to transfer significant amounts to (mostly foreign) bank accounts or divulge their online banking data. In such cases, the victims are often told that their money is at risk of falling into the hands of criminal organisations or that their money is affected by a bank closure.

Some fraudsters leave messages on answering machines/mailboxes or send an SMS (smishing) to their victims to inform them that their bank account has been hit by a hacker attack, asking them to call back. If the individual calls the number provided, a pre-recorded message is used, telling them to provide their bank or credit card details.

Is this website really genuine?
Fraudsters also often imitate (bank) websites with such a level of detail that it is very difficult to distinguish them from genuine ones. This tactic is often combined with phishing. Consumers receive an e-mail containing a link to a fake bank website that fraudsters use to phish sensitive data or redirect payments.

Fraudsters also operate fake online stores to entice customers with high-quality items at rock-bottom prices. However, the items these customers order are never delivered once they have provided their sensitive data and made a payment (in most cases, such orders can be placed only if an advance payment is made). With this method, customers are scammed twice: they lose their money and their personal data has been disclosed or phished.

Opening an account for a job interview: is that common practice?
In this type of scam, fraudsters use fake companies to advertise job offers online, e.g. for flexible part-time work. These firms often claim to offer good salaries and generous work-from-home arrangements. During the selection process, the company asks the applicant to open an account (to be subsequently closed) and confirm their identity in a video identification process. In some cases, fraudsters provide a clearing account for salary payments at a digital bank, for which the applicant must then provide verification documentation using their personal, sensitive data. The newly opened account is then only accessible to the fraudsters, who use the account for processing fake shop payments or for laundering money.

Fraudulent use of BaFin's name

The online job advert that Mr Wagner came across, as mentioned at the start of this article, is one example of a job scam – and in this case, BaFin’s name is used. Applicants for such jobs in the field of escrow services are asked to use their own accounts for the onward transfer of funds gained through criminal activities.

In many cases, fraudsters use BaFin’s name in order to obtain the sensitive data of consumers, get their hands on their money or take advantage of them for criminal offences. For example, scammers often employ phishing methods by sending fake e-mails which appear to have been sent by BaFin.

There are also fraudsters who use vishing techniques by claiming that they are BaFin employees.

Another tactic that scammers use is to send fake BaFin invoices in German and English to retail investors.

You should be suspicious if you are contacted personally by BaFin or by someone who claims to be working for BaFin.

This is likely to be scam, as BaFin does not initiate contact with individuals in this way.

How can you protect yourself from cyber crime?

• Do not open attachments, links or images in e-mails if you do not know the sender well or if you have not checked who they are.
• Contact your bank if you are unsure and do not use the contact details provided in e-mails
• Do not click on any links: instead, type website addresses manually into your browser.
• Do not disclose any bank details, TAN numbers or login data.
• Do not let anyone put you under pressure: interrupt them if necessary and look elsewhere for the information you need.
• Use secure websites (e.g. “https”) and encrypted connections.
• Keep your browser, operating system and anti-virus software up to date.
• Look up online merchants, e.g. by checking ratings and reviews.
• When shopping online, check which means of payment are available and do not pay in advance if you are not familiar with the merchant.
• Check your bank account regularly.
• I have been scammed! What should I do now?
  If you (suspect that you) are the victim of fraud, inform your bank and ask them to block your card.

Alternatively, you can call 116 116 to block your card.

Do not hesitate to report the matter to the police.