Fraud and Scam Awareness

Beware of Scammers

Watch out for online contact from fraudsters (scammers) who are offering unsuspecting victims the opportunity to take part in ‘get rich quick schemes’.
How a typical scam works:
  • Scammers set up enticing websites and/or social media profiles to persuade visitors that they are accomplished and prosperous financial advisers or traders that will be able to help you achieve a similar lifestyle.
  • Scammers may also purport to work for regulated firms including copying their website logos and certain content to appear legitimate.
  • Scammers will approach the victims, or vice-versa, to enquire about trading through them.
  • The scammer will ask you to make a payment into an account name which does NOT match the company they purport to represent, providing false assurances that your money is safe.
  • In a few days the scammer will follow up to say that the value of the victim’s investments has doubled and ask for a further payment to “release” the funds back to the victim or threaten that the entire balance including the original capital will otherwise be lost.
If you have made a direct payment to someone who operates a social media account with the above characteristics and have suffered a financial loss, you may be a victim of online fraud. You are advised to make a report to www.cyber.gov.au. The Australian Signals Directorate (ASD) leads the Australian Government’s efforts to improve cyber security. Their role is to help make Australia the most secure place to connect online.
When reporting, it is helpful to have the following available:
  • Details of the bank account you made a transfer to, as well as the dates and sums involved.
  • The social media account details you have communicated with.
  • Any email address or telephone number you have had communication from in relation to the scam.
  • Screenshots of conversations or social media profiles, as these are quickly shut down when the fraudsters move on.
Please note, PhillipCapital employees will never:
  • Offer direct access to products and services to anyone through social media channels. From time to time PhillipCapital may engage in marketing campaigns, however no transactions will be requested via the marketing channels.
  • Seek to arrange payments of any sort through social media channels.
  • Share account updates or balances through personal texts or direct messages on social media.
Online adverts or social media posts that promise unusually high returns from trading in financial instruments are often red flags 🚩. If you have already been scammed, be aware: fraudsters frequently target victims again—and may even sell your information to other scam operations.
Why this happens & what to watch for:
  • “Recovery” solicitations: After defrauding you once, scammers, or new ones using your information may pose as recovery agents, offering to get your money back, however, will request for an upfront fee.
  • Reloading scams: A common tactic involves repeated attempts to drain more funds by promising larger returns.
  • Varying guises: Follow-up scams may come from entirely different fronts. Some impersonate lawyers, investigators, or even government agencies claiming they can help recover your lost funds.
If it sounds too good to be true, it probably is.
What you should do:
  1. Don’t pay anything up front for recovery services – legitimate help does not charge before delivering.
  2. Stop responding to unsolicited offers claiming they can restore your losses.
  3. Verify independently any company that contacts you—look them up and check for real registration.
  4. Report the scam immediately to authorities and your bank. In Australia, that means contacting ReportCyber (via the ACSC).
  5. Tell others – by reporting, you help protect future victims and prevent these scammers from continuing.
Protecting your online identity:
It is extremely important that you remain vigilant to security threats when online, and report anything to us that you feel may be suspicious.
See a few Smart and Safe Online Tips:
  1. Always think before you click
    • Don’t open links in emails or texts unless you are absolutely sure who sent them.
    • Watch for signs of phishing: misspelled URLs, generic greetings, odd attachments, or urgent language.
  2. Verify unusual payment requests
    • If you receive unexpected instructions to transfer money, contact PhillipCapital directly—using our known contact details before taking action.
  3. Don’t override browser security warnings
    • Alerts about certificates or insecure pages often mean the site is risky or fake – take them seriously.
  4. Use strong, unique passwords
    • Combine passphrases or three random words to create long and hard-to-guess passwords.
    • Never reuse passwords – consider a password manager to help store them safely.
    • Don’t share your passwords with anyone or record them somewhere it is accessible by someone else.
  5. Enable Two-Factor Authentication (2FA or MFA)
    • Adds an extra verification step (like a code or app prompt) to secure your accounts.
  6. Only download trusted mobile apps & always lock your device
    • Use apps from official stores and secure your device with a password, PIN, or biometrics to prevent unauthorised access.
  7. Keep all software up to date
    • Regular updates patch security flaws: enabling automatic updates ensures you are always protected.
  8. Use reputable antivirus and enable security features
    • Anti-malware tools can block phishing and malicious software, and a comprehensive suite can offer dark-web monitoring and safe-browsing alerts.
  9. Lock down your browser
    • Activate maximum security levels and avoid public Wi-Fi when accessing sensitive accounts.
Product and Service Security:
We endeavour to adopt the latest technology and practices to maintain the security of your data and your account. This includes the protection of your data and ensuring secure access to your accounts and the trading platform. Security is built into our products and platform, and we subject them to regular penetration testing by independent security experts to ensure any new features or releases meet our high standards. Any identified security issues are reviewed and quickly resolved.
Protecting your data
We appreciate that when you open an account and share your data with us, you trust us to handle your information with care. We are committed to protecting the privacy of all personal information that we obtain from you and fully comply with the standards introduced by data protection laws, including the General Data Protection Regulation (GDPR), the Privacy Act 1988 (Cth) and the Australian Privacy Principles. We adopt industry and information security best practices to protect your personal information, ensuring that unauthorised persons do not access it. This includes encryption of data during transmission, strong authentication mechanisms, cyber security processes and secure access to machines and data. We also train our employees who handle personal information to respect the confidentiality of customer data and the privacy of individuals. In keeping with our commitment to being transparent about how we use your data and ensuring its safe, view our Privacy Policy
Employee training and awareness
All our employees undertake a rigorous training programme on an ongoing basis, including regular reviews of all our policy documents, with assessments to prove understanding and awareness.
Third-party risk assessments
All our third-party providers are assessed before we engage with them, and any critical suppliers are reviewed on a regular basis to ensure they meet our standards and regulatory requirements.