We have received reports from our customers regarding multiple scams that are targeting members of the public. We would like to take this opportunity to inform you about these incidents and provide you with steps to safeguard yourself.

A few clients have reported receiving text messages purporting to be from staff, including our Director, Wayne Hedley. These messages refer to loan applications.

There have also been reports of unidentified parties approaching financial institutions and attempting to open unauthorised bank accounts or submit credit card applications in the name of a client.

InvestorFi has engaged external experts to lead its response to this matter, and updates will be provided as further information comes forward. We take the protection of our customers’ data extremely seriously. Steps are also being taken further to enhance our security protocols as a precautionary measure.

Only a small handful of clients have been impacted

If you feel like you may have been impacted by a potential cyber attack, here are some added layers of protection that you may wish to consider putting in place:

1. Check the security of your online account passwords using the NSW Government password checker (https://www.nsw.gov.au/id-support-nsw/passwords).

2. Install security software on your devices.

3. Ensure that all your contact details with your banks are current and up to date.

4. Ensure that you have in place security checks in place for your accounts, including establishing two factor authentication, changing passports and security questions.

5. Remove and deactivate any links that may be active, that you may have shared or granted access to your personal information (such as on Dropbox, Google Drive).

6. Contact a credit reporting agency (such as Equifax) to place a security freeze.

7. Sign up with Equifax for their Lock and Alert service, which allows them to lock and reopen your credit file (https://www.equifax.com/personal/products/credit/credit-lock-alert/).

8. Contact Equifax to request a ban on your credit report (https://www.equifax.com.au/eform/submit/credit-ban).

9. Contact Illion to request a ban on your credit report (https://www.illion.com.au/credit-report-ban-request/).

10. Contact IDCare, a service that provides support to individuals for cyber related incidents (https://www.idcare.org/). 

11. Save the phone number(s) of the businesses that you work with so you know who is contacting you

Information on how to create a strong password can be found on the cyber.gov.au website – https://www.cyber.gov.au/protect-yourself/securing-your-accounts/passphrases.”

To date, the cyber security specialist firm has not identified any compromise of InvestoFi’s digital infrastructure, and there is no indication of any exfiltration of InvestoFi’s digital data, which includes our customers’ information

We treat the protection of our customers’ data with the utmost seriousness. Steps are underway to further strengthen our security measures.

At this stage, we have no reason to believe you need to restrict communications with InvestorFi.

As a precautionary measure, we recommend that you remain vigilant for potential phishing emails and other scam communications from organisations purporting to be from clients. 

We also strongly recommend that you contact our staff directly by telephone if you wish to confirm any matters in relation to communications from us to you. 

Our priority is to continually enhance the ongoing security of our customer’s data against scams or fraudulent activity. As such, InvestorFi has taken steps to also notify the Office of the Australian Information Commissioner, the police and the Australian Cyber Security Centre of the suspicious activities.

Additional general resources on identity and cyber security support can be found here: https://www.oaic.gov.au/privacy/data-breaches/data-breach-support-and-resources/