Scammers have used regulatory fake letters for a very long time to present themselves as legitimate to their potential victims. Especially fund recovery scams use such fake letters to trick victims into making payments. The International Organization of Securities Commissions (IOSCO) recently alerted about the circulation of fraudulent letters claiming to be from IOSCO. Based on our information, there are two primary types of these deceptive letters:
- Letters directly asking recipients for a monetary payment.
- Emails, sometimes following phone calls, that include letters from the so-called “Financial Control Service of Investment Company of IOSCO” asking for bank details.
It’s crucial to understand that IOSCO has not initiated any of these communications. We urge you NOT TO MAKE ANY PAYMENTS OR SHARE ANY BANK DETAILS if you encounter such messages. These are fraudulent attempts by external parties impersonating IOSCO to illicitly acquire funds.
IOSCO never sends unsolicited messages, be it emails or phone calls, demanding payments, or asking for comprehensive personal and financial details. All genuine IOSCO communications come from the domain “iosco.org.”
Any messages from different domains are not affiliated with IOSCO.
Furthermore, the International Organization of Securities Commissions wants to inform the public about the following: The Internet Corporation for Assigned Names and Numbers (ICANN) has introduced the new Generic Top Level Domains Program (gTLD Program), which oversees the registration of domains in the Financial Services and Markets Sector category.
It’s essential for investors and consumers to recognize that just because a financial services company, investment firm, or individual registers and uses one of these domains, it doesn’t mean they have received authorization from the appropriate financial services regulatory body.
We strongly advise investors and consumers to verify with their local authorized financial entities and individual registries to ensure that a company or individual using these domains is legitimately authorized to provide financial services. Remember, dealing with unauthorized entities means you won’t have any legal protection.