Our security programme

Our Cybersecurity team actively seeks potential vulnerabilities within the Investec application and infrastructure architecture.

These experts use constant research to stay at the leading edge of changes in potential threats to the landscape of our technology and processes.

Using this knowledge, the team plays an important role in product development, making sure that all applications are secure by design. They also raise new threats they identify with the Information Security teams, to put preventative measures in place, and minimise potential cyber incidents.

The Investec Fraud team works to protect our business and clients from becoming victims of fraud. Investec has various layers of control, including prevention and deterrence, detection and mitigation, repair and recovery, investigation, and learning. 

To do this, the team uses industry-leading real-time fraud detection systems to pick up potentially fraudulent payments. The team is made of experienced professionals, who are part of various fraud-prevention forums and groups, and regularly attend events and conferences to stay a step ahead. 

They also make sure that you, our client, is made aware of fraud threats with education campaigns and alerts, and help train Investec colleagues to also protect you, themselves and our business from fraudsters.

Investec’s Information Security team is responsible for the systematic implementation and monitoring of technology.  

The team maintains a close relationship with the Fraud and Cybersecurity teams. They also meet security researchers and providers to ensure a best-practice approach to mitigating risk.  

By closely monitoring the security landscape, the team makes sure that we know about any threats, that we’re ready in case of incidents, and that we can quickly address any vulnerabilities.

Is someone claiming to be from Investec? Fraudsters may contact you by telephone, email, SMS or text, letter or direct you to a website. These communications may look legitimate, with similar-sounding names to a bank or financial institution.

By adding official-looking logos, banking registration details and company numbers, these well-crafted deceptions give the impression that everything is right. If you’re not sure, call the head office switchboard, and never use numbers supplied by the person you’re suspicious of.

If you’ve already transferred money or information to a fraudster, contact your bank immediately. The bank may not recover all of it, but if you move quickly, it will recover what it can.

We maintain a list of companies and people who claim to be from Investec. With your feedback, we can keep everyone informed. You can review our full list of fraud alerts here.

If you think you have been targeted, click here to find more information on investment scams

Fraudsters are taking advantage of the low-interest rates in traditional financial services to market lucrative “investments” in Bitcoin or other cryptocurrencies. You may be asked to make a card bank transfer to your
new “crypto wallet,” after which the fraudsters will disappear with your money and the investment will never materialise.

Protect yourself by following these rules:

1. Always be aware of the risks associated with crypto investments

2. Do not transfer money to a cryptocurrency wallet that you didn’t set up yourself

3. Check the FCA warning list to ensure you are not dealing with a fraudulent investment provider

4. Always call the provider to verify the investment on an independently-sourced number, not the one found in the body of an email or documents you have been sent.

Fraudsters are increasingly sending text messages that impersonate genuine companies such as a tax authority, a postal service or even your bank. They may appear to be genuine, but are designed to steal data or to get people to pay them. This is called ‘smishing’ (SMS phishing).

In this case study we explain how some messages appear to be a small shipping fee request from the Royal Mail, but are made to acquire private information and target the recipient with further scams.

Always remember:

1. Never click on a link within a text message. Instead, call the organisation on an independently sourced number to confirm if the message is genuine. Don’t call the number in the text message.

2. If you want to access online banking, do so through the Investec app or through Investec Online. Don’t use a website link someone has sent you.

3. Never respond to a suspicious message. Instead, block the sender’s number using your device or contact your network provider and ask them to block the number for you.