The Basics
  • Share this page on Facebook
  • Share this page on LinkedIn
  • Send to a friend
Hannah Beecham

Financial Self-Defence

Look out, there are sharks about! Rogue traders, internet fraudsters, ‘put-your-hands-up-and-gimme-de-money’ heisters... They’re out there somewhere and they’d all like to get their hands on your hard-earned cash.

In the expat’s personal financial strategy, financial self-defence is the bottom line. Here, we explain the principal ruses the villains are using to penetrate your financial defences and outline a few simple steps you can take to stay ahead of them.

Every year billions of pounds/euros/dollars are being lost to fraud - an astonishing £1 billion to so-called ‘boiler room’ scams alone (see below). Affluent expatriates are, it seems, a particularly attractive target for the bad guys. Wherever you are in the world, you must exercise caution in your financial dealings. Never give away information about yourself or your finances to persons or organisations contacting you uninvited. Delete unsolicited emails if you have the slightest doubt about their integrity and consider carefully before opening any email attachments. Bear in mind that there is already far more data about you ‘out there’ than is desirable from a personal finance perspective. Data security, even in the hands of the most prestigious bodies, is not always what it should be.

Thieves use our personal details to access our bank accounts, steal our money, run up bills on our credit cards, and create false documents like passports in our names. As a precaution, never bin documents - especially financial documents like bills. Shred them in a cross-cut or diamond-cut shredder.

Learn to handle your personal finances in exactly the same way that you handle your car - by staying fully alert. If you transact money online, keep with the task. Don’t wander away from your computer to make a cup of tea or answer the telephone, and don’t forget to quit the online connection to your bank or broker the moment you’ve finished your transaction.

ID fraud and online banking

Identity fraud is on the increase. We all need to understand how to protect ourselves to prevent the distress and long-term disruption it causes. As a first step, read the small print in your banking agreement and implement any measures required to bring your computer’s firewalls and anti-virus software up-to-date. Failure to comply with the terms and conditions of your online banking agreement will abrogate the bank’s refund obligation. Keeping your part of the bargain obliges the bank to compensate you should the worst come to the worst. Look for the section in the small print entitled fraud protection or contact your bank directly and ask them to talk you through their identity theft protection policies.


Phishing is the term used to describe a particularly virulent online scam. Fraudsters set up ghost websites - exact copies of the genuine sites of bona fide financial houses, including well-known banks. Hapless online customers enter their personal account numbers and passwords onto the ghost sites believing them to be the real ones. The bait’s been taken and so has the victim’s money. Sometimes the expat is contacted via email. The pretext is usually along the lines that the bank is updating its security systems. The email will include a link to a ‘secure’ page which will ask for confirmation of the expat’s account numbers and password. Every day some poor soul will oblige, and - hey presto - their money vanishes.

Financial institutions like banks will never ask a customer to convey passwords online. To do so would breach fundamental security procedures. Verification is managed by asking for partial detail only, thus avoiding the risk of internal theft.

Trojan horses

Expats who transact money online should be particularly on guard against so-called ‘Trojan’ programs which steal data from a computer by monitoring the user’s keystrokes. The latest version doing the rounds can sneak in with your emails, or when you’re visiting a website or downloading apparently innocent software. It can even ambush your files disguised as a music track. The Trojan program sits inside your system until you attempt to access your online account. Then, typically, it redirects you in phishing-style to a fake website where you will invariably be asked to type in your security information - passwords and account numbers - which will be intercepted by the fraudsters.

As a precaution, never enter the website of your bank, building society or investment broker other than by keying in the full website address. Under no circumstances should you enter any site connected with your financial dealings through links, or in reply to an unsolicited email, or via a search engine, as this may lead directly to a phishing site.

Be on the look out for any irregular activity in your account. This means checking your statements on a regular basis. If you think you are being targeted by fraudsters, notify the relevant authorities immediately.

There’s a cyber-defence guide available for Internet users at It works for both PCs and Macs, offering good advice on how to avoid ID theft, fraud and how to buy and sell online safely.

Needles and PINs

Never reveal your personal identification number (PIN) to anyone, under any circumstances. As a matter of policy, banks do not ask customers for their PIN. The PIN is the customer’s secret. So if anyone asks you over the phone (or via the Internet) for confirmation of your PIN, the approach is fraudulent and you should report it immediately. As many expats have learned from experience, if you momentarily forget your PIN, you have only so many attempts at punching in the right character/number sequence before the account is locked automatically. The ‘three strikes and you’re out’ rule, however frustrating, provides a tier of safety to prevent card thieves unlocking your account. In the event of your account freezing you out, you’ll need to contact your bank to explain what’s happened, verifying that you are indeed the account holder, and ask them to send you confirmation of your PIN.

Check it out! How can I keep my PIN safe?

• Don’t keep your PIN with your cards.

• Don’t use personal anniversaries as PIN numbers.

• Don’t reveal your PIN either over the phone or online.

• Do follow the bank’s advice on keeping your online account secure.

• Do keep your anti-virus software up-to-date.

• Do log off immediately after you have finished your online banking transactions.

Boiler rooms

What are boiler rooms? Boiler rooms are sophisticated financial operations, usually based outside the UK (where the regulatory authorities can’t reach them), which use high-pressure sales techniques to offload worthless shares onto unsuspecting investors.

If someone you don’t know calls you up out of the blue and offers you cheap shares, the chances are you are being targeted by a boiler room. Boiler room scam artists are clever and sophisticated and know how to persuade us to part with our cash. So says the UK’s Office of Fair Trading (OFT). It’s a view shared by the Financial Conduct Authority (FCA) which reckons we are losing well over £200 million a year to boiler rooms. The police say it’s the most significant type of fraud they’re dealing with and put the figure lost annually at nearer £500 million.

It is estimated that there are between 300 and 500 boiler rooms working in Spain alone and new scams are appearing almost weekly, so it’s important you know how to spot them.

How do boiler rooms work?

Each operation employs up to 20 people who thoroughly research potential targets by any means possible and build up detailed victim profiles. These may include share-dealing histories, hobbies, taste in cars and more. After an initial ‘friendly’ telephone call, the lists of contacts will be handed over to ‘loaders’ - smooth-talking conmen and women whose job is to clean the victims out of their savings.

These guys won’t take no for an answer. They’ll call you constantly, trying to win your confidence and build a relationship. They will appear very knowledgeable and highly professional. The loaders often move from operation to operation taking lists of potential targets with them. One quarter of respondents reported that they had been approached by four or more different boiler rooms.

If you’re tricked into parting with your money you will probably be approached at a later date by a ‘slopper’, the gang’s apologist, who will explain to you how, for various unforeseen reasons, your initial share purchase has failed to bear the anticipated fruit. He or she will then offer you a ‘way out’ of your bind. He will tell you that he has found a buyer willing to purchase your shares but that offloading them will involve an upfront administration fee. Don’t expect a refund. Sounds too obvious to be effective? The UK’s Financial Conduct Authority (FCA) conducted a survey of callers who had contacted the Authority about fraud. More than half (58 per cent) of the respondents had fallen victim to a boiler room scam and purchased worthless shares. Of the victims, 13 per cent had been conned more than once. Three victims each reported losses of over £100,000. The average loss was in the region of £20,000.

Get montly expat investor insights in your inbox


Your email will be retained and solely used to send you the Expat Investor newsletter. You have the right to access and amend your data (see privacy policy).


Boiler room victims

The survey found that boiler rooms tend to prey on older people. Thirty-eight per cent of victims were aged over 60 while 26 per cent were 51-60 years old. The majority of victims were male (81 per cent) and, somewhat surprisingly, most were experienced investors with 41 per cent saying they had been investing for over 11 years.

Many of those surveyed reported that the boiler room called them repeatedly. Fifteen per cent of victims were persuaded to purchase shares during their first call; nearly half were called four or more times before they succumbed. Regardless of whether they purchased shares or not, 63 per cent of respondents reported that they were pursued by the boiler room for at least one month and nearly a quarter said they were receiving calls from the same boiler room for more than six months. However unlikely it may seem, these techniques succeed.

It goes without saying, boiler rooms are not authorised by the FCA, whatever their sales people might tell you. They are acting illegally. In the vast majority of cases, the shares they are promoting have no value and the boiler room vanishes as suddenly as it appears, leaving the hapless investor out-of-pocket. Because boiler rooms are based outside the UK, the FCA is usually unable to take direct action to shut them down.

If you get a call out of the blue from any financial organisation, you should be wary. The very least you should do is to verify their bona fides with the appropriate financial regulator. Are they genuine, and are they authorised? Remember, you are not protected if you deal with an unauthorised company. The message is clear; if you are in the slightest doubt just hang up!

Check it out! Boiler room scam artists will:

• Catch you unawares, contacting you without you asking them to, by phone, email, post or sometimes in person.

• Sound pleasant and knowledgeable, be well-spoken and polite.

• Provide you with slick, professionally produced leaflets and letterheads.

• Be persistent and persuasive.

• Try to rush you into making a decision.

• Ask you to send money ‘up-front’.

Just hang up! For further information on boiler rooms visit

‘Nigerian’ letters

These are letters, or emails, usually from an African address offering to share commission on a large sum of money that will be placed in your bank account. You will be asked to give your account details and to pay a substantial up-front fee for ‘administration’. These kinds of emails and letters have been sent from Sierra Leone, South Africa and the Ivory Coast, as well as Nigeria. Realistically, they could come from just about anywhere.

A typical example works like this. You will receive a letter, fax or email from someone you don’t know who says they need help in transferring money overseas, usually US$20-30 million. Typically, the writer claims to be a senior government official, an accountant with a state-owned corporation, or perhaps a relative of a deposed or dead politician. The writer will tell you he needs to transfer his cash to a bank in your country, and if you let him use your bank account you can keep a big slice for yourself, usually 25 or 30 per cent. If you reply and give your banking and personal details, you will be sent fake bank statements and similar documents, all intended to prove that the money exists and is heading your way.

It doesn’t, and it isn’t.

If you receive one of these letters or emails, do not reply. You could simply throw it away or delete it. But it would be better to forward it to your Internet service provider (ISP) through which the scam email was processed. Address your email in the following way: abuse@[insert ISP name]. Your ISP should close any accounts abusing its systems.

Of course, there will always be new types of scam and a new generation of scamps willing to discharge them. But, in general, their methods are predictable.

Scammers will offer you something for nothing, such as:

• A win in a prize draw or lottery you haven’t entered.

• An exclusive entry to an investment scheme that’s a ‘sure-fire winner’.

• A chance to make easy money by ‘transferring’ cash from one country to another (the money doesn’t exist, if it did you’d almost certainly be ‘laundering’ it, which could land you in jail).

The OFT urges individuals to protect themselves by being sceptical. Is it likely that someone you don’t know, who has contacted you out of the blue, will give you something for nothing?

If they ask you to:

• Send money up-front (usually to a PO Box) in the form of an administration fee or tax...

• Give them your bank account number or other personal details...

• Ring a premium rate number...

• Buy something prior to receiving a prize... ... then it almost certainly indicates illegal activity, and you should report it.



Internaxx Bank S.A. accepts no responsibility for the content of this report and makes no warranty as to its accuracy of completeness. This report is not intended to be financial advice, or a recommendation for any investment or investment strategy. The information is prepared for general information only, and as such, the specific needs, investment objectives or financial situation of any particular user have not been taken into consideration. Opinions expressed are those of the author, not Internaxx Bank and Internaxx Bank accepts no liability for any loss caused by the use of this information. This report contains information produced by a third party that has been remunerated by Internaxx Bank.

Please note the value of investments can go down as well as up, and you may not get back all the money that you invest. Past performance is no guarantee of future results.

  • Share this page on Facebook
  • Share this page on LinkedIn
  • Send to a friend
Any questions?