Guide to account security:
avoiding and reporting scams

Here, at eToro, security for our clients is a top priority. Our goal is to provide you with a secure online space where you can feel safe to invest, transact, and connect within our community.

The nature of the Internet, however, does require some extra caution whenever engaging online. In order to help you avoid falling prey to phishing attempts, investment scams, and other risks, we have put together this guide. In addition, if you are ever in doubt as to whether a communication is from us or witness any other suspicious activity on the eToro platform, please do not hesitate to contact us.

Common risks
and phishing attempts

“Phishing” is an attempt by criminals to procure or intercept personal data from users by imitating a trustworthy entity, for example, with fake websites, e-mails, phone calls or SMS messages. The intention is to misuse this data to steal money from account holders. The term “phishing” is based on the word “fishing” together with the P from password, since figuratively speaking, these criminals attempt to “bait” unsuspecting users into providing their passwords, account information, or other data that they would otherwise keep secure.

Unfortunately, the online trading and investment industry is not immune to these and other fraudulent attempts to swindle users out of their money. In just one example, in May 2021, Europol teamed up with several other law enforcement agencies to take down an investment fraud and money laundering ring involving losses of €30 million (US$36 million) total by hundreds of victims across Europe. The criminals created fake but professional-looking online trading platforms, luring victims through advertisements on social media and search engines. They posed as experienced brokers when contacting the victims via a fake call centre and used manipulated software to trick them.

Therefore, it is very important that you always verify that you are transacting with the official eToro platform and our representatives, and not an imposter.

What a phishing attempt might look like

  • eToro has a verified WhatsApp business account, which our representatives may use to initiate communication with clients from time to time. However, they will never request that you provide any sensitive information, such as personal details, account information or security credentials, via Whatsapp.
  • We will never contact you via a third party regarding your account. Only official eToro representatives may contact you.
  • Never give out any personal details, account information or security credentials to anyone who approaches you through different forms of media.
  • Be cautious of suspicious links: Avoid clicking on links from unknown sources. Hackers will often use links to install malware on your device as part of a phishing attack.

Protect your personal data

Verified eToro representatives will:

  • Only contact you through appropriate channels, such as the email address associated with your account
  • Contact you via the authentic eToro domain with @etoro.com / connect.etoro.com /mailer.etoro.com in the address.

Verified eToro representatives will not:

  • Ask you to move your money to a so-called “safe account” or any other place
  • Ask you to move your money to an alternative eToro account
  • Ask you to deposit to a specific payment method or crypto wallet
  • Ask you for your account password or Two-Factor Authentication (2FA) code
  • Ask you to provide your full credit card number or to send money
  • Ask for non-eToro account credentials
  • Communicate via Telegram

Security steps

To protect your account, we strongly recommend that you follow the steps below regularly. You should perform these steps more frequently if you notice any suspicious behaviour, such as reduced speed, pop-up advertisements, or changes to your account which you did not make.

Step 1: Employ 2-Factor Authentication (2FA)

2-Step Verification requires you to sign in both with your password and a security code sent to your phone (via SMS or phone call), which adds an extra layer of security to your account. Enable 2FA in your Account Settings. For a quick video tutorial, click here.

Step 2: Select a strong password

The keys to creating a strong password are length, a mix of letters and numbers, and no ties to your personal information. Never send your password via email, or reveal it to anyone else. Remember, eToro will never email you to ask for your password or other sensitive information.

Step 3: Protect your password

  • Never enter your password after following a link in an email from an untrusted site. Always go directly to https://etoroprod.wpengine.com/login.
  • Do not save your password in the browser. If anyone else ever accesses your computer, saved passwords are easily revealed.
  • Never use the same password on another website and change your password periodically.

Step 4: Check for viruses and malware

Install trusted antivirus software on your computer and mobile devices and set them to scan regularly. If a scan detects any suspicious programs or applications, immediately follow instructions to safely remove them.

Step 5: Perform regular operating system and browser updates

Updates also may include important security fixes. Make sure you’ve set your computer and mobile devices to update automatically, and if you get a manual notice to update, take care of it right away.

If you access your eToro account on a public computer, take these extra steps:

  • Always sign out of your account.
  • Clear forms, passwords, cache, and cookies from the browser on a regular basis.

Step 6: Check app permissions

Be cautious of apps that ask for unnecessary permissions. Only grant permissions which are essential for the app to function.

Our certificates

FAQ

Is my money safe on eToro?

Yes. eToro operates in accordance with FCA, CySEC and ASIC regulations, meaning that there are measures in place to protect investors. Our clients’ funds are kept secure in top-tier banks and all of their personal information is guarded under SSL encryption.

We also offer an option to activate Two-Factor Authentication (“2FA”) in your account, as described above. 2FA provides an additional layer of security which you can turn on or off in your Account Settings.

It’s important to note that any form of trading involves risk, therefore, we always encourage our clients to practise responsible trading by staying informed, diversifying their portfolios, and utilising risk management tools.

Is eToro a scam?

No. eToro is a reputable company trusted by millions of users worldwide. We have been a leader in the fintech industry and online investing since 2007.

Despite our best efforts, there will be people who think that eToro is a scam site. Therefore, we have put together a list to help you avoid actual scams, including forex & crypto scams. Here are a few things you might want to consider before you invest:

eToro is regulated: Not all platforms are regulated. Regulations are put in place to protect investors, so you should only trade with regulated platforms. eToro operates in accordance with FCA, CySEC and ASIC regulations.

eToro is safe and secure: Always look for security signs on your browser before you trade. On eToro, clients’ funds are kept secured in tier 1 banks, and all of their personal information is guarded under SSL encryption.

eToro has round-the-clock support: The support team is available 24-hours a day on trading days, meaning eToro clients always have someone to turn to if they encounter a problem or require assistance.

eToro has real users: eToro encourages its users to share their real names and pictures to ensure transparency. Moreover, depositing clients are subject to a strict verification process, making sure they are who they claim to be.

Technology and design: If the platform seems too complex to use, it probably isn’t right for you. eToro’s simple interface offers some of the world’s leading fintech instruments, online learning courses, an innovative mobile app, a daily newsletter, and much more. Generally speaking, scammers don’t go to such lengths to benefit their users.

eToro is in the press often: A scam is usually reported. Check online to see if there have been any reports by credible sources regarding any particular platform. Top-tier outlets, such as CNBC, TechCrunch, and The Telegraph have all covered eToro’s success in the fintech industry.

eToro makes its clients aware of the risks: Any form of trading, be it traditional stockbroker trading, or Contract for Difference (CFD) trading, involves risk. eToro encourages its clients to take safety measures and provides various tools for reducing risk while encouraging responsible trading.

Trading is not gambling: While there are always unforeseen events that can cause a sudden shift in an asset’s price, resulting in a loss, responsible traders stay informed and diversify their portfolios to reduce risk.

Why some people say it’s a scam: Regulated trading platforms cannot be scams since they act under strict supervision. Trading involves risk, and some people who lose money trading online are quick to blame the platform, calling it a “scam.” That is one of the reasons eToro provides risk management tools and allows you to withdraw funds at any time.

Is eToro safe?

Yes. On eToro, clients’ funds are kept secured in tier 1 banks, and all of their personal information is guarded under SSL encryption.

Is eToro a pyramid scheme?

No. Pyramid schemes are illegal. eToro is a reputable company trusted by millions of users worldwide. We are regulated by multiple agencies, including the Financial Conduct Authority (FCA) in the UK, the Cyprus Securities and Exchange Commission (CySEC) and the Australian Securities and Investments Commission (ASIC), which prohibit such illegal activities.

How can I report suspicious activity in my account?

If you ever suspect unauthorised activity in your account, please contact us immediately.

What should I do if I see a security issue?

If you have found a security weakness/vulnerability in any of our assets, we encourage you to let us know and help us keep eToro safe. We run a Bug Bounty Program on HackerOne to receive and keep a record of submitted issues. Please report your findings here https://hackerone.com/etoro_bbp Thank you for helping to keep eToro safe and secure.