Guide to account security:
avoiding and reporting scams
At eToro, security for our users is a top priority. Our goal is to provide you with a secure online space where you can feel safe to invest, transact, and connect within our community.
The nature of the Internet, however, does require some extra caution whenever engaging online. To help you avoid falling prey to phishing attempts, investment scams, and other risks, we have put together this guide. In addition, if you are ever in doubt as to whether a communication is from us or witness any other suspicious activity on the eToro platform, please do not hesitate to contact us.
Common risks and phishing attempts
“Phishing” is an attempt by criminals to procure or intercept personal data from users by imitating a trustworthy entity, such as fake websites, e-mails, phone calls, or SMS messages. The intention is to misuse this data to steal money from account holders. The term “phishing” is based on the word “fishing” together with the P from password, since figuratively speaking, these criminals attempt to “bait” unsuspecting users into providing their passwords, account information, or other data that they would otherwise keep secure.
Unfortunately, the online investment industry is not immune to these and other fraudulent attempts to swindle users out of their money. As an example, in May 2021, Europol teamed up with several other law enforcement agencies to take down an investment fraud and money laundering ring involving losses of $36 million total by hundreds of victims across Europe. The criminals created fake but professional-looking online trading platforms, luring victims through advertisements on social media and search engines. They posed as experienced brokers when contacting the victims via a fake call center and used manipulated software to trick them.
Therefore, it is very important that you always verify that you are transacting with the official eToro platform and our representatives, not an imposter.
What a phishing attempt might look like
- eToro has a verified WhatsApp business account, which our representatives may use to initiate communication with clients from time to time. However, they will never request that you provide any sensitive information, such as personal details, account information, or security credentials, via WhatsApp.
- We will never contact you via a third party regarding your account. Only official eToro representatives may contact you.
- Never give out any personal details, account information or security credentials to anyone who approaches you through different forms of media.
Protect your personal data
Verified eToro representatives will:
- Only contact you through appropriate channels, such as the email address or phone number associated with your account
- Contact you via the authentic eToro domain with @etoro.com in the address
Verified eToro representatives will not:
- Ask you to move your money to a so-called “safe account” or any other place
- Ask you to move your money to an alternative eToro account
- Ask you to deposit to a specific payment method or crypto wallet
- Ask you for your account password or Two-Factor Authentication (2FA) code
- Ask you to provide your full credit card number or to send money
- Ask for non-eToro account credentials
Security steps
To protect your account, we strongly recommend that you follow the steps below regularly. You should perform these steps more frequently if you notice any suspicious behavior, such as reduced speed, pop-up advertisements, or changes to your account which you did not make.
Step 1: Employ 2-Factor Authentication (2FA)
2-Factor Authentication requires you to sign in both with your password and a security code sent to your phone (via SMS or phone call), which adds an extra layer of security to your account. Enable 2FA in your account settings. For a quick video tutorial, click here.
Step 2: Select a strong password
The keys to creating a strong password are length, a mix of letters and numbers, and no ties to your personal information. Never send your password via email or reveal it to anyone else. Remember, eToro will never email you to ask for your password or other sensitive information.
Step 3: Protect your password
- Never enter your password after following a link in an email from an untrusted site. Always go directly to https://etoroprod.wpengine.com/login.
- Do not save your password in the browser. If anyone else ever accesses your computer, saved passwords are easily revealed.
- Never use the same password on another website.
- Change your password periodically.
Step 4: Check for viruses and malware
Install trusted antivirus software on your computer and mobile devices, and set them to scan regularly. If a scan detects any suspicious programs or applications, immediately follow instructions to safely remove them.
Step 5: Perform regular operating system and browser updates
Updates also may include important security fixes. Make sure you’ve set your computer to update automatically, and if you get a manual notice to update, take care of it right away.
If you access your eToro account on a public computer, take these extra steps:
- Always sign out of your account.
- Clear forms, passwords, cache, and cookies from the browser on a regular basis.
FAQ
Yes. eToro operates in accordance with FINRA and SEC regulations, meaning that there are measures in place to protect investors. Our clients’ funds are kept secure in top-tier banks and all of their personal information is guarded under SSL encryption.
We also offer an option to activate Two-Factor Authentication (“2FA”) in your account, as described above. 2FA provides an additional layer of security which you can turn on or off in your account settings.
It’s important to note that any form of investing involves risk, therefore, we always encourage our clients to practice responsible investing by staying informed, diversifying their portfolios, and utilizing risk management tools.
No. eToro is a reputable company trusted by millions of users worldwide. We have been a leader in the fintech industry and online investing since 2007.
Despite our best efforts, there will be people who think that eToro is a scam site. Therefore, we have put together a list to help you avoid actual scams, including forex and crypto scams. Here are a few things you might want to consider before you invest:
eToro is regulated: Not all platforms are regulated. Regulations are put in place to protect investors, so you should only invest on regulated platforms. eToro operates in accordance with FINRA and SEC regulations.
eToro is safe and secure. Always look for security signs on your browser before you invest. On eToro, clients’ funds are kept secured in tier 1 banks, and all of their personal information is guarded under SSL encryption.
eToro has round-the-clock support. The support team is available 24-hours a day on trading days, meaning eToro clients always have someone to turn to if they encounter a problem or require assistance.
eToro has real users. eToro encourages its users to share their real names and pictures to ensure transparency. Moreover, depositing clients are subject to a strict verification process, making sure they are who they claim to be.
Technology and design. If the platform seems too complex to use, it probably isn’t right for you. eToro’s simple interface offers some of the world’s leading fintech instruments, online learning courses, an innovative mobile app, a weekly newsletter, and much more. Generally speaking, scammers don’t go to such lengths to benefit their users.
eToro is in the press often. A scam is usually reported. Check online to see if there have been any reports by credible sources regarding any particular platform. Top-tier outlets, such as CNBC, TechCrunch, and The Telegraph have all covered eToro’s success in the fintech industry.
eToro makes its clients aware of the risks. Any form of investing, be it traditional stock investing, or options trading, involves risk. eToro encourages its clients to take safety measures and provides various tools for reducing risk while encouraging responsible investing.
Trading is not gambling. While there are always unforeseen events that can cause a sudden shift in an asset’s price, resulting in a loss, responsible investors stay informed and diversify their portfolios to reduce risk.
Why some people may say it’s a scam: Regulated investing platforms cannot be scams since they act under strict supervision. Investing involves risk, and some people who lose money investing online are quick to blame the platform, calling it a “scam.” That is one of the reasons eToro provides risk management tools and allows you to withdraw funds at any time.
Yes. On eToro, clients’ funds are kept secured in tier 1 banks, and all of their personal information is guarded under SSL encryption.
No. Pyramid schemes are illegal. eToro is a reputable company trusted by millions of users worldwide. We are regulated by multiple agencies, including the Financial Industry Regulatory Authority (FINRA) and the US Securities and Exchange Commission (SEC), which prohibit such illegal activities.
If you ever suspect unauthorized activity in your account, please contact us immediately.
If you have found a security weakness/vulnerability in any of our assets, we encourage you to let us know and help us keep eToro safe. We run a Bug Bounty Program on HackerOne to receive and keep a record of submitted issues. Please report your findings here: https://hackerone.com/etoro_bbp. Thank you for helping to keep eToro safe and secure.