The European Securities and Markets Authority (ESMA) currently warns against fraudsters who are up to mischief in the name of ESMA: Professionally disguised, their aim is to steal sensitive data and money. Data protection officers, compliance teams and other specialist managers should be aware of the risks.
Beware of fraud attempts with the ESMA logo
Fraudsters repeatedly use the name and logo of the European Securities and Markets Authority (ESMA) to make professional-looking but fraudulent contact. The aim is always to obtain personal data or money - via various communication channels: emails, phone calls, text messages or social media. Networks.
These scams are often well disguised. The messages initially appear harmless or even helpful. For example, the perpetrators pretend to be employees who allegedly want to help with the reimbursement of lost investments - in return for payment of a supposed administration fee. In some cases, they send fake documents or imitate the official website to feign seriousness.
Important to know: ESMA will never contact someone unsolicitedto request personal data, collect fees or offer assistance with the recovery of funds.
How do I recognize ESMA scams?
Pay attention to the following warning signals:
The message is unexpected or seems too good to be true
You are asked to disclose personal or financial data
An alleged ESMA person requests a Cash payment
The contact information is unusual or foreign
Only real if:
The e-mail ends with @esma.europa.eu
The telephone number begins with +33 (France)
The address is Paris, France - there are No further ESMA locations
If you have any doubts: Contact ESMA directly about scamreport@esma.europa.eu.
Reading tip: Data protection risks for customer database data in sales and service
What should you do if you suspect fraud or are affected?
ESMA recommends for Affected parties the following immediate measures :
Cancel contact - no longer react.
Report fraud:
With the Police or public prosecutor's office
With your national Supervisory authority
Check information:
In the IOSCO Investor Alerts Portal
On the European e-Justice Portal
Involve consumer organizations
Check legal steps - Contact a lawyer or attorney.
Important: ESMA itself cannot process individual fraud cases. If you have any doubts, please contact scamreport@esma.europa.eu.
Protective measures for compliance and data protection officers
As a specialist for Data protection or Compliance you should not only protect yourself, but also sensitize others in the company. Please note the following tips:
- Never disclose sensitive data - no bank details, passwords or investment details.
- Do not click on any suspicious links in e-mails of unknown origin.
- Check every contact with reference to ESMA.
- Conduct internal training coursesto Awareness in the team.
- Install technical protective measureshow e-mail filters against Phishing.
Sensitize your employees, consistently check suspicious processes and remain vigilant. Scams with the ESMA logo are not an isolated case - they are organized, international scams.
Looking for support with compliance and fraud prevention?
With 2B Advice We help companies to protect themselves effectively against risks such as Phishinginvestment fraud and Social engineering with customized solutions in the area of Data protection, compliance management and information security.
Whether through Awareness training, Risk assessments, Policy creation or Technical and organizational measures (TOMs)We help you to make your company not only compliant, but also resilient.
LGet a non-binding consultation now - Together we will develop your individual protection concept against modern scams.
German 
English 
Italian 
French