Cybersecurity
Cybersecurity information, scam awareness, and online safety guidance.
Recognising scams and reporting concerns
At CoinShares, we take cybersecurity seriously. Protecting our clients, partners, and employees is a core priority, and we work continuously to safeguard our systems and communications. As digital assets attract increasing attention from bad actors, it’s important to understand the types of scams that may impersonate CoinShares and how to recognise them.
Recruitment scams: Fraudsters may pose as CoinShares recruiters, often via platforms such as LinkedIn, and advertise fake roles. These scams may involve requests for payment, purchasing equipment, or installing software or scripts. CoinShares will never ask candidates to pay fees or install unapproved software. Legitimate roles are listed on our Careers site.
Phishing and fraudulent emails: Emails claiming to be from CoinShares may attempt to create urgency or prompt you to click links, open attachments, or share sensitive information. Always verify the sender and be cautious of unsolicited requests.
Fake websites and social media profiles: Fake CoinShares websites, pages, or social media accounts may be used to share misleading information or promote fraudulent offers. Always ensure you are interacting with official CoinShares channels.
Unapproved messaging and investment solicitations: CoinShares does not use informal or unapproved messaging platforms such as WhatsApp, Signal, or Telegram to sell products, provide investment advice, or solicit crypto-related activity. Any such contact should be treated as suspicious.
Product impersonation and fraudulent offers: Scammers may impersonate CoinShares products or encourage purchases through unofficial platforms. CoinShares products are only available through approved channels. Product information is available on the CoinShares website. If in doubt, contact us before taking action.
Contacting our cybersecurity team
If you’re unsure about a message or notice something that doesn’t feel right, it’s always best to check. You can contact our cybersecurity team at [email protected].
When reporting a concern, please include as much detail as possible, such as screenshots, email headers, or links you were directed to. This information helps our team investigate quickly and may also be useful for law enforcement where appropriate.
Reporting scams to authorities
Below are examples of local and regional cybercrime authorities where scams may be reported:
Jersey - The States of Jersey Police
United States - The FBI’s Internet Crime Complaint Centre (IC3)
Europe - Europol
United Kingdom - Action Fraud
Advice on keeping yourself safe
Many cyber attacks can be avoided by recognising common warning signs and following basic security best practices. The guidance below is intended to help you reduce your risk when interacting online.
Be cautious with unexpected communications
Be alert if a message:
Is unexpected or from an unknown contact
Sounds too good to be true
Pressures you to act quickly or urgently — scammers often use emotion to prompt action
Links to a destination that differs from what is shown when you hover over it
Comes from an address or domain with subtle misspellings (for example, “rnicrosft.com”)
Keep your devices secure and up to date
Keep your operating system, browser, and applications up to date, and enable automatic updates where possible.
Only install software, apps, or browser extensions from trusted and official sources, and avoid running files or scripts you do not fully understand.
Protect your devices with a strong password, PIN, or biometric authentication, and ensure devices lock automatically when not in use.
Enable device encryption where available to protect your data if your device is lost or stolen.
Secure your home Wi-Fi network with a strong password and up-to-date router firmware.
Use strong authentication
Use strong, unique passwords and avoid reusing them across different services.
Consider using a reputable password manager to generate and store passwords securely.
Enable multi-factor authentication (MFA) wherever it is available.
Monitor for data breaches
Consider registering for breach notifications using services such as Have I Been Pwned, which can alert you if your email address appears in known data breaches.
Take extra care before clicking, downloading, or acting
Check website URLs carefully and ensure you are using official CoinShares domains.
Be cautious when opening attachments or downloading files, especially from unsolicited messages.
Avoid acting immediately on urgent requests — take time to verify communications through official channels.
The information provided on this page is for general guidance only and does not constitute legal, financial, or security advice. While we aim to keep this information accurate and up to date, CoinShares cannot guarantee that it addresses all potential threats or scenarios.
