top of page

Financial Cybersecurity: Spoof Sites & Pop Up Scams

A new consumer alert as of August 26th, 2020 shows a recent uptick in fraudulent online activity targeting investors.

According to the Colorado Division of Securities, both "spoof" websites, as well as browser "pop-ups", have been reported. They are going after unsuspecting users, but specifically older investors.

A pop-up can suddenly appear on top of your existing site during browsing. This can happen when otherwise legitimate sites are corrupted with hidden malware viruses. The pop-up acts as a "hook" to draw the user in with an urgent message motivating their fear, greed, or compliance.

For example, let's say you're reading an investment article and all of a sudden a small window appears that says:

Your account has been frozen. You are at risk! Take action to unlock your account for restored access.

A link is then provided that takes you to a site that looks like the brokerage account you're used to. But it's not. It's a spoof site meant to trick the user into entering their login credentials.

And that's the scam; to capture your login credentials so the online predator can then access your account at the real site. Here's an example.

These scams come in all types of flavors. Some claim you have won something. Others suggest your computer is infected. Others scare you by saying the IRS is coming after you. Some even show a fake invoice that requires payment or that you need to confirm personal information for some reason.


The following advice comes directly from the Colorado Division of Securities.

Most important, check the address bar once you land on a website. The address bar contains vital information to confirm:

  • Domain names should be clear and spelled correctly. For example, or are related to well-known businesses. But, or are definitely fake.

  • If an address is long, look for the domain name at the end of the address but before the first backslash. For example, a fake amazon address might look like this: This might seem like an amazon address but it's not. Look closely near the end and you can see the domain name is actually "".

  • Don't confuse a hyperlink with the actual website address. Scammers use deceptive hyperlinks that look like a web address. But a hyperlink is just a name that can be manipulated. If you click on a hyperlink, be sure to check the domain name of the website itself in the address bar.

  • Make sure the website has a secure connection. For a secure connection, look for the "s" at the end of https:// in the address bar. The http:// without an "s" is not a secure connection. A padlock icon also indicates a secure connection. Here's an example of a secure, quality website you can have confidence in (and tell your friends about).


  • Close the pop-up and close the website.

  • If you can’t close the pop-up, shutdown your computer and restart.

  • Don’t do anything the pop-up asks. Don’t call them at the number they provide.

  • If you do call them (again, never do this, but if you do....), don’t provide any personal information, don’t allow them remote access to your computer, and don’t transfer securities or funds to them. 

  • You should also contact the real company through a phone number or website you know is legitimate. Ask the real company about the pop-ups and about their real website address.   

  • If you have fallen victim to an investment scam or you want to report one, contact the Colorado Division of Securities for help. Email or call 303-894-2320.

Being online is part of the way we live, but cybersecurity scams come with the territory. When it comes to your investment and bank accounts, take the extra steps to verify websites and protect yourself against scams.

At Aspen Leaf Wealth Management, we ask clients to use a few different sites to access information as well as interact with our advisors. If you're not sure you're using a legitimate site, always reach out so we can confirm the web address.

On our end, we'll never accept a distribution request without taking steps to verify the identity of our client. For example, one time earlier in my career, I received an email from a client asking me to send them $40,000, but to a new bank account. They even provided account and routing numbers.

I called the client and they had no idea what I was talking about. They later determined their email had been hacked and the email I received was fraudulent.

Don't ever feel that it's a hassle to take precautionary steps. We don't! We want you to feel safe online and certainly doing business with us.


bottom of page