Guidance on Secure Emails


What are the risks?

When sending and receiving emails you should be aware of the associated risks which we have highlighted below:

Malware – Emails from unknown sources may contain viruses which can compromise your data
Phishing – This is a method of fraudulently trying to obtain sensitive information or data by disguising oneself as a trustworthy entity
Interception – Emails can be intercepted before reaching the intended recipient and any information which is not encrypted could be stolen
Human Error – Emails can easily be sent to the incorrect recipient if the address is typed incorrectly

How can I send and receive emails securely?

To help reduce the above risks and to ensure your emails are as secure as possible, we have included some example guidelines as follows:

• Email accounts should be protected by a strong password. Some of the National Cyber Security Centre guidance suggests:

o Using a password manager
o Choosing a strong and separate password for your email account
o Using three random words to create a strong password
o Being creative and using words memorable only to you. Don’t use words such as current partner’s name, family members’ name, pet’s name, place of birth, favourite holiday, something related to your favourite sports team
o Set up two-factor authentication for your email account

• Where possible, password protect and zip any attachments and send the password in a follow up email or confirm the password via telephone.

• Always double check the recipient email address is correct:

Query TypeTeamEmail Address
Dealing QueriesDealing
Account Opening & Stock Transfer QueriesRegistration
Contract Note QueriesBusiness
Distribution QueriesDistributions
CAF Data Refresh Form QueriesCAF Data Refresh
All Other QueriesInvestor

• Look out for spoof/hoax email addresses or names. The recipient email address should match those listed above exactly.

• Avoid opening attachments and refrain from clicking embedded links from unknown senders until you can confirm the origin of the email. If you would like to confirm that an email has come from us, you can call us on 0808 178 9321 and our Investor Support team will be able to verify this for you.

• Be aware of phishing emails which ask you for sensitive information (such as bank details).

• IFSL uses a third-party encryption service called Mimecast to email documents containing personal data to you such as contract notes. Mimecast will ask you to log in to your account to view such documents. If you are unsure if an email from Mimecast is legitimate you can call us on 0808 178 9321 and we can confirm this for you.

• Keep your email client, operating system and web browser updated.

• Verify the source of any potentially suspicious emails you receive via a follow up phone call.

• We will always aim to reply to your email and confirm receipt within 2 hours. For emails received after 4pm we will aim to respond to you by 10am the next day. If you do not receive a response confirming receipt, please follow up your email with a telephone call to ensure it has been received.

• Always remember, if in doubt you can follow up any email with a call to our offices on 0808 178 9321 and we will be able to help you with your queries. If you do not feel comfortable sending protected documents via email the option to send these via post is still available. The address to post any documentation to is:

Investment Fund Services Limited
Marlborough House
59 Chorley New Road