Cloned firms: theft of the identity of authorized companies

Identity theft, or ‘cloning’, is a form of fraud in which swindlers take on the identity of an authorized company in order to give consumers the impression that they are authorized to offer them credit or investment products/services, whereas this is not the case.

To this end, the swindlers usurp the names and other legal information of regulated providers and refer consumers, for example, to the official website of the FSMA to try to convince them that they are indeed authorized companies. Consumers are thus deceived, thinking they are dealing with a regulated entity, whereas the latter’s identity has simply been stolen.

This fraudulent technique has been used particularly in the context of cryptocurrency fraud (and before that, in cases of investment-grade diamond fraud and in the binary options sector). Today it is used widely in all forms of fraud (that is, both for fake credit offers and for fraudulent offers of investment products/services).


Do you suspect that the offer being made to you may be fraudulent?

Have you been the victim of investment or credit fraud and you don’t know what to do?

If so, please contact the FSMA directly.

Don’t fall into the trap, follow our recommendations!

  • Always check the identity of the person or company contacting you (have you checked the name, registered office, home country, contact details and whether it holds an authorization to make you this type of offer?).

    If you cannot clearly establish the company’s identity, it should not be trusted. If the company is based outside the European Union, you should be aware of the difficulty of legal recourse in the event of a dispute.
  • Verify the contact details for that company listed on the FSMA’s website and check that they are the same as the one which the company provides on its own site.

    Beware! Fraudsters frequently also steal the postal address of the authorized company. The fact that the correct postal address is used by the person or company who contacted you is therefore not enough to confirm his/her/its identity!
  • Use online search engines to ensure that there is no other website under the name of the authorized company in question.

    Beware! Fraudsters frequently use a web address that is very close to that of the official site of the company whose identity they are usurping, by adding a hyphen to the address, using a different extension (.com instead of .be, for example), etc.
  • Compare the official information the company provides you with the facts.

    For example, if the person contacting you claims to represent a company based in Belgium but is calling you from a foreign phone number, this should serve as warning sign. Conversely, you should be wary if the company’s website is in French and Dutch only whereas the company claims to be based in a country with a different official language.
  • Use the online tools available that allow you to verify the date when the website used by your contact person was created.

    If the website is very recent, this is a significant indication that it may not be trustworthy.
  • Lastly, be wary of (promises of) disproportionate returns. 

    If a return seems too good to be true, it usually is.