Security Center

Scammers, fraudsters, and impersonators sometimes pose as trusted financial firms and professionals to do four things: access your funds, capture your login codes, take over accounts, or install remote-access malware. They’ll use look-alike websites, spoofed caller ID, and social or messaging apps to rush you. If someone claims to be from AssetMark and asks you to act quickly, stop. Don’t click links and don’t share codes. Verify using contact details you look up yourself and follow the steps below.

General security reminders

• Reinforce identity checks. Verify the identity of the caller or sender using your established procedures before acting on account-related requests.  
• Stay alert for suspicious communication. Watch for unusual emails, calls, text messages, links, attachments, or urgent requests, and remind others in your personal and professional life to do so as well. When in doubt, do not click on anything, pause, and escalate before responding. 

How to verify you’re dealing with AssetMark

1. Check the sender and website. Impostors often use misspelled or look-alike domains and logos. Only interact with messages and sites that match our official channels:
   • Official Domains
     • AssetMark.com
     • eWealthManager.com
     • Savos.com
   • Official Social Media Profiles
     • https://www.linkedin.com/company/assetmark
     • https://twitter.com/AssetMark
     • https://www.youtube.com/channel/UCnlZ6z40tVvin4Kb-UZYEmw
     • https://www.instagram.com/assetmark
2. Verify the person. If someone claims to be an investment professional, look the up on FINRA BrokerCheck or the SEC’s Investment Adviser Public Disclosure; don’t rely on links they send to you. Impostors often copy real names, CRD numbers, and firm details.
3. Use AssetMark contact info you trust. If a message feels urgent or unusual, stop and contact us at verify@assetmark.com. Do not use the contact information listed in suspicious messages.
4. Approved channels only. WhatsApp and Telegram are not approved communication channels and should not be used to communicate with AssetMark. In addition, AssetMark does not use social media for investment offers, account servicing, or other account-related communications.

What AssetMark will never do

• Ask for your passwords, one-time passcodes, or full Social Security number by email, text, or unsolicited call.
• Request that you install remote access tools to “secure” your device or account.
• Pressure you to transfer funds, send cryptocurrency, or pay with gift cards to “safeguard” assets.
• Solicit individuals directly for any investment – whether traditional securities or digital assets like cryptocurrency.

Red flags that it’s not AssetMark

• Unsolicited “urgent” outreach asking you to act immediately or keep matters secret.
• Requests for passwords, one-time passcodes (2FA), or remote access to your device. Legitimate institutions do not ask for electronic credentials.
• Payment requests by wire to a new account, cryptocurrency, or gift cards; especially tied to “account security” or “recovery” stories.
• Links to login pages sent by text/social Direct Messages (DMs) or emails with attachments you didn’t expect.
• Profiles, websites, or group chats that look like a well-known firm but point to unfamiliar contact details or encrypted messaging apps.

What to do if you suspect an impersonation

1. Stop engaging. Do not click links, open attachments, share codes/passwords, or allow remote access.
2. Use trusted contact methods to verify. Reach out directly via a known phone, email or internal secure channel to confirm the sender and request.  
3. Capture evidence. Take screenshots and note phone numbers, email addresses, links, and dates.
4. Report it immediately to AssetMark at verify@assetmark.com so we can investigate and, if needed, work to take down fake sites/accounts.
5. If you sent money or shared credentials:
   • Contact your bank/custodian right away to attempt to recall or block transfers and to secure your account.
   • Report to the Federal Trade Commission (FTC) at ReportFraud.ftc.gov and to the FBI’s Internet Crime Complaint Center (IC3) at ic3.gov; speed matters for recovery.
   • Change your passwords and enable multi-factor authentication on email and financial accounts.

Security reminders Financial Advisors can share with clients

• Verify before acting. Be cautious with unexpected emails, calls, text messages, links, attachments, or urgent requests involving personal, financial, or account information. 
• Pause when something does not seem right. Do not click links, open attachments, or provide sensitive information in response to unexpected or suspicious communications. 
• Use trusted contact methods. If a request seems unusual, contact me or another trusted partner through a known phone number or secure channel. 
• Monitor account activity. Review account activity and report anything unusual promptly. 
• Remember what trusted partners will not do. Trusted partners will not ask clients to provide sensitive information through unsecured channels. 
• Report suspicious communications. If something seems unusual, use a known phone number or secure channel to report it promptly. 

How to report a suspicious contact to AssetMark

• Email: verify@assetmark.com
• If you’re an investor working with a financial advisor, you can also notify your advisor directly using the contact information you already know and trust.