Enterprise Cybersecurity Center

Barings is aware of fraudulent accounts on WhatsApp and certain websites impersonating Barings investment specialists. Barings does not conduct business on messaging applications like WhatsApp. If you have been contacted by a suspected fraudulent account, please report it to Enterprise Cybersecurity via our Contact Us page.

Cyber Safety & Fraud Advice

Barings Website
Our web presence is wholly located within the barings.com domain. If you are directed to a website that is not hosted on this domain, the site is fraudulent.

Barings Email
Barings use the domain barings.com for all email communications. If you are contacted by someone not using this email domain, the communication is fraudulent.

We secure our email through the use of SPF, DKIM and DMARC, and publish a DMARC ‘Reject’ policy; we urge recipients to ensure their email system is set to honor this policy which will ensure spoofed barings.com emails are rejected.

Always verify the sending and ‘reply to’ domains in emails—if in doubt please speak to technical support\security teams in your organization to review any suspicious emails you receive.

Barings Instant Messaging
Barings does not solicit the public to join investment groups, market investment products or services, or provide investment advice to individual investors through Instant Messaging platforms, if you are approached via such platforms, the communication is fraudulent.

Barings Mobile Apps
We do not have any mobile apps, if you are directed to install a mobile app from any source, the app is fraudulent.

Barings Enterprise Cybersecurity

The Barings Enterprise Cybersecurity program and its staff are dedicated to the protection of the firm’s global network. Through the evaluation of existing security controls, monitoring of external threats and identification of cyber risks, we are committed to protecting the information entrusted to us and continuously invest in that commitment. We do this by:

  • Implementing technology to protect information systems, personal and company information;
  • Monitoring system infrastructure for intrusions and vulnerabilities;
  • Restricting access to personal and company information by using principles of least privileged and need to know;
  • Providing continuous cybersecurity awareness training to firm associates on a monthly, annual and ad-hoc basis;
  • Selecting service providers that have demonstrated good cybersecurity hygiene, align with Barings’ security control standards, and adhere to applicable legal and regulatory requirements;
  • Reviewing, assessing, and updating our security practices based on changes in technology, sensitivity of client information, and changing nature of threats and vulnerabilities; and
  • Participating in industry threat intelligence sharing forums, such as the Financial Services Information Sharing and Analysis Center (FS-ISAC) to identify trends and potential threats regarding the security of systems and data including personal information.

In addition to our commitment to maintain a secure global network, we believe it is imperative to remain transparent regarding known cyber events and vulnerabilities. On this page we will provide insight into how our team responds to relevant high-profile security concerns (e.g., SolarWinds Breach).

If you suspect you have been contacted by an individual impersonating a Barings employee or have seen suspicious behavior coming from a Barings contact, please contact us here to report your concern.

If you are a vulnerability researcher and would like to report a finding, please review our Vulnerability Disclosure Policy prior to filing a submission.

baringscyber@barings.com