Cyber security

Coller Capital is one of the world’s leading investors in the secondary market for private assets. Along with the private equity industry in general, Coller Capital has been a target of cybercrime, with criminals using sophisticated methods to exploit and impersonate our brand. This has included look-a-like websites, spoofed emails, and false WhatsApp groups to trick people into giving away personal and/or confidential information. Please find information here regarding Coller Capital’s legitimate email domain and website addresses, as well as some general security guidelines.

Coller Capital will only send emails from collercapital.com and the firm’s official websites are:

• www.collercapital.com
• pwss.collercapital.com
• www.cspef.com
• www.collerequity.com
• www.collercredit.com
• secondariesinstitute.collercapital.com

No other websites or email domains have been authorised for use by Coller Capital.

General Guidelines

• Phishing: Double-check email addresses on unsolicited emails purporting to be from Coller Capital

• Personal Information: Coller Capital will not request personal information over email

• Payment Fraud: Coller Capital will not ask you to provide or send updated banking details over email, or request payments to be made over the phone/email

• Advertised Jobs/Offers: Criminals may manufacture job offers by copying and pasting our logo into a false document. Please check our current vacancies here: https://www.collercapital.com/careers/

• Phone/Text/Instant Messaging: Coller Capital does not conduct business over text or Instant Messaging platforms, examples of this include, but is not limited to WhatsApp, Telegram…etc. Be cautious if receiving phone calls purporting to represent Coller Capital

• Credentials: Coller Capital will never ask you for credentials to any site, including our FIS investor portal. Please be wary of emails asking for credentials to be validated.

• Social Media: Coller Capital does make use of social media for business purposes. This is limited to LinkedIn, Twitter, YouTube, WeChat and Instagram.

Impersonation and Brand Misuse

As the threat of online impersonation continues to grow and target businesses around the world, we want to reassure you that trust, security, and authenticity remain at the core of our digital footprint. To help you stay vigilant, we have put together important guidance, along with examples of common tactics and strategies used by fraudsters. Our goal is to ensure you are equipped with the knowledge needed to recognise and respond to potential threats swiftly and confidently.

A direct impersonation attempt online occurs when a fraudster poses as a trusted individual, brand, or organisation to deceive their target into taking harmful actions — such as transferring money, revealing sensitive information, or clicking malicious links. These attackers often clone email addresses, create fake social media profiles, or use lookalike websites that closely mimic legitimate ones. Their messages usually carry a sense of urgency or authority to pressure the victim into acting quickly without verifying the request. As these impersonations can appear highly convincing, especially when logos, personal details, or professional titles are used, they are a serious threat to both individuals and businesses.

An indirect impersonation attempt happens when a fraudster doesn’t pretend to be the victim’s direct contact and instead impersonates a related trusted entity to build credibility. For example, a scammer might create a fake website that looks identical to a well-known partner company, supplier, or financial institution. They might then send a legitimate-looking message referencing this fake site, asking the victim to log in, update account information, or process a payment. As the scam doesn’t involve directly pretending to be a specific individual the victim knows but instead leverages the broader trust in a brand or organisation, it can be harder to detect without close attention to details like website URLs, sender addresses, and communication style.

Contact

If you believe you have been the victim of fraud or a scam, please contact your security team and/or law enforcement authorities for assistance. If you believe the Coller Capital brand is being improperly used by third parties or any of the firm’s professionals is being impersonated, please additionally notify us at fraud@collercapital.com.