How do I use Moonfare Platform Safely?
Steer clear of social engineering and phishing
We never initiate contact with our customers with requests for information about your account. You should avoid responding to unsolicited direct messages and emails. Be vigilant with any requests for information.
If you think a scammer/fraudster has messaged you or if you are not sure if a contact from Moonfare is legitimate, message our Customer Support immediately.
Keep private information to yourself
- Always keep your account login details private.
- DO NOT share your Moonfare password or password for your primary email address associated with Moonfare with anyone.
- Reach out to our customer support if you need help in logging in.
Access to the Moonfare platform is restricted via a 2 factor authentication system to protect our website and investors and via the use of strong passwords. If you are having trouble logging in, please contact us via the contact details set out on our homepage and on the platform.
Use strong authentication
- We recommend a password length of 12 characters with a mix of letters, capital letters, numbers, and symbols.
- We strongly recommend all our customers to set up 2-factor authentication to access the platform. This drastically increases the security of your Moonfare account.
Basic Web Safety
Visit right website
Our website is protected with SSL/TLS to provide a strong encryption layer so you can access Moonfare securely. To mitigate the risk of visiting fake websites that are designed to look like the Moonfare site, also known as “website spoofing”, please always check that you are visiting https://www.moonfare.com
Beware of Email Spoofing
Email spoofing is commonly used by scammers to make it look like phishing attempts are coming from a trustworthy source. Moonfare will only ever contact you using email domains ending with @moonfare.com.
Always exercise caution and pay close attention to email domains to avoid interacting with suspicious senders, especially those asking for your private information.
What Security measures Moonfare has taken?
- DDoS & Web Application Security: Moonfare uses industry leading Web application firewall (WAF) and Distributed Denial of Service (DDoS) measures to thwart any attacks against our public servers and platform. Our security team continuously tunes these prevention capabilities to block emerging and on-going threats.
- Penetration Testing: Moonfare regularly performs internal and external/3rd party ethical hacking/penetration testing exercises on our platform to identify and fix security issues, before hackers do.
- Bug Bounty Program: Moonfare runs a private bug bounty program where we invite Security researchers from across the globe to test and responsibly disclose vulnerabilities to the Moonfare Security team.
- Vulnerability Management Program: Moonfare adheres to a vulnerability management program internally to prioritize any security issues and their fixes with defined SLAs.
- Data Encryption: Moonfare encrypts all data at rest and in transit. Moonfare’s platform encrypts data at rest using AES-256 for Disks and Databases. In-transit data to and from Moonfare platform is encrypted using TLS v1.2.
Internal Security Measures
- Workstation Security: Moonfare employs industry leading endpoint protection & anti-malware tools to protect Moonfare employee devices
- Network Security: Moonfare employs several standard network security measures including segmentation, allow/block lists, traffic flow analysis etc. to protect our networks and systems
- Continuous Assessment & Hardening: Moonfare uses industry benchmarks to assess and harden our employee systems, servers and infrastructure
- Single Sign On: Moonfare employees use company-provided SSO with enforced MFA to use internal applications. Moreover, we employ the least-privilege-principle while providing access internally
- SOC: Moonfare Security team comprises a 24/7 Security Operations Center(SOC) that continuously monitors the security of our employee systems, infrastructure, platform and other digital assets in order to proactively identify and respond to cyber threats, intrusion attempts and any malicious activity.
- Backups & Recovery: Moonfare systems are continuously backed up across multiple sites to retain recovery capabilities in case of disasters or disruption.
- Dedicated Security Specialists: Moonfare has a dedicated Information & Cyber Security Team comprising of the following functional units:
○ Offensive Security Team organizes offensive security operations and performs internal assessments against our networks, applications and cloud assets.
○ Detection & Response Team comprises of the 24/7 SOC team and Incident Response specialists
Responsible Vulnerability Disclosure
Moonfare runs a vulnerability disclosure program to respond to reports from security researchers. If you believe you have found an issue, please report it through this form through our provider HackerOne.
Contact Moonfare Security
If you have found a potential security issue, please use the form above to contact us. We can also be reached out via email to [email protected]
Anti Money Laundering and Fraud measures
Moonfare has a Compliance department which is responsible for the effectiveness of controls, policies and procedures designed for the prevention of money laundering and terrorist financing. Effective measures also are implemented to cover the scope of anti-bribery and corruption.
Know Your Customer
Moonfare has developed and put in place risk-based systems and controls to comply with its AML/CTF obligations. Moonfare protects its website and its customers from money laundering by requiring all prospective investors to undergo KYC verification checks after signing up on the platform. We do not accept as a customer any person listed on the Consolidated List of targets to whom financial sanctions apply. Any suspicious cases are reported to Compliance, who investigates them conscientiously and consistently.
We are an active participant in international efforts to combat fraud, corruption and the funding of terrorist and criminal activities. Our commitment is ongoing through the maintenance of ongoing controls to detect and prevent any such illegal practices.
Moonfare is continuously improving its risk management policy, strategy and supporting framework. Moonfare recognises that risk is an integral and unavoidable component of business and is committed to managing risk in a proactive and effective manner. Moonfare seeks to promote a strong risk culture throughout our organization and communicates the importance of a strong risk culture across the organization.
Moonfare will never send you unsolicited messages and we will never ask for your credentials!