Fraud protection

We will never ask you, by email, message, or telephone, to:

• Disclose your portal password.
• Share a one-time code (TOTP) from your authenticator.
• Read out the full number on any card, debit instrument, or hardware key.
• Transfer funds to an unfamiliar destination to “protect” or “verify” them.
• Approve a withdrawal you did not initiate.

If a caller, message, or email requests any of the above — regardless of how convincing — it is not from Continental. Hang up. Then call your relationship manager on the number you have on file, or write through the portal.

Our communications with you will be one of three things:

• A message in the Secure Message Center inside the portal.
• An email from a @continental.example address — informational only. Genuine emails never carry attachments asking for credentials.
• A telephone call from a named officer at a number we have shared with you.

When in doubt, end the conversation and reach us through the portal. We will never resent a discontinued conversation.

Keep your portal password unique and stored only in a reputable password manager. Enrol your authenticator on the Security page and consider adding a hardware security key. Review your sign-in history at least monthly.

If a personal device that has access to the portal is lost or stolen, contact us immediately to suspend the session. Then change your password from a known-clean device.

If you suspect you have responded to a fraudulent communication or that an unauthorised person has reached your account, write to incident@continental.example or call the Private Client Office. We will freeze open instructions, lock the account, and brief you within the hour.