Cyber Security

Fraud Alert

White Wolf LMMA Management LLC and its investment advisor subsidiary, White Wolf Capital Advisors, LLC (SEC-registered investment adviser, Firm ID 311816), are committed to the security of our investors, partners, and website visitors. As cybercrime targeting financial services firms continues to evolve, we want to ensure you are aware of common threats and know how to protect yourself.

Bad actors may attempt to impersonate White Wolf LMMA personnel, create fraudulent websites or email addresses that resemble our own, or use other deceptive tactics to obtain sensitive personal or financial information. These schemes may involve requests for wire transfers, changes to banking instructions, login credentials, social security numbers, or other confidential data.

If you receive any communication that appears suspicious or that you believe may be fraudulent, do not respond, click any links, or open any attachments. Instead, contact us directly using the verified contact information on this website to confirm the legitimacy of the communication.

How to Identify Phishing

Phishing is a form of social engineering in which attackers attempt to deceive individuals into providing sensitive information by posing as a trusted entity. Here are important guidelines to help you identify and avoid phishing attempts:

• White Wolf LMMA will never request passwords, login credentials, or sensitive personal information via email, text message, or phone. If you receive such a request purportedly from our firm, it is fraudulent.
• Always verify wire transfer instructions by phone. Before executing any wire transfer or changing banking instructions based on an email or written communication, call a known and verified White Wolf LMMA contact directly to confirm the instructions. Wire fraud is one of the most common and costly forms of cybercrime targeting investment firms and their investors.
• Check the sender's email address carefully. Fraudulent emails may come from addresses that closely resemble, but do not exactly match, legitimate White Wolf LMMA email addresses. Look for subtle misspellings, extra characters, or different domain names.
• Be wary of urgent or threatening language. Phishing emails often create a false sense of urgency, pressuring you to act immediately. Legitimate communications from White Wolf LMMA will not demand immediate action or threaten negative consequences for failing to respond promptly.
• Do not click links or download attachments from unexpected emails. Hover over links to verify the destination URL before clicking. If in doubt, navigate directly to our website by typing the address into your browser rather than using links in an email.
• Watch for poor grammar and formatting. While phishing attempts have become increasingly sophisticated, many still contain spelling errors, unusual formatting, or inconsistencies that differ from our standard communications.

Protecting Your Information

We recommend the following best practices to safeguard your personal and financial information:

• Use strong, unique passwords for your investor portal account and email. Avoid reusing passwords across multiple sites. Consider using a reputable password manager to generate and store complex passwords.
• Enable multi-factor authentication (MFA) wherever available, including on your email accounts, investor portal access, and financial accounts. MFA adds a critical additional layer of security beyond passwords alone.
• Keep your software updated. Regularly update your operating system, web browser, antivirus software, and other applications to ensure you have the latest security patches.
• Monitor your accounts regularly. Review your investor portal activity, bank statements, and email account for any unauthorized activity. Report any discrepancies to us and your financial institution immediately.
• Be cautious on public Wi-Fi networks. Avoid accessing your investor portal or transmitting sensitive information over unsecured public wireless networks. Use a virtual private network (VPN) when accessing sensitive accounts remotely.
• Secure your devices. Use screen locks, disk encryption, and remote wipe capabilities on all devices you use to access financial accounts or store sensitive information.

Reporting Suspicious Activity

If you believe you have received a fraudulent communication purporting to be from White Wolf LMMA, have been the victim of a phishing attempt, or have noticed any suspicious activity related to your investor account, please contact us immediately:

White Wolf LMMA Management LLC
1700 Montgomery St
Suite 108
San Francisco, CA 94111
Email: lmma.ir@whitewolfcapital.com

You may also report suspected cybercrimes or fraud to the following authorities:

• FBI Internet Crime Complaint Center (IC3): www.ic3.gov
• U.S. Securities and Exchange Commission (SEC): www.sec.gov/tcr
• Federal Trade Commission (FTC): reportfraud.ftc.gov

Our Security Measures

White Wolf LMMA maintains a comprehensive information security program designed to protect the confidentiality, integrity, and availability of investor data and firm systems. Our security measures include, but are not limited to:

• Encryption: All data transmitted between your browser and our website is encrypted using industry-standard SSL/TLS protocols. Sensitive data at rest is encrypted using AES-256 or equivalent encryption standards.
• Access Controls: We employ role-based access controls, multi-factor authentication, and the principle of least privilege to limit access to sensitive systems and data to authorized personnel only.
• Monitoring and Detection: Our systems are continuously monitored for unauthorized access, anomalous activity, and potential security threats. We maintain intrusion detection systems and log management capabilities to identify and respond to incidents promptly.
• Vendor Management: Third-party service providers with access to sensitive data are subject to due diligence assessments and contractual security requirements. We regularly evaluate vendor security practices and compliance.
• Employee Training: All firm personnel receive regular cybersecurity awareness training, including instruction on recognizing phishing attempts, social engineering tactics, and proper handling of sensitive information.
• Incident Response: We maintain a documented incident response plan that outlines procedures for identifying, containing, eradicating, and recovering from security incidents, as well as notification procedures in accordance with applicable law and regulation.
• Regulatory Compliance: Our information security program is designed to comply with applicable SEC cybersecurity requirements, SBA data security obligations, and industry best practices, including guidance from the National Institute of Standards and Technology (NIST).

Last updated: January 2026