Security awareness

Security best practices/tips

  1. Secure website
    • Secure Socket Layer technology is implemented to protect the information transmitted over the internet. The website should start with Https:// instead of Http://.
  2. Protection of your personal information
    • 2 factor authentication (2FA) is implemented to provide an additional protection to prevent disclosure of your personal information to someone else.
  3. Password
    • Should not share your login credentials (ie User ID and password) with anyone. It is for your own use to enquire and update your policy information.
    • Change the password immediately when you receive the initial password from us.
    • Change regularly or if there is any suspicion that it has been compromised.
    • Password should be a combination of uppercase, lowercase alphabets, numerals and symbol.
    • Do not use password that can easily identify or relate to you (eg date of birth or name of your close ones or yourself).
    • Do not reveal One-Time Password (OTP) generated by the website to anyone.
    • Should not choose the internet option to store or retain the login ID and password.
  4. Internet Browser session
    • Clear the session’s cache and browsing history after each session to remove your account’s information where applicable.
  5. Personal computer or device
    • Anti-virus software must be installed. Virus signature files should be downloaded regularly and keep up to date.
    • Firewall should be installed and activated.
    • Regularly update the security patches of your computer and device operating system, anti-virus and firewall applications.
    • Do not use public computers or devices to access your personal information or process transaction (eg: change of personal particulars, bank accounts etc).
    • Do not install software or run programs of unknown origin.

Security awareness

  1. Malware
    • Malware is a software that is intentionally designed to cause harm and damage to a computer, server or computer network.
    • A variety of malware types exists which includes viruses, worms, trojans, ransomware etc.
    • Malwares can be installed via
      • Free software
      • Illegal software
      • websites that you surf
      • software or programs attached in emails
    • Do not click on advertisements, pop-up links or screens and banners while you are surfing internet.
    • Do not click or download programs, files from unknown sources.
    • Install an anti-virus software and ensure that virus signature files are regularly updated for protection.
  2. Phishing
    • It is a social engineering method where an attacker sends a fraudulent message to trick an individual to disclose confidential information such as personal information, credit card numbers, bank account details.
    • Upon obtaining your confidential information, attacker may sell or use this information to perform fraudulent transactions.
    • This method can be triggered via a link in email. The link may redirect you to a fake website that looks like a replica of real website. 
    • Protection
      • Be alert when emails, claiming to be from legitimate source, seeking your confidential or personal information.
      • Never input your credentials or personal information in pop up screens from any websites.
      • Do not click on link in suspicious emails.
    • In event that you identify any un-authorized transaction, suspicious activities or security issues, please contact our Customer Centre hotline. 
    • For more phishing information, you may visit https://www.csa.gov.sg/gosafeonline/Go-Safe-For-Me/HomeInternetUsers/Spot-Signs-Of-Phishing