Security best practices/tips
- Secure Socket Layer technology is implemented to protect the
information transmitted over the internet. The website
should start with Https:// instead of Http://.
Protection of your personal information
- 2 factor authentication (2FA) is implemented to provide an
additional protection to prevent disclosure of your personal
information to someone else.
- Should not share your login credentials (ie User ID and
password) with anyone. It is for your own use to enquire and
update your policy information.
- Change the password immediately when you receive the initial
password from us.
- Change regularly or if there is any suspicion that it has
- Password should be a combination of uppercase, lowercase
alphabets, numerals and symbol.
- Do not use password that can easily identify or relate to
you (eg date of birth or name of your close ones or
- Do not reveal One-Time Password (OTP) generated by the
website to anyone.
- Should not choose the internet option to store or retain the
login ID and password.
Internet Browser session
- Clear the session’s cache and browsing history after each
session to remove your account’s information where
Personal computer or device
- Anti-virus software must be installed. Virus signature files
should be downloaded regularly and keep up to date.
- Firewall should be installed and activated.
- Regularly update the security patches of your computer and
device operating system, anti-virus and firewall
- Do not use public computers or devices to access your
personal information or process transaction (eg: change of
personal particulars, bank accounts etc).
- Do not install software or run programs of unknown origin.
- Malware is a software that is intentionally designed to
cause harm and damage to a computer, server or computer
- A variety of malware types exists which includes viruses,
worms, trojans, ransomware etc.
Malwares can be installed via
websites that you surf
software or programs attached in emails
Do not click on advertisements, pop-up links or screens and
banners while you are surfing internet.
Do not click or download programs, files from unknown
Install an anti-virus software and ensure that virus
signature files are regularly updated for protection.
- It is a social engineering method where an attacker sends a
fraudulent message to trick an individual to disclose
confidential information such as personal information,
credit card numbers, bank account details.
- Upon obtaining your confidential information, attacker may
sell or use this information to perform fraudulent
- This method can be triggered via a link in email. The link
may redirect you to a fake website that looks like a replica
of real website.
Be alert when emails, claiming to be from legitimate
source, seeking your confidential or personal
Never input your credentials or personal information
in pop up screens from any websites.
Do not click on link in suspicious emails.
- In event that you identify any un-authorized transaction,
suspicious activities or security issues, please contact our
Customer Centre hotline.
For more phishing information, you may visit