Phishing ...!!

Protecting Against Phishing Attacks

Preventive Measures

Do not follow URL links from un-trusted sources or emails such as spam emails to avoid being re-directed to malicious websites by malicious links looking seemingly legitimate.

Do not visit suspicious websites or follow the links provided in those websites

Do not follow links to log on banking or financial organisations from search engines result

Open email attachment with extreme care. Always check the attachment's extension. Never open attachment with "pif", "exe", "bat", ".vbs" extension

Type the URL manually or follow the bookmarks you have made previously when visit websites

Avoid conducting online banking or financial enquiries/transactions from a public terminal or unsecured terminals such as those terminals in cafe shops or in libraries. Hacking or Trojan programs may be installed to these public terminals

Do not open other Internet browser sessions and access other websites while you are performing online financial transactions/enquiry through the Internet. Remember to print or keep the copy of transaction record or confirmation notice for checking

Always be wary when giving off sensitive personal or account information. Banks and financial institutions seldom ask for your personal or account information through email. Consult the relevant organisation if in doubt

Always ensure that your computer is applied with the latest security patches and virus signature to reduce the chance of being affected by fraudulent emails or websites riding on software vulnerabilities. This also helps to protect your computer from other security or virus attacks

Consider using desktop spam-filtering products to help detecting and blocking fraudulent emails but beware of false alarms. Recommend to learn the technical abilities that are essential for deploying these products in an effective manner

Detective Measures ......!!!!!

Review your credit card or bank account statements as soon as you receive them to check for any unauthorised transactions or payments

Log into your accounts regularly to check for the account status and last login time to determine whether there is any suspicious activity

Verify the legitimacy of the website of an organisation such as banks by contacting the organisation through its address or telephone number

Responsive Measures ......!!!!!

Change the password immediately if you suspect that your have already been defrauded (e.g. responded to phishing emails or supplied your personal/financial information to the fraudulent websites). Check your account status and contact the relevant organisation and/or report to the police immediately

Send the phishing emails to the relevant organisation and/or the police for their investigation