Online Security
Introduction
SOMPO is concerned about Information Security. With evolution of internet and digital business, it offers flexibility in our life, but this brings new risks that we must be aware of and safe against.
SOMPO provides the information security guides to address any concerns that you may have around online security.
Website Verification
Be aware that the website address of the page you are visiting is a legitimate website you are in.
- Check that the website address begins with https://, or with a secure padlock icon.
- Click on the padlock to ensure that the website is valid.
Phishing
A phishing attack is an online fraud which involves communication mediums such as an official-looking email or SMS. It contains a return email or responder number which has spoofing web links or attachment that appears to be legitimate from Financial Companies, Online Retailers, Freighters, etc.
Attackers use phishing to deceive you to steal your credentials or financial information which may result in momentary loss or information theft. It is important to be vigilant in emails asking for your information.
- Be alert of any emails asking for your personal information or financial information.
- Do not click on links sent through mediums such as emails, SMSes and WhatsApp. Offers that sound too good to be true are probably fake.
- Do not enter your banking or credit card account information (especially your PIN or password) to suspicious websites, applications or phone calls. They could be phishing sites or fraudsters, out to phish your information for ulterior motives.
- Do not give out your password or PIN via email, SMS, or other messaging programmes.
- Beware of "Official notices" that request for your login credentials.
Fraud Calls (Vishing)
Vishing is a fraudulent act of making phone calls or leaving voice messages purporting to be a legitimate reputable company in order to phishing individuals to reveal personal information, such as bank details, personal identification number, credit numbers, etc.
- Be very aware of any caller or voice message who asks you to share login information over the phone.
- If a caller asks you to provide account data or personally identifiable information, decline the caller of providing any information — and report the contact to authorities.
- Security won’t call you to request that you change logins, passwords, or network settings. Any caller who makes this type of request is probably a scammer. Refuse the request and notify security.
Malware
Malware or malicious software is designed to gain access to your computer systems without your consent. When installed, malware can steal your personal and financial information. Install anti-virus software and/or the latest security patch on the devices you use to access SOMPO iChannel and SOMPO Corporate website, to help prevent malware infection.
Computer Protection
- Enable auto update for your computer's operating systems and applications. These updates carry security and bug fixes to secure your computer and the information stored on it.
- Install anti-virus program from a known and trusted source, keep it up to date to ensure it remains effective.
- Enable desktop firewall or Anti-Virus Intrusion Protection feature to protect your computer from external attacks.
Mobile Device Protection
- Enable auto update for your device’s operating systems and applications. These updates carry security and bug fixes to secure your device and the information stored on it.
- Disable Wi-Fi and Bluetooth when not needed to limit the potential for access by hackers.
- Refrain from jailbreaking a smartphone as unverified or unsupported apps may carry security vulnerabilities.
Device Protection
- Ensure that others are not looking at your keyboard behind you when you enter your PIN or password, or access to your personal information. This is particularly important at public internet access locations.
- When you are not attending to your Computer or Mobile device, lock the screen.
- When you have finished with any secure online session (such as accessing your account information), please remember to log-off and close your browser window, and clear your browser’s cache files so that your personal information is not stored in the computer (This is particularly important when using public internet access services.)
Password
Passwords are the keys to your digital information. They protect all your secrets, such as your emails, online accounts and confidential documents. To protect yourself, follow these rules for good passwords.
- Do not use common plain words, birth dates or names.
-
A good password must contain at least 8 characters which contains:
- Minimum of one number in your password.
- Minimum of one CAPITAL letter in your password.
- Minimum of one special character (non-alphanumeric) in your password. (Such as ~!@#$%^&*)
- Change your password regularly.
- If you feel that your password is being known, change your password immediately.