User Awareness
While using email services
  1. Always stay vigilant to suspicious emails.
  2. Do not open any suspicious emails.
  3. Always check email attachments’ extension – Open email attachments with extreme care. Never open an attachment with “pif”, “exe”, “bat”, “cmd”, “vbs” extension.
  4. Always stay vigilant when giving out sensitive personal or account information – Banks and financial institutions seldom ask for your personal or account information through emails. Check with the relevant organisations in case of doubt.
While browsing the Internet
  1. Avoid following links - Never follow URL links from un-trusted sources, emails or social media. Do not rely on search engine results without verifying the validity of websites of banking or financial institutions.
  2. Type URLs manually or use bookmarks for frequently visited websites or financial institution websites.
  3. Do not visit suspicious websites.
  4. Avoid conducting online banking using public WiFi connections, public terminals or insecure terminals such as those in cafés or libraries.
While using social media platforms
  1. Do not accept friend-making requests from people you do not know - Once someone becomes your friend on the social media, he can access your information such as your profile, photos and social activities records. Such information may be used for illegal purposes such as spear phishing.
  2. Limit the amount of personal information available in your profile – Avoid including sensitive information such as your home address in your profile. Always remember the more information you include in your profile, the higher are the risks of leaking such information to strangers.
  3. Carefully configure your privacy settings – Decide very carefully what information you wish to make public or what to keep to your friends only.
Other security considerations
  1. Update security patches and virus signatures - Always ensure that the security patches and virus signatures on your computer are up-to-date.
  2. Deploy spam filter software – Consider using desktop spam-filtering products and browser’s built-in functions to help detect and block fraudulent emails but beware of false alarms.