Security Tips for Online Dealing
Preventing Online Fraud
Mrs. Bond said: "My nightmare all started with an email that I received last Friday. It claimed to be from a large corporation, ABC Limited. I thought it was absolutely genuine, as I am really their customer. The email contained a hyperlink to their website and invited me to join a Lucky Draw. When I clicked on the hyperlink, I gained access to what appeared to be the website of ABC Limited. I was then asked to input my credit card number and expiry date so as to transfer the money award from the Lucky Draw to my account." Poor Mrs. Bond finally understood what "money award" she had won when she received her next credit card statement - $50,000 had been stolen from her account. We call this kind of internet fraud 'Phishing'.
Phishing
A typical 'Phishing' case usually uses emails to reach its victims. 'Cyber criminals' send out an email masquerading as one coming from a reputable bank or online vendor. The email content employs reasonable logic or 'attractive' offers to ask the recipient to click on the embedded hyperlink which in turn directs them to the so-called "official website." The victim will then be asked to input confidential personal information for identity verification, including bank or credit card details. The cyber criminal will then make use of this information for illegal purposes.
How to prevent falling victim to phishing?
Do not open unsolicited emails and on no account should you open any files or attachments they might contain. Some fraudulent emails go to a lot of trouble to make it look as if they are from a legitimate source in order to try and trick people into revealing their personal information.
Never provide your personal information, credit card number, PIN or username etc. to anyone that you do not completely trust. Do not reply or click the embedded links in any email which directly asks you for personal information, including account details.
Even if the appearance of the email and website look genuine, the chances are they will be fake if they request sensitive financial information from you.
Do not judge that a site is trustworthy based solely on the domain of the URL. The URL of a fraudulent website may carry the domain of the genuine one. The safest thing to do is to input the URL that you know is correct in the address field in order to access a website. We only use the following URLs as the gateway to our websites:
https://www.jpmorganam.com.hk (Content website)
https://etrading.jpmorganam.com.hk (Secured dealing website)
https://www.jpmorganam.com.hk (Content website)
https://etrading.jpmorganam.com.hk (Secured dealing website)
Always update your anti-virus program and check for updates and security patches for your operating system and browser. Remember to change your password frequently.
Finally, if you are in any doubt at all about the validity of a particular email or a website's content, then you should contact the corresponding company by telephone in order to verify whether it is genuine.