Security practices to safeguard your Password
Customers are adviced to adopt the following:
- Do not reveal your Password to anyone. Under no circumstances will you be required to reveal your Password to a Fundsupermart staff.
- Select a unique Password that is different from your personal information such as your telephone number, date of birth or other guessable personal information.
- Your password should be at least 8 characters and include both alphabets as well as numbers.
- Try not to use sequential numbers (eg. 123456) or the same number more than twice (eg. 121145) for your Password.
- Do not use the same Password for different web-based services or applications.
- Do not write your Password down or store it in any computer storage devices. It is best you memorize your Password.
- Change your Password regularly or when there is any suspicion that it has been compromised or impaired by using 'Change Password' feature.
- Do not enter your Password into computer you are not familiar with, like those in your friend's office, or in an Internet café.
- When asked if you want Internet Explorer or other browser to store your User ID and Password, always click on 'No'.
Protecting Yourself Online
- Clear your cache and history after each login session.
- Never leave your session unattended and log off your online session after use.
- Check your last login details and notify us if you notice any doubtful logins.
- Install anti-virus, anti-spyware and firewall software in your computers and keep it updated.
- If you are using wireless network devices, ensure that the transmission is secure.
- Access your account and transaction history regularly to check the details of your holdings and report any discrepancy.
- Do not access your account or perform online transactions on a computer or a device which cannot be trusted.
- Remove file and printer sharing in suspected computers, especially when they are connected to internet.
- Regularly backup critical data. Consider the use of minimal 128-bit encryption technology to protect highly sensitive or confidential information.
- Delete junk or chain emails.
- Do not open email attachments from strangers.
- Do not disclose personal, financial or credit card information to little-known or suspected websites.
- Check that you are using the official Fundsupermart site. You can check by clicking on the “padlock” icon in your web browser and ensuring that the identity of the site is verified as secure.fundsupermart.com in the server digital certificate.
Security Tips for Mobile Application
- Download the mobile application only from Apple iTunes, Android Google Play and FSM hosted sites. Downloading from websites other than these could lead to using a mobile application that is not legitimate.
- Do not hack or modify your mobile device. Doing so can make your mobile device more prone to viruses and malicious software.
- Take extra care in guarding your mobile device. It’s more prone to getting misplaced than your computer.
- If the function is available, turn on the password function in your mobile device and make sure that you use a strong one. This function protects your mobile device so that no one else can use it.
- Most mobile devices or smart phones have an “Erase Data” function. If your mobile device has this, always turn it on. This function erases all your data after several invalid password attempts, so your data will not be compromised if your mobile device is lost.
- Install anti-virus, anti-spyware and firewall software in your mobile devices and keep it updated.
Security Advisory - Phishing Scam
Phishing (pronounced ‘fishing’) is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.
Common techniques that are used by the phishing fraudsters include, but are not limited to the following:
Customers are advised on the following:
- Using false email addresses, logos, and graphics to mislead you into accepting the validity of the emails and web sites;
- Faking domain names to appear representing us;
- Duping users into providing personal details through one or more methods such as hyperlinks to fake websites or embedded forms in emails
- Fundsupermart will not make unsolicited requests for customer information through e-mail or on the phone unless it is the customers who initiated the contact;
- Under no circumstances will Fundsupermart staff be asking customers to reveal your password;
- Always personally enter the domain fundsupermart.com when logging onto our website. Do not accept links or redirections from other websites or media for the purpose of logging onto Fundsupermart
- When logging in, always ensure that it is a SSL encrypted connection. This is indicated as https:// in the URL or as a padlock in the status bar. Always check that the identity of the site is verified as secure.fundsupermart.com in the server digital certificate.
- Always be on the alert for phony websites and suspicious emails purporting to be from Fundsupermart. If you suspect that you are being phished, please do contact us at 6557-2853 immediately.
Security Advisory – Spyware Alert
Spyware consists of computer software that gathers and reports information about a computer user without the user's knowledge or consent. These programs monitor user browsing patterns on the Internet, harvest private information (e-mail addresses, passwords and credit card numbers), and transmits these information in the background to someone else.
Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet. Sometimes advertised as a means to improve internet connection speed and gain other benefits, some spyware, when installed, redirect and reroute the internet connections of users through the spyware servers.
You may have spyware in your computer if:
Customers are advised on the following:
- You start getting annoying ads popping up on your screen.
- Your web browser settings have been changed without your knowledge.
- You have a new 3rd party toolbar in your web browser which you are finding it difficult to get rid of.
- Your web browser crashes frequently when you are surfing.
- Slow down in the system performance of your computer where computer operations is taking longer than usual.
- Do not download and install software from unknown websites.
- Refrain from clicking on banners and pop-up ads that entice you with freebies.
- Install and update anti-spyware software regularly. Perform system scan on your computer to locate, quarantine and delete any spyware in your system.
- Install a virus protection software and keep it updated with the latest anti-virus signatures.
- Keep your computer operating system and Web browser current. Perform regular system updates for your operating system.
- Change your Investment Account password regularly.
Fundsupermart treats online security with utmost importance, and as a precautionary measure, we have been actively blocking traffic to fundsupermart.com that has passed through redirector/ spyware services. If you have at any time been denied access to our website, you may be either intentionally or inadvertently running redirector/ spyware software on your computer. In such cases, we urge you to seek professional IT advice or uninstall such software.
What is 2FA?
2FA stands for Two Factor Authentication.
Why do I need to have 2FA to access Fundsupermart platform?
As a continuous commitment to offer maximum security to our online customers, Fundsupermart has introduced the 2FA as an additional layer of authentication.
With 2FA, should your User ID and PIN be compromised for any reason, the ‘intruder’ will also need to have your 2FA, before he can access your Fundsupermart account online. This makes it difficult for hackers who manage to obtain a string of customers' User IDs and PINs via phishing or spyware.
Click here for more details