Phishing Security Advisory: Awareness and Protection

As part of our ongoing efforts to safeguard our customers against the potential financial gains or identity theft by fraudsters through use of "Phishing" AIA intends to educate and bring about security awareness of "Phishing" scams.

What is Phishing?

Phishing (pronounced "fishing") is a technique used by fraudsters to obtain sensitive personal information such as your account details, PIN, credit card number, user ID or password through the Internet. Once such sensitive information is obtained from you, the fraudsters will access your account to perform illegal or fraudulent transactions.

What are the tell tale signs?

Typically, it can be seen as a form of social engineering technique used by fraudsters in exploiting human weakness into believing!

Many tricks are involved in phishing scams. The most common method is sending you a spoofed email purporting to be from your bank, credit card company or service provider and asking you to "confirm" your personal information for some unforeseen reasons. Typically, the email will contain a link to a phony website that looks near-replicas of the real one, making it hard even for experts to differentiate between the real and phony websites. Once you divulge your personal information via the links embedded within the email to the phony websites, you would have fallen victim to the phishing scam!

Worse still, some emails contain viruses, worms or Trojans, which will allow fraudsters to monitor your every keystroke and capture your personal information and then BECOMING YOU!

The email will usually use one of the following tactics to trick you into acting on their instructions:

The following are examples of the instructions you may be asked to follow:

How do you protect yourself?

Where do you go for help?

If you have reasons to believe that the phisher was impersonating or you have fallen victim to phishing, you can report IT Security incidents to AIA Singapore IT Helpdesk.