As the internet becomes more accessible, the use of a computer or online network to commit cybercrime has also become a norm. Hence, information security is imperative to anyone who uses the internet for electronic transactions.
Securities firms that offer digital services and digital investors must join in the effort to ensure information security to reduce the risks of cybercrime and misconduct and secure electronic transactions. Electronic transaction security and computer security are explained respectively as follows.
Securities and Futures Investor E-Trading Information Security Instructions
Verify website authenticity:
The address of Fubon Securities and Fubon Securities online order placement system are as follows. Please verify the addresses. Be extra cautious about addresses that contain IP or any special symbols. They could be phishing websites trying to steal your user data.
Fubon Securities’ four external websites are as follows:
The online order-placing mechanism must comply with security protocols. Fubon Securities adopts the SSL encryption-based security protocol to ensure data security for order placement.
Websites in compliance with security protocols should have the following characteristics.
The address should start with “https”, which indicates that data is transferred over a secure connection.
There is a padlock icon at the bottom right of the web page, which indicates that the website complies with the SSL protocol.
Using a digital certificate for online trading:
A digital certificate is issued by a legal certificate authority to prove the authenticity of a user’s identity. Similar to the use of a physical seal, users can use a digital certificate to “sign” in the corresponding software and authenticate online trading. It is used to protect data or establish a secure connection with other computers.
The safekeeping of digital certificates and certificate passwords:
Do not import digital certificates into someone else’s computer or a public computer (e.g. computers in the library, cyber café, school) lest someone should access your digital certificate and use it in illegal online transactions.
The same rule applies to the password you choose for the door to your house. If the password is not strong enough, you are subjected to higher risks.
Three dos and don’ts for password management:
Don’t tell anyone your password, and change it regularly.
Don’t click “save password” in the browser when you are conducting online transactions on someone else’s computer.
Don’t include personal information in your password (e.g. birthday, phone number, ID no.).
Do use different passwords for different trading websites to prevent someone from cracking or guessing them.
Do use strong passwords with over eight characters and a mixture of English alphabets and numbers.
Do log out properly every time to prevent someone from accessing your account data.
Regularly update your operating system and patches:
Hackers take advantage of loopholes in operating systems to steal data from computers, so it is important to regularly update patches. Operating system and software companies will announce updates on patches on their public websites regularly. Make sure to update them regularly to address security vulnerabilities.
You are advised to turn off the “AutoComplete” setting in the browser to prevent someone from stealing your computer data through the internet.
Virus-proof your computer:
A computer virus is a malicious code or program that hacks into personal computers through emails, file transfers, computer games, illegal mp3 files, and downloads. In addition to installing legal anti-virus software and regularly updating virus codes, you should also avoid opening emails from unknown senders, or downloading and running software from unknown sources.
Properly block spyware:
Spyware is a form of malware that sneaks into computer systems and sends your information and computer data to another entity without notice and permission. Spyware is commonly found in download software, point-to-point (P2P) transfer of music files, the attached files in emails, or links. It is a serious violation of privacy that steals or records your user data and passwords, or even important files on your computer. Therefore, we suggest you comply with the principles as follows.
Do not use pirated or illegal software.
Read carefully all relevant information before using free or shared software. Avoid downloading software via P2P transfer or from any unknown sources. Avoid opening emails from unknown senders. Before clicking on a link found on the search engine results pages or in emails from unknown senders, make sure to verify link authenticity to prevent fake websites from implanting malware into your computer.
Using a personal firewall:
A personal firewall blocks hackers or malicious attackers from accessing your computer through the internet in an attempt to sabotage your files, steal data or control your computer without permission.