As a reputable financial institution, PT FWD Insurance Indonesia (FWD Insurance) is always concerned about security. The rapid growth of the Internet has offered greater flexibility for us, but on the contrary it also brings new risks that we must monitored and guarded against. FWD provides the following information to address your concerns related online security.
FWD makes every effort to secure your data and all transactions. However, some risks online may exist still, and you can take some action to prevent it occurs and to protect yourself. Below are some information to help you in protecting yourself.
- Latest Key Security Issues
- FWD's Standard Practices
- Verifying Websites
- Protecting Yourself
- Reference Sites
- Contact Information
Latest Key Security Issues
From time to time we will provide information on security related issues that we feel you should be aware of. These security updates will be presented on this page.
Phishing is an online fraud technique which act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communications e.g. sending official-looking email messages with return addresses, links and branding that all appear to come from legitimate banks, insurance companies, retailers, credit card companies. The emails typically contain a hyperlink to a spoof website and mislead account holders to enter customer names and security details on the pretense that security details must be updated or changed. Once your personal information exposed, it can be used on legitimate sites to take your money. It is important that you should be alert to any emails asking for your information; see more on FWD's “Standard Practices" in the next section.
Advance Fee Fraud
You may have already heard of 'advance fee fraud', where emails offering large sums of money are sent to thousands of email addresses, but a modest "fee" is required in order to cover legal fees, account opening or customs charges.
Sometimes the money offered is a result of a lottery for which you have never bought a ticket. Sometimes the money is held in an account overseas but the account owner cannot access it, they promise a percentage of the money in return for your help. In both cases, you may be requested to pay various fees in advance.
Do not respond to these emails. They are part of a fraud and you will not receive any of the promised money.
FWD's Standard Practices
- FWD in many ways will communicate through emails with clients, so it is important to be aware of which emails are from the Company, and which are fraudulent?
- FWD will address you by name in emails for which need your email response or any action from you over the internet.
- FWD will not embed hyperlinks in emails that directly take you to a webpage where you must enter your security information.
- FWD will not send you emails asking you to update, verify or confirm your security details e.g. PIN, bank account number, ID card number and passport number.
- If you are in doubt about the legitimacy of any email that you have received purporting to be from FWD, please contact FWD immediately by referring to the section of "Contact Information" of this document.
Every time you are visiting a site, you must pay close attention to the URL (website address) of the site you are visiting to ensure it is the actual site you believe it to be and really belongs to FWD.
You should also check that the website you are going to access to your account information or perform transaction is a secured website.
The URL will begin with https://
If the URL begins with https://, the secure lock icon, that is a small green padlock, will appear on the status bar of the browser. This padlock indicates that data is transmitted to and from this site with encryption. Double-click the padlock icon to see the details of the security certificate which shows the owner of the website. Please check the details and validity are correct and make sure that the URL on the certificate is the same with the visited URL.
If you have any doubts about a website, you should contact FWD as soon as possible to verify it.
Take care of your personal information
Your account / customer number, policy number, PIN, memorable date and customer identification number are the keys to your account. Never write them down, give them to anyone else or include them in an email. Remember that protecting your Customer Number, PIN and security details is your responsibility.
Protect Your Computer
- Update your computer by installing the latest software and patches, to prevent hackers or viruses exploiting any known weaknesses in your computer.
- Install and update anti-virus protection, to protect against viruses corrupting your computer and to prevent hackers installing Trojan viruses on your computer.
- Install and update anti-spyware tools.
- Install and update personal firewalls.
- Use only programs/software from a trusted supplier.
- Use password to prevent unauthorized access of your computer.
- Turn-off internet email software which automatically processing of email attachments.
- Always scan files by anti-virus software before executing them.
- Avoid using programs which direct you to automatically get or preview files.
Protect your mobile phone
- Update your mobile phone by installing the latest software version.
- Do not store confidential information such as personal account number or password into the mobile phone.
- Always log off your online session. Do not just close the mobile phone browser, follow the logoff instructions to ensure the protection.
- Set up password for the mobile phone to prevent unauthorized access to your personal information in case it has been lost or stolen.
- Delete SMS message if it is no longer required and clear the browsing history regularly.
- Remove temporary files and the cache stored in the memory of the mobile phone regularly.
- Don’t leave your mobile phone unattended.
- Avoid sharing your mobile phone with others.
- Do not download program/apps from unsecured source.
Beware of spam emails
- Use a spam filter to avoid even seeing these messages.
- Never respond to a spam message, otherwise your email address is then recorded as live and the spam will increase.
- Should you read a spam message, please remember: if it sounds too good to be true, it probably is too good to be true.
Select a secure password
- A secure password is one that is easy for you to remember, but difficult for others to guess. Do not use plain words, birth dates, names of children or pets; these could be discovered by others.
- A good password should contain at least eight characters to make the probability of the password being guessed sufficiently unlikely. It always helps to vary the types of characters in your passwords, making them more difficult to guess as well, i.e. using numbers, capital letters, and special characters like ~!@#$%^& and *.
- Use different passwords for different purposes i.e. do not reuse passwords.
- For security reason, you are advised to change the initial password after the first access. It is also advisable to change your password on a regular basis.
Keep your online section secure
- Be cautious about accessing to your account information or performing sensitive transactions on public computers; make sure you use public computers at a reputable provider - if the PC is not properly secured, hardware and software can be modified to capture keystrokes and other data that could disclose your personal information regardless of the security provided by the website.
- Do not open other Internet browser sessions and access other websites while you are assessing to your account information or performing sensitive transactions through the Internet.
- Ensure that others are not looking at your keyboard over your shoulder when you enter your PIN or password, or access to your personal information. This is particularly important at public internet access locations.
- Do not check the box that asks your computer to "remember your passwords" or use "auto complete" function of your browser. That defeats the security of passwords. When you have finished with any secure online session (such as accessing to your account information), please remember to log-off and close your browser window, and clear your browser's cache files so that your personal information is not stored in the computer, particularly when using public internet access services.
For enquiries, or reporting on suspected phishing cases relating to FWD, please email to ITServicedesk.firstname.lastname@example.org or call our FWD Customer Care on 1500525.