| This article is written in collaboration with Standard Chartered Bank (Singapore) Limited. All views expressed in the article are the independent opinions of The Milelion. All information provided is for informational purposes only and is not intended to be construed as advice or an offer for any product or service. Standard Chartered is not liable for any informational errors, incompleteness, delays, or for any actions taken in reliance on information contained herein. |
Ever since I started watching Mr Robot, Iโve become rather paranoid about cybersecurity. Even though I very much doubt that my collection of fluffy kitten photos and tasteful gym selfies would be of interest to the average cyber-felon, my banking credentials, credit card information, and loyalty program balances certainly are.
So itโs never a bad idea to take some basic precautions when banking, shopping, or transacting with your loyalty program online. While thereโs nothing as fulfilling as same-day delivery, thereโs nothing as annoying as finding out your credit cardโs been compromised (โWaitโฆyou mean to tell me there are bad people on the interweb?โ).
In this post, Iโll talk about some simple things you can do to stay safe online.
Subscribe to transaction alerts
The easiest way to keep tabs on all the activity on your credit or debit card is to subscribe to transaction alerts. That way, youโll know immediately if an unauthorized transaction has taken place.
For Standard Chartered customers, subscribing to card transaction alerts is a quick and one-time affair. Login to internet banking, hover the mouse over your name in the top right hand corner, and select โAlerts & SMS Bankingโ.
Youโll be redirected to the mobile services portal. Hereโs where youโll register for SMS Banking (if youโve not already done so), and set up SMS & email alerts.
To set up a transaction alert for your credit card, click โAlert Settingsโ, select โCredit Cardโ and then โView Alertsโ.
Youโll be prompted to choose the card you want to set up alerts for. Select it, then click โCustomized Alert Conditionsโ, and โTransaction Alertโ.
Hereโs where you can set the specific threshold above which a transaction will trigger an SMS/email alert. By default itโs set to S$500, but you can adjust it all the way down to 1 cent if desired, ensuring that youโll get an alert for every transaction made.
Look for the padlock symbol (Https)
See that padlock symbol in your browserโs address bar? Itโs not just there for cosmetic reasons. This symbol means that the connection between your web browser and the website server is encrypted, so even if the data were intercepted, it would not be possible to make sense of it.
You should look out for this symbol on all online e-commerce sites you shop atโฆ
โฆas well as any internet banking portal. If the symbol is missing, donโt even think about entering any personal information.
To be clear however, the padlock symbol is the bare minimum you should be looking out for- it does not mean โsee padlock= website OKโ.
As security firm Malwarebytes points out, a secured connection counts for very little if the underlying site is itself fraudulent! Criminals know that some people are hardwired into associating the padlock symbol with safety, and set up their websites accordingly- itโs been reported that 74% of all phishing sites use a secured connection.
Therefore, itโs important to exercise common sense and inspect the website address to ensure youโre browsing the real thing.
Look out for phishing websites and emails
You may receive an email telling you that your account has been compromised, and you need to follow a particular link to secure it. Clicking the link sends you to a familiar looking site that prompts you for your login details and 2FA code (if any)โฆthen promptly steals them.
Take the website above- it may look like PayPal, but on closer inspection, itโs anything but. The URL should be a dead giveaway- instead of paypal.com, itโs showing security-paypal-center.com. This is a common tactic used by scammers, in the hope that people will focus on the visual similarity of the website, as opposed to looking closely at the URL.
Other telltale signs of a phishing website are spelling/grammar mistakes, broken English, low-resolution images, and the use of a different top-level domain (.net instead of .com, for example).
When in doubt, Googleโs Safe Browsing site status checker can be a useful tool for checking if a website may host suspicious content.
Store your credit card details with trusted merchants
If youโre making a one-time purchase on a site youโll probably never use again, it makes little sense to store your credit card information. This just creates an additional vector through which you may be compromised.
However, saving your credit card details in an app or website is probably unavoidable in this day and age (imagine having to enter your 16-digit card number every time you want to order food or hail a cab). The key is to be judicious about where you do so; major e-commerce sites are probably safer bets than mom-and-pop operations.
Donโt overshare
Be careful what you post on social media. Pictures of receipts and order confirmations may contain personal information (e.g your mobile number) that a hacker could use to compromise your other accounts. And as tempting as it may be to post a photo of your boarding pass on Instagram (#travelgoals), thereโs a frightening amount of personal information printed on it. Someone with malicious intentions could use the information to change your seats or meals, or even cancel your flight.
If youโre reaching out to a merchant for customer support through their social media pages, never post any personally identifiable information on their public page- always send this via DM.
Shop on sites which use 3DS-OTP
If youโve shopped online before, youโll no doubt have encountered 3DS-OTP authentication. This additional step helps to further reduce fraud, because even if your card number is compromised the hacker wonโt be able to complete a transaction without access to your phone.
However, 3DS-OTP is not implemented on all websites. Look out for the โVerified by Visaโ or โMastercard SecureCodeโ icons when shopping for an extra layer of security.
Special offers for Standard Chartered cards
Iโve previously written about how COVID-19 affects the miles versus cashback equation, and for those choosing cashback, Standard Chartered has two main options: the Spree and the Unlimited Cashback Card.
 |
 |
|
| Spree Card | Unlimited Cashback Card | |
| Online Foreign Currency Spend | 3% cashback | 1.5% cashback |
| Online Local Currency Spend | 2% cashback | 1.5% cashback |
| All other spend | 1% cashback | 1.5% cashback |
| Cashback Cap | S$60/month | None |
| T&Cs | Link | Link |
| Apply Here | Link | Link |
The Spree earns a higher cashback rate for online shopping, but is subject to a cap each month. The Unlimited has a lower cashback rate than the Spree for online shopping, but more on other categories (except excluded transactions) and with no cap.
Standard Chartered is also offering Milelion readers a special acquisition offer of S$100 cashback when approved for either a Spree or Unlimited Cashback Card (usual: S$80). This will be credited to your account upon activating the physical card (T&Cs apply).
If youโre a Standard Chartered customer, do make sure to download the SC Mobile app, which allows you to monitor and authenticate your transactions, track your spending, and receive alerts.
Conclusion
Thereโs plenty of other simple habits you can form to keep your online balances safe, like using strong passwords and 2FA (supported by more and more loyalty programs too, including Singapore Airlines KrisFlyer). At the end of the day, however, your best defense is common sense.
Online shopping, banking and loyalty account management are no doubt great conveniences, but things can quickly go wrong if you donโt take the proper precautions. Some of these may seem excessive, paranoid even, but trust me: a minor inconvenience is better than a major loss.
Dude. Everyone know youโre safe from the FBI when youโre using incognito mode.
Enjoyed reading until cb cards turned up. Yuck!