Phishing is one of the most common form of cyberattack whereby scammers disguise themselves as a trusted entity and tricks a victim into opening a malicious link to steal user data, including login credentials and credit card numbers.
How to protect yourself?
Smishing is a form of phishing attack which involves a text-messages (SMS/WhatsApp). Scammers will send misleading text messages to trick you into believing that a message has arrived from a trusted person or organisation and convince you to take action that gives the scammer exploitable information (login credentials, policy number) or access to your device.
Scammers often use good news (i.e promise of free gifts, exclusive offers etc.) to trick you into taking action.
How to protect yourself?
Vishing is another common form of phishing whereby scammers use savvy social engineering tactics to convince victims to act and, in the process, give up private information and access to accounts.
Often, the caller will pretend to be calling from the government, tax department, police, or trusted organisations and use threats and convincing language to make the victim feel as though as they no other option then to provide the information being asked of them.
How to protect yourself?
To ensure the confidentiality of your password, we recommend the following:
Note: No staff of ERA should ever need to ask you for your password for any reason.
Protect your computer against viruses and malicious programs.
You should exercise precaution to protect your PC against viruses. Besides damaging and/or destroying data, some of the viruses (e.g. Trojan Horse) can capture your password keystrokes as well as other personal information and transmit the data to a third party without your consent. To prevent against viruses and possible hacking, you should:
Exercise Vigilance against SPAM and Phishing
SPAM and Phishing attacks are increasingly prevalent in email communications that result in misleading communications, deceptive marketing and identity theft.
Exercise vigilance and adhere to the following guidelines:
Always update internet browsers to the latest version so that you have the most updated security features available.
As a form of added security, clear your browser’s cache and history after each session so that your account information is removed.
Legitimate ERA websites are represented by the lock icon which demonstrates that the website is secured by digital certificates issued by a trusted certificate authority. A valid certificate provides assurance that the website is genuine and not spoofed by malicious threat actors.
You can click on the icon to view the details of the certificate such as the issuing party, validity period, etc.
When accessing ERA website, always personally and directly enter the relevant website address in the browser address bar to ensure that you are on ERA legitimate website. Do not login via any hyperlinks within emails.
You can prevent any User ID/Password from being stored in your browsers by de-activating the function:
Launch your Web Browser
If you’ve forgotten your password, you can go to myERA portal page https://my.era.com.sg to reset your password.
ERA Administration has just sent the reset password link to
» «
If you have questions or comments,please contact
6226 2000 during office hour for assistance.