myERA Login

Security Advisory

We have security measures to keep your privacy as secure as possible.

TYPES OF SCAMS

Phishing is one of the most common form of cyberattack whereby scammers disguise themselves as a trusted entity and tricks a victim into opening a malicious link to steal user data, including login credentials and credit card numbers.

How to protect yourself?

  • Verify legitimacy of sender’s email address / identity.
  • Stop and think prior to taking any actions.
  • Do not click on any malicious links and/or attachments.
  • If the sender/caller claims to be an ERA real estate salesperson/agent, you may verify his/her identity using CEA’s public register at https://www.cea.gov.sg/aceas/public-register/sales/1 and key in the name or mobile number.
  • If the sender/caller claims to be from ERA, you may contact us at 6226 2000, Mondays to Fridays between 9.00 am and 6:00 pm excluding Public Holidays to verify the authenticity of the call/message. Otherwise, you may email to [email protected].

Smishing is a form of phishing attack which involves a text-messages (SMS/WhatsApp). Scammers will send misleading text messages to trick you into believing that a message has arrived from a trusted person or organisation and convince you to take action that gives the scammer exploitable information (login credentials, policy number) or access to your device.

Scammers often use good news (i.e promise of free gifts, exclusive offers etc.) to trick you into taking action.

How to protect yourself?

  • Verify legitimacy of sender’s phone number / identity.
  • Stop and think prior to taking any actions – if it is too good to be true, it is usually a scam!
  • Do not click on any malicious links and/or attachments.
  • If the sender claims to be an ERA real estate salesperson/agent, you may verify his/her identity using CEA’s public register at https://www.cea.gov.sg/aceas/public-register/sales/1 and key in the name or mobile number.
  • If the sender claims to be from ERA, you may contact us at 6226 2000, Mondays to Fridays between 9.00 am and 6:00 pm excluding Public Holidays to verify the authenticity of the call/message. Otherwise, you may email to [email protected].

Vishing is another common form of phishing whereby scammers use savvy social engineering tactics to convince victims to act and, in the process, give up private information and access to accounts.

Often, the caller will pretend to be calling from the government, tax department, police, or trusted organisations and use threats and convincing language to make the victim feel as though as they no other option then to provide the information being asked of them.


How to protect yourself?

  •  Verify legitimacy of caller’s phone number / identity.
  • Do not reveal any confidential personal information and end the call immediately if you are unable to verify the legitimacy of the caller.

GENERAL SECURITY TIPS

To ensure the confidentiality of your password, we recommend the following:

  • Create a password that is at least 8 alphanumeric characters long containing a combination of letters (A-Z) and numbers (0-9).
  • Select a unique password to make it difficult for anyone to guess. Avoid using common phases and easily obtainable personal information in your passwords such as:
  • Partner’s name
  • License Plate Number
  • Phone number
  • NRIC Number
  • Date of birth
  • Avoid using sequential numbers (e.g. 123456) or the same number more than once (e.g. 121145).
  • Avoid writing down your password or storing it in a computer, mobile phone or any unprotected media.
  • Change your password regularly.
  • Memorise your password. If you suspect it has been revealed to others, change it immediately.
  • Never reveal your User ID and password to anyone.

Note: No staff of ERA should ever need to ask you for your password for any reason.

Protect your computer against viruses and malicious programs.

You should exercise precaution to protect your PC against viruses. Besides damaging and/or destroying data, some of the viruses (e.g. Trojan Horse) can capture your password keystrokes as well as other personal information and transmit the data to a third party without your consent. To prevent against viruses and possible hacking, you should:

  • Avoid using preview features of Outlook and other PC mail programs.
  • Only download information/files from websites that have been verified to be authentic and safe.
  • Equip your PC with the latest personal firewall software to protect against hackers and viruses and ensure that you update it to the latest version when it is available.
  • Equip your PC with the latest virus detection software and update your PC virus definition file regularly.
  • Do not open any email or attachment from an unknown sender. Delete the email immediately.

Exercise Vigilance against SPAM and Phishing

SPAM and Phishing attacks are increasingly prevalent in email communications that result in misleading communications, deceptive marketing and identity theft.

Exercise vigilance and adhere to the following guidelines:

  • Understand what SPAM, Phishing attacks or suspicious emails look like. They are often generated from obscure email addresses and recent examples we have include: [email protected]; [email protected]: [email protected] and [email protected]
  • Do not click on email, Web links or “shortcuts” from unknown or suspicious senders.
  • Beware of email requesting confirmation of receipt of messages and personal information, such as bank accounts and credit card information. Contact the purported sender by means other than email to confirm the authenticity of the message.
  • Do not contribute to SPAM and refrain from forwarding or “replying to all” for chain and junk email.
  • Do not respond to email claiming to have identified a problem with your user identity, email address, employment status, credit or account. These communications are typically hoaxes seeking to extract information that may result in identity theft.
  •  Avoid conducting any personalised or sensitive transaction using the Internet access provided by public places.
  • This is to minimise the possibility of hacking and viruses.

Always update internet browsers to the latest version so that you have the most updated security features available.

As a form of added security, clear your browser’s cache and history after each session so that your account information is removed.

Legitimate ERA websites are represented by the lock icon which demonstrates that the website is secured by digital certificates issued by a trusted certificate authority. A valid certificate provides assurance that the website is genuine and not spoofed by malicious threat actors.

You can click on the icon to view the details of the certificate such as the issuing party, validity period, etc.

Make sure that the URL is preceded by “https://”. You can check for security information about the site by clicking on the lock icon displayed at the browser bar.

When accessing ERA website, always personally and directly enter the relevant website address in the browser address bar to ensure that you are on ERA legitimate website. Do not login via any hyperlinks within emails.

You can prevent any User ID/Password from being stored in your browsers by de-activating the function:

Launch your Web Browser

  • Search for Tools / Settings / Options / Preferences.
  • Go to autofill / passwords / privacy and security / advanced settings.
  • Uncheck or turn off save passwords feature.
  • Remember to save your changes.

myERA Login

Need Assistance?

 +65 6226 2000
or email us at
[email protected]