As a global financial institution, FWD is always concerned about security. The growth of the Internet has offered greater flexibility for all of us, but it also brings new risks that we must be aware of and guard against. FWD provides the following general information to address any concerns that you may have around online security.
FWD makes every effort to provide optimal security to your data and to all transactions as protecting our clients is just good business for us. However, no matter how hard we work, there are still some risks online, and you can take some action to protect yourself. Here we provide some information to help you to protect yourself.
From time to time we will provide information on security related issues that we feel you should be aware of. These security updates will be presented on this page.
A phishing attack is an online fraud technique which involves sending official-looking electronic messages (eg. SMS, email) and branding that all appear to come from legitimate banks, insurance companies, retailers, credit card companies, etc. Such messages typically contain a hyperlink to a spoof website and mislead account holders to enter their sensitive personal information, such as account number, PIN, security code or one-time passwords (OTPs) on the pretence that security details must be updated or changed. Once you give them your information, criminals can use it to log into your actual account and steal your money. It is important that you should be alert to any messages asking for your information, do not disclose sensitive personal information or account credentials through unauthorized channels; see more on "FWD's Standard Practices" in the next section.
You may have already heard of 'advance fee fraud', where emails offering large sums of money are sent to thousands of email addresses, but a modest "fee" is required in order to cover legal fees, account opening or customs charges. Sometimes the money offered is a result of a lottery for which you have never bought a ticket. Sometimes the money is held in an account overseas but the account owner cannot access it, they promise a percentage of the money in return for your help. In both cases, you may be requested to pay various fees in advance. Do not respond to these emails. They are part of a fraud and you will not receive any of the promised money.
FWD may communicate with clients by emails and instant messaging applications (e.g. SMS, WhatsApp, WeChat, etc. FWD will address you by name in emails that require response from you through email or any action from you over the internet. FWD will not embed hyperlinks in instant messages that directly take you to a webpage requesting you to log on or enter sensitive personal information. If you are in doubt about the legitimacy of any email or instant messages that you have received purporting to be from FWD, you should contact FWD immediately. For contact details, please refer to the section of "Contact Information" of this document.
You should pay close attention to the URL (website address) of the site you are visiting to make sure it is actually the site you believe it to be. Clients must be sure that the website they are entering really belongs to FWD. You should also check that the website you are going to access to your account information or perform transaction is a secured website. The URL will begin with “https”. If the URL begins with “https:”, the secure lock icon, that is a small padlock, will appear on the lower right-hand corner of the status bar of the browser. This padlock means that data is transmitted to and from this site with encryption. Double-click on the padlock icon to see the details of the security certificate. The certificate shows the owner of the website. Check that the details and validity are correct. Be sure that the URL on the certificate matches the URL of the webpage that you are visiting. FWD works with well known certification authorities such as Verisign, Global Sign and Thawte. Make sure you use the FWD official website or mobile app. If you have any doubts about a website, you should contact FWD as soon as possible to verify it.
Your account / customer number, policy number, PIN, memorable date and customer identification number are the keys to your account. Never write them down, give them to anyone else or include them in an email. Remember that protecting your Customer Number, PIN and security details is your responsibility.
Office of the Government Chief Information Officer – Information Security (InfoSec) website
https://www.infosec.gov.hk
Hong Kong Police Force – CyberDefender
https://cyberdefender.hk
For enquiries, or reporting on suspected phishing cases relating to FWD, please call our Customer Service Hotline on:
FWD Life Insurance Company (Bermuda) Limited | (852) 3123 3123 |
FWD Life (Hong Kong) Limited | (852) 2199 1000 |
FWD Life Assurance Company (Hong Kong) Limited | (852) 2199 1000 |
FWD Financial Planning Limited | (852) 2850 3499 |
FWD Financial Limited | (852) 3123 3338 |
FWD Life Insurance Company (Macau) Limited | (853) 8988 6060 |