Dangers of Malware
Most online banking systems require a 2-step verification process. Recently, there is malware that will re-direct you to a phishing site that looks exactly like your bank's webpage. Here, you will log in using the password generated by your token. Crooks stand ready on the back end of that site. They immediately use your token to log onto the real site and make immediate transfers. Within 15 minutes, a lot of your money has left your account. See UOB's advisory on how to recognise this type of phishing site.
It is important to prevent malware from taking up residence in your computer.
Emails That Dupe You Into Clicking On Malware Links
Variously, these emails state...
(1) Unless you click on the link, your account will be deleted/suspended.
(2) Click on the link to get a good deal from NTUC / Cold Storage / Amazon.
(3) Click on the link to get a security update.
(4) Click on the link to read tips to guard against online fraud.
I normally will simply delete such emails. Any unsolicited emails from Amazon, Pinterest, NTUC, CPF, Cold Storage, banks... whatever, I will immediately delete without reading. However, this morning, in order to write this post, I clicked on Show Details above.
Note the email address. It has been adulterated to read "@explore.pinterest". This email is therefore NOT from Pinterest.
Suspicious PayPal Emails and Calls
Almost on a daily basis, I had been receiving PayPal emails that look legitimate. These emails are from email@example.com or firstname.lastname@example.org. These emails are NOT from PayPal. The adulterated email addresses make it clear. Recently, I logged onto the webmail service of my email provider and added all these suspicious emails to the Blocked Senders group along with a host of unwelcome advertisement email addresses. I also report the suspicious email addresses as "phishing" emails to my email provider so that it can block them from other people's accounts.
Use Apple Devices (but do NOT Jailbreak them)
We have transited everyone in the family to iMac, Macbook, iPad or iPhone. Old android or PC devices are never used for money transactions. If you do not jailbreak your Apple devices, the only way to load software is through Apple Store. Apple Store will test/qualify the new apps. Sometimes, viruses do get past Apple and make it into Apple Store BUT the moment it is found out, Apple will release iOS updates to deal with it.
These measures do not entirely remove the risk of malware loading onto our computers but they do reduce the risks by a lot.
Further, to be absolutely kiasu... if I receive emails from friends/contacts that look suspicious, I use ONE iPad to log into the webmail site and click to open. I don't even open it in the iPad email app itself. It is always the same iPad that I use for this. This iPad is never used for money transactions.
It is my Dirty iPad.
I also receive calls from PayPal to verify details on the phone. I always tell them that I will never answer such questions on the phone.