These recommendations are set out here as a guide to help you protect your Lyte account, your personal data, and other sensitive information.
Passwords and Device Security
Lyte recommends setting a secure, unique password for your Lyte account. Strong, unique passwords are critically important to ensure that your account is secure and that only you are able to access this account. Consider complex and longer passwords that will make it more difficult for hackers to obtain. Most importantly, never share your passwords with anyone.
It is important that you use a unique password so that if your password is obtained illegally from another website, your Lyte account stays secure. Avoid using personal information, common words, or common phrases as your password.
If using our websites, platforms, or services on a mobile device, consider setting device passwords or PINs, or the use of biometrics (TouchID, FaceID, Fingerprint Manager) to protect your device. This will help reduce the likelihood of unauthorised access to your Lyte account, especially in the event that your mobile device is lost or stolen.
Consider switching on the auto-lock function for your mobile devices, laptop, and desktops. This also reduces the likelihood of unauthorised access.
Automate software updates
Many software programs can automatically connect and update to defend against known risks. Turn on automatic updates on your mobile device if that option is available.
Use caution when downloading apps
Unknown or repackaged apps can contain malware designed to steal information from a mobile device. So always purchase or download apps from companies that you trust and check reviews. When installing new applications, review permissions and decide if you’re comfortable granting access to the application.
Enable “Find My Device”
If your phone, carrier, or antivirus software supports a “find my device” feature, activate it. This functionality can help you find your device if you lost or have it stolen. More importantly, you can remotely lock it or wipe it clean if necessary.
Phishing and Other Methods of Identity Theft
Phishing and spoof emails are emails that aim to obtain your personal information using deceptive means. Usually in the form of fake emails, criminals try to steal valuable information and data from you by replicating real websites, transactions, emails, or even people.
What is phishing?
Phishing is an attempt to steal your information by criminals who pretend to be representing a legitimate business to get you to disclose your personal data and other sensitive information.
Examples of a phishing attempt
- You receive an email that appears to be from a well-known company often that attempts to convince you to perform certain acts.
- You receive an email request asking you to act fast and to complete a form that looks to be hosted on a legitimate website.
- You receive an email that attempts to convince you to click on certain links that brings you to a fraudulent website.
- The fraudulent website mimics the company referenced in the email, and aims to trick you into volunteering sensitive, personal data.
How to spot phishing emails
- Ensure that the company logos are identical and genuine.
- Ensure that the email URL is the same as previous genuine communications.
- Obvious spelling and grammar mistakes tend to be a tell-tale sign of a phishing attempt
- You can hover your mouse over a link to confirm that the URL link appears genuine. When in doubt, do not click.
- If there is an attachment in the email, ensure that you are first expecting an attachment, then ensure that the file name and extension match your expectation.
- If the email requests that you act immediately or very quickly, and this is out of the norm, contact Lyte to verify.
Smishing – Phishing via text or SMS
Smishing is when a scammer sends a text or SMS message to your phone number with a fake phone number or URL.
The message is usually urgent, asking you to click a link to cancel a transaction or update your information, without further documentation or follow up from another reliable source. These messages may even be received through social media applications or other sites.
Example of smishing:
“Your LytePay account has been suspended due to suspicious activity. Please contact us immediately at +65 9234 5678. It is imperative that we speak to you immediately.”
Vishing – Phishing via voice call
Fraudsters may use automated systems to make voice calls, that report urgent account problems and ask for account information. This is called vishing.
Example of a vishing call:
“This is LytePay calling about a possible fraudulent transaction on your account. Please provide your password now to hear the transaction details. We need your immediate response to block an outgoing transaction.”
Never provide any account information unless you initiated the phone call to Lyte.
How to spot a fake “spoof” website
Check for these signs when you land on a website from a link that you think is suspicious: –
- Does your browser warn you that the site may be malicious? This development in web security is helping customers identify many phishing websites before they are accessed.
- Does the URL look overly complex or is something other than Lyte after www.?
- Is the design or logo out of date?
- To help ensure you’re on the real Lyte website, check your browser address bar for: –
- https:// not http://, the S is for “secure”
- Web security icon – a lock – in the browser address bar.
- Green text/shading or the green lock icon
- If you are a victim of phishing, vishing, or smishing
- If you think you are a victim of a scam, here are some steps to protect yourself: –
Run an anti-virus scan on your system to make sure that you didn’t pick up a virus. Make sure that your system and anti-virus software are up to date.
Change your account password and security questions immediately. Do this for your Lyte account, email account, and other online accounts.
Report it to the police, and your bank.
Regularly check your online account activity for unexpected or unusual activity.
Keep your software up to date
Software is complex and often has minor bugs that hackers seek to exploit.
Device makers and application developers provide updates to operating systems and applications regularly that fix known bugs. To help protect your systems and data from hackers you should install updates as soon as they become available and where possible enable automatic updates.
Turn on automatic updates for your system and applications, found in the Control Panel on Windows, under System Preferences on MacOS, or Settings on your Apple mobile device.
Use anti-virus software
Viruses or malware are malicious software that can be installed on your computer or mobile device through an infected file, unsafe download, or unpatched security vulnerability. Anti-virus software can help prevent the installation of new malware and will detect most malware if it does get installed.
What happens if malware or a virus is installed?
It can capture everything you type, like usernames and passwords to your email, Lyte, and other financial accounts.
It can read all the files on your system, including email, financial records, and personal information.
Malware can take over your system to send out spam emails or attack other people’s accounts, making your computer part of the problem.
Hackers will use or sell the information they obtain through malware, which can be used to steal your money or your identity.
How does anti-virus software help?
Anti-virus software reviews your system and will check incoming emails and downloads for malware.
It can also run scheduled scans to make sure nothing suspicious has snuck onto your system.
Remember to enable automatic updates, because the anti-virus developers are constantly identifying and addressing new threats.
Download with caution
Whether it’s software, an app or a file, make sure you only download from reputable websites or people you trust and check reviews for users reporting problems.
Last updated on 28 May 2020