Protecting Yourself Online
Users are advised to remain vigilant for evolving security threats. If you have at any time been denied access to our website, we urge you to seek professional IT advice or contact us immediately.
CCRManager will not make unsolicited requests for customer information through e-mail or on the phone unless it is
the customer who initiated the contact.
Under no circumstances will CCRManager staff be asking customers to reveal passwords or equivalent secure credentials.
Being Aware of Phishing
Phishing (pronounced “fishing”) is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.
Common techniques that are used by the phishing fraudsters include, but are not limited to the following:
- Using false email addresses, logos, and graphics to mislead you into accepting the validity of the emails and web sites.
- Faking domain names to appear to be representing CCRManager.
- Frauding users into providing personal details through one or more methods such as hyperlinks to fake websites or embedded forms in emails.
Keeping Yourself Secure
Below advices are additional tips to upkeep cyber security at personal level:
- Keep your device operating system and web browser current. Perform regular system updates for your device, operating system and applications.
- Install anti-virus, anti-spyware and firewall software into your devices, keep it updated and run malware scans regularly to prevent infections.
- Do not access your account on any device or network which cannot be trusted.
- Remove file and printer sharing in suspected computers, especially when they are connected to internet.
- Do not hack or modify your mobile device. Doing so can make your mobile device more prone to viruses and malicious software.
- If the function is available, turn on the password/PIN function in your mobile device and make sure that you use a strong one. This function protects your mobile device so that no one else can use it.
- Consider creating and using an account with limited privileges instead of an ‘administrator’ or ‘root’ level account for everyday tasks.
- Refrain from clicking on banners and pop-up ads that entice you with freebies or suspicious advertising.
- Do not download and install software from unknown websites.
- If you are using wireless network devices, ensure that the transmission is secure and avoid insecure networks.
- Delete junk or chain emails.
- Do not open web links or email attachments from unknown sources.
- Use caution when opening email attachments or when using peer-to-peer file sharing, instant messaging, or chat rooms.
- Don’t enable file sharing on network interfaces exposed directly to the Internet.
- Do not disclose personal, financial or account information to little-known or suspected websites or individuals.
- Certificates are most commonly used for securing communications (HTTPS) on websites. A warning or error message may be presented by web browsers when you access a site that has a security certificate installed (for SSL/TLS data encryption) that cannot be verified by the browser. Browsers are made with a built-in list of trusted certificate providers. If the browser provides you with such warnings (sample), you are encouraged to:
- Sign out from any ongoing/concurrent sessions with CCRManager
⁃ Discontinue activity on the website
⁃ Report your findings to relevant parties as well as CCRManager Support.
- Check that you are using official CCRManager websites. You can check by clicking on the padlock icon in your web browser and ensuring that the identity of the site is verified as the specific website in the digital certificate.
- Always personally enter the domain (example: www.ccrmanager.com) when logging onto websites – do not accept links or redirections from other websites or media for the purpose of logging onto CCRManager.
- Clear your cache and history after each login session.
- Never leave your session unattended and log off your online session after use.
- Check your last login details and notify us if you notice any doubtful logins.
- Access your account and transaction history regularly and report any discrepancy.
- CCRManager uses an additional layer of authentication before anyone is allowed access to the platform, called 2-Factor Authentication (2FA). With 2FA, should your User ID and Password be compromised for any reason, an “intruder” will also need to complete a 2FA process successfully before accessing your account online.
- Select a unique Password that is different from your personal information such as your telephone number, date of birth or other guessable personal information.
- Your password should be at least 8 characters and include both alphabets as well as numbers.
- Try not to use sequential numbers (eg. 123456) or include your exact user-name into your Password.
- Do not use the same Password for different web-based services or applications.
- Do not write your Password down or store it in any computer storage devices: It is best you memorize your Password.
- Change your Password regularly or when there is any suspicion that it has been compromised or impaired, by using ‘Change Password’ feature.
- Do not enter your Password into any device you are not familiar with, or that you are unsure of its security credibility.
- When asked by your device or web browser to store your User ID and Password, always click on ‘No’.