How to protect yourself from phishing links

Your page is loading.
One moment please.

17 Jan 2022
SOURCE: CPF Board

 

desktop showing Yearly Statement of Account 2021 email

In this digital age, website links are a legitimate means for the Government to point citizens to useful services and information.

 

However, with the recent rise in scam or phishing attempts, it has become more important than ever before to verify links in emails, SMSes or WhatsApp messages before clicking.

To ensure that a link genuinely leads to the CPF website or another Government website, always check that the domain ends with “.gov.sg”.

 

A domain forms the first part of a URL. If a “https://” prefix is included in the URL, the domain comes immediately after it.

cpf website domain


Is this link legitimate?

Laptop-and-phone-showing-text-message.jpg

You may have received an SMS notifying you that your CPF Yearly Statement of Account is ready for viewing at cpf.gov.sg/latestysoasms.

 

You may have also received separate WhatsApp messages advising you not to click on the link because it is a scam.

 

Which of these messages should you trust?

 

Based on the “.gov.sg” rule, the link is actually legitimate and it is safe for you to click on it.

 

After you’ve clicked through to the webpage, please be extra vigilant before providing any sensitive information such as personal particulars or account login details. Look out for valid encryption certificates by checking for the green lock in the browser’s address bar.


How ready are you to detect phishing links?

Put your newfound knowledge to the test! Take this quiz to find out if you are now able to distinguish between credible links and scam attempts.

Information updated as of 22/07/2022