Security Awareness and System Management
The BondbloX Bond Exchange is established and operated by Bondevalue Pte. Ltd ("BondEvalue"). BondEvalue is regulated by the Monetary Authority of Singapore as a Recognised Market Operator ("RMO") and exempted from Section 49(1) of the Securities and Futures Act (Cap. 289) ("SFA") under Section 49(7) of the SFA.
Your platform security and protection is BondEvalue’s primary concern. We continually strive to provide a high standard of security for our platform and services and find new ways to improve. In this page, we have provided helpful security awareness tips to educate you on the many ways to maintain a smart and safe user experience.
User ID and Password Management
- Keep login credentials (user IDs, passwords, and any security devices) confidential and in a safe place.
- Please set a password with at least 10 characters.
- Do not keep written login and password information in any place where others can view or access.
- Choose complex passwords. Remember the longer the password, the harder it is to break.
- Always use a unique combination of upper case, lower case, numbers, and special characters.
- Change your password periodically.
- BondEvalue or its representatives will never ask for your login credentials.
- Do not reveal your one-time password to anyone.
- Do not store your passwords in the browser or mobile device.
Computer System Security
- Clear your browser cache after each online session to ensure that any sensitive data is purged from the browser.
- All computers and networks should be equipped with updated and reliable Antivirus, Malware, and Spyware detection software.
- Set your antivirus software to automatically update to the newest version so the software’s list of viruses can stay current. The automatic update option can usually be found in the software’s configuration settings.
- Use the antivirus, malware, and spyware software to scan emails.
- Beware of unusual system performance, such as program failures, multiple browser window popups, or random computer restarts, which could indicate that someone is attempting to take control over your computer or mobile device.
- Keep your computer Operating System (OS) current and updated.
- Always verify the origin of the software that you are installing and do not install it if you are unable to do so.
- Please avoid using public computers like internet kiosks or internet café as they may be infected with malicious software like viruses or trojans.
Suspicious Websites, Emails, Advertisements or Pop-up Windows
- Hackers may send fraudulent emails to attempt to get you to reveal your usernames, passwords, or other information such as account numbers. Delete junk or chain emails, and do not reply to the emails with your information or open the attachments.
- Before entering your BondbloX username and password, you should always ensure that the website is a BondbloX website. You can verify this by checking the website address which should show bondblox.com.
- This is to ensure that you are not revealing information to a website that may have been spoofed.
- You can also verify the authenticity of the website by clicking on the padlock icon on the BondbloX website. This can be found next to the search bar of your browser.
- This means that the website is verified by a third party and is secure.
- If at any time you see a similar warning, do not proceed with the website. Contact us at firstname.lastname@example.org for further assistance.
General Best Practices
- Review the transaction statement promptly and carefully.
- Only divulge personal information to someone if you are positive of their identity and only if you initiated the contact.
- Please log out of the trading application when you are done. Closing your browser without logging out may allow the next person to use your computer to access your account.
- Backup your information regularly to prevent loss of information and consider the use of encryption technology to protect sensitive or critical information.
- If you are printing your account statements or account information using a shared printer, please collect your printout immediately.
- Shred all documents containing personal information.
- If you suspect your BondbloX account has been compromised, please change your password, and notify us immediately. You can contact us at email@example.com.
Identifying and Reporting Phishing Email
- Phishing is a cybercrime where a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details and passwords.
- The information is then used to access important accounts and can result in identity theft and financial loss.
- Here are a few steps to identify and report any such emails and stay safe from them:
- Too Good to Be True - Lucrative offers, eye-catching or attention-grabbing statements are designed to attract people’s attention immediately. For instance, some may claim that you have won an iPhone, a lottery, or some other lavish prize. Just do not click on any suspicious emails. Remember that if it seems too good to be true, it probably is!
- Sense of Urgency - A favourite tactic amongst cybercriminals is to ask you to act fast because the super deals are only for a limited time. Some of them will even tell you that you have only a few minutes to respond. When you come across these kinds of emails, it's best to just ignore them. Sometimes, they will tell you that your account will be suspended unless you update your details immediately. Most reliable organizations give ample time before they terminate an account and they never ask patrons to update personal details over the Internet. When in doubt, visit the source directly rather than clicking a link in an email
- Hyperlinks - A link may not be all it appears to be. Hovering over a link shows you the actual URL where you will be directed upon clicking on it. It could be completely different, or it could be a popular website with a misspelling, for instance www.bankofarnerica.com - the 'm' is an 'r' and an 'n', so look carefully.
- Attachments - If you see an attachment in an email that you weren't expecting or doesn't make sense, don't open it! They often contain payloads like ransomware or other viruses. The only file type that is always safe to click on is a .txt file.
- Unusual Sender - Whether it looks like it is from someone you do or do not know, as long as it seems out of the ordinary, unexpected, out of character or suspicious, don't click on it!
- If you have received an email supposedly from BondEvalue or BondbloX which you are unsure about, you can send your queries to:
- Email: firstname.lastname@example.org
- Call us at: (65) – 9069 5276
- Also, if you know the sender, then contact and inquire with the sender to see if they indeed sent out that email.
- If you ever suspect that your BondbloX account has been compromised, please change your password immediately and notify us using the above means.