We are continually reviewing and upgrading our security measures so that you can have confidence in our online services. We have invested in a number of measures that help protect you online, for example: secure encryption and validation.

Our website uses encryption technology, indicated by the padlock symbol at the top (or bottom) of your screen when accessing the data on the site.

If you use a web browser such as Microsoft Internet Explorer, Mozilla Firefox, Chrome or Safari, due to the additional certification we have in place, you may also see the address bar turn green to show you are on a genuine, secure site. We recommend that whichever web browser is used, you keep it up-to-date.

Whilst we do all we can to make our online service secure, there's also a lot you can do to help protect yourself.

1. Safeguard your PC, mobile device and personal data
Ensuring that your PC is well protected is a critical step in protecting your personal details. Ensure you have a firewall, anti-virus and anti-spyware software installed on your computer and that this is kept up-to-date.

2. Don't write down passwords
Never divulge your username or password to anyone and avoid writing them down. Consider using one of many password vaults available on the Internet to store your passwords, but read reviews and get recommendations first.

3. Change your password regularly
Regularly changing your password can be one of the best defences against someone else accessing your account. Use a different password for every online account.

4. Treat emails with caution
Never respond to unsolicited emails requesting your security details. We will never ask for your security details via email. See "How to spot suspicious emails".

5. Don't send your personal information by email
Email is inherently not a secure method of communication. You should never send any personal or account information this way.

6. Use secure networks
If you connect to the Internet via a wireless network make sure it's a secured Wi-Fi network (tip - look out for the padlock icon in your browser). If you use a Wi-Fi network that is not secure, be careful about accessing websites that require you to log in with your personal details, or viewing any sites that may show your personal information. No matter how good your anti-virus software and other methods of protection are, if the network is not secure it is open to others to access too. It is therefore possible for your information to be fraudulently obtained.

7. Keep up-to-date
Checking this site and others, regularly, will help keep you up-to-date with online security and financial crime related matters. See Where to get more online security information and guidance

No reputable company will ever ask you to confirm personal or account details (such as passwords) by sending you an email. If you ever receive an email, appearing to be from Invesco, asking you to do so, please contact us immediately.

It can be incredibly difficult to spot a fraudulent email. If you are ever in any doubt as to the authenticity of an email from Invesco, please call us at (852) 2842 7878 first, before clicking on any links in the email.

Phishing emails
Phishing emails will copy logos and styles in an attempt to appear genuine. The message may urge you to click on a link within the email which will then direct you to a 'spoof' website that looks like a genuine web page. The website may ask you to enter security details such as account numbers, usernames and passwords. By doing so you may give the fraudsters access to your accounts. If you log in to a website that doesn't have a padlock symbol in the address bar of the internet browser to identify if the website is real be suspicious.

False sense of urgency
Most phishing emails try to deceive you with the threat that your account will be closed or somehow incapacitated if it's not updated right away. An email that urgently requests you to supply sensitive personal information may be fraudulent. Don't be pressurized. If you are unsure make enquiries before taking any action.

Fake links
Many phishing emails include website links that look authentic but instead direct you to a fraudulent website that may or may not have a website address different from the link originally displayed. Always check where a link is going before you click by moving your mouse over the link in the email. Beware if this is different from what is displayed in the text of the link in the email. If it looks suspicious, don't click it.

Attachments
Similar to fake links, attachments can be used in phishing emails and are dangerous. Never click on an attachment from an unknown source. It could cause you to download spyware or a virus. Invesco will never email you an unsolicited attachment or a software update to install on your computer.

Exchanging information via email is not a secure method of communication. For this reason, Invesco will apply proper protection mechanism in our email, so as to protect any account specific or personal data in our emails to you. And we won't act upon instructions, received by email, to change your personal details. Forms for changing details on your account can be found on our website; just go to "Forms & Procedures". Alternatively, you can call us on (852) 2842 7878 and we'll send the forms out to you.

Be suspicious if you receive an email asking you to click on a link to update your details. Do not click on the link.
 
Invesco will never ask you to send any account specific information by email. If you are in any doubt as to whether the email is from Invesco, please call us on (852) 2842 7878.

More help and support on cybersecurity and technology crime issues can be found on the following, external websites.

Online Security Guidance

The Cyber Security Information Portal (CSIP)
CSIP  is a unique resource providing practical advice and step-by-step guidelines for general users, small and medium enterprises (SMEs), and schools to conduct health check on computers, mobile devices and websites as well as to learn tips and technique to guard against cyber-attacks. CSIP also keeps you up to date with highlights of public events, expert advices and stories contributed by professional organisations.

http://www.cybersecurity.hk

InfoSec Website
InfoSec Website is established to serve as an one-stop portal for the general public to effectively access information and resources on information security as well as measures and best practices for prevention of cybercrimes. In InfoSec website, you will find useful information and resources on information security, such as the latest security news and events, information security technical papers and reports, recent phishing attacks, the latest virus alerts and other related information.

http://www.infosec.gov.hk/

Technology Crime
The Hong Kong Police Force, Cyber Security and Technology Crime Bureau (CSTCB) –is responsible for handling cyber security issues and carrying out technology crime investigations, computer forensic examinations and prevention of technology crime. The CSTCB web page can help you learn more about information on technology crime. It is where you should report fraud if you have been scammed, defrauded or experienced cyber-crime.

http://www.police.gov.hk/ppp_en/04_crime_matters/tcd/index.html