Security advisory

Your well-being matters to us. We have security measures to keep your privacy and policies as secure as possible.

    How we protect you

    Types of scams

    General security tips

    Recent security advisories

AIA provides a Secure Zone icon (as symbolized by a 'lock' icon) within our site to reassure you that information transmitted from computer to our systems are encrypted according to the latest encryption standards.

Phishing is one of the most common form of cyberattack whereby scammers disguise themselves as a trusted entity and tricks a victim into opening a malicious link to steal user data, including login credentials and credit card numbers.
How to protect yourself?
  • Verify legitimacy of sender's email address/identity.
  • Stop and think prior to taking any actions.
  • Do not click on any malicious links and/or attachments.
  • If the sender/caller claims to be from AIA you may contact us at +673 2239112/3/4, Mondays to Fridays between 8:15 am and 5:00 pm excluding Public Holidays to verify the authenticity of the call/message.

For more tips on protection measures, please visit:
1. Cyber Security Agency of Singapore: Cyber Tip - Spot Signs of Phishing
2. Moneysense: Phishing Scam

Smishing is a form of phishing attack which involves text-messages (SMS/WhatsApp). Scammers will send misleading text messages to trick you into believing that a message has arrived from a trusted person or organisation and convince you to take action that gives the scammer exploitable information (login credentials, policy number) or access to your device.
Scammers often use good news (i.e promise of free gifts, exclusive offers etc.) to trick you into taking action.
How to protect yourself?
  • Verify legitimacy of sender's phone number/identity.
  • Stop and think prior to taking any actions – if it is too good to be true, it is usually a scam!
  • Do not click on any malicious links and/or attachments.
  • If the sender/caller claims to be from AIA you may contact us at +673 2239112/3/4, Mondays to Fridays between 8:15 am and 5:00 pm excluding Public Holidays to verify the authenticity of the call/message.

Vishing is another common form of phishing whereby scammers use savvy social engineering tactics to convince victims to act and, in the process, give up private information and/or access to accounts.
Often, the caller will pretend to be calling from the government, tax department, police, or trusted organisations such as AIA and use threats and convincing language to make the victim feel as though as they have no other option then to provide the information being asked of them. 
How to protect yourself?
  • Verify legitimacy of caller's phone number/identity.
  • Do not reveal any confidential personal information and end the call immediately if you are unable to verify the legitimacy of the caller.
  • If the sender/caller claims to be from AIA you may contact us at +673 2239112/3/4, Mondays to Fridays between 8:15 am and 5:00 pm excluding Public Holidays to verify the authenticity of the call/message.

To ensure the confidentiality of your password, we recommend the following:
  • Create a password that is at least 8 alphanumeric characters long containing a combination of letters (A-Z) and numbers (0-9).
  • Select a unique password to make it difficult for anyone to guess. Avoid using common phases and easily obtainable personal information in your passwords such as:
    • Partner's name
    • License Plate Number
    • Phone number
    • NRIC Number
    • Date of birth
  • Avoid using sequential numbers (e.g. 123456) or the same number more than once (e.g. 121145).
  • Avoid writing down your password or storing it in a computer, mobile phone or any unprotected media.
  • Change your password regularly.
  • Memorise your password. If you suspect it has been revealed to others, change it immediately.
  • Never reveal your User ID and password to anyone.
Note: No staff of AIA should ever need to ask you for your password for any reason.

Protect your computer against viruses and malicious programs.
You should exercise precaution to protect your PC against viruses. Besides damaging and/or destroying data, some of the viruses (e.g. Trojan Horse) can capture your password keystrokes as well as other personal information and transmit the data to a third party without your consent. To prevent against viruses and possible hacking, you should:
  • Avoid using preview features of Outlook and other PC mail programs.
  • Only download information/files from websites that have been verified to be authentic and safe.
  • Equip your PC with the latest personal firewall software to protect against hackers and viruses and ensure that you update it to the latest version when it is available.
  • Equip your PC with the latest virus detection software and update your PC virus definition file regularly.
  • Do not open any email or attachment from an unknown sender. Delete the email immediately.
Exercise vigilance against SPAM and phishing
SPAM and phishing attacks are increasingly prevalent in email communications that result in misleading communications, deceptive marketing and identity theft.
To assist you in continuing to enjoy safe transactions with AIA, we seek your ongoing vigilance and adherence to the following guidelines:
  • Understand what SPAM, phishing attacks or suspicious emails look like. They are often generated from obscure email addresses and recent examples we have include:; and
  • Do not click on email, Web links or "shortcuts" from unknown or suspicious senders.
  • Beware of email requesting confirmation of receipt of messages and personal information, such as bank accounts, Social Security numbers and credit card information. Contact the purported sender by means other than email to confirm the authenticity of the message.
  • Do not contribute to SPAM and refrain from forwarding or "replying to all" for chain and junk email.
  • Do not respond to email claiming to have identified a problem with your user identity, email address, employment status, credit or account. These communications are typically hoaxes seeking to extract information that may result in identity theft.

Avoid conducting any personalised or sensitive transaction using the Internet access provided by public places.
This is to minimise the possibility of hacking and viruses.

Always update internet browsers to the latest version so that you have the most updated security features available.

As a form of added security, clear your browser's cache and history after each session so that your account information is removed.

Legitimate AIA websites are represented by the lock icon which demonstrates that the website is secured by digital certificates issued by a trusted certificate authority. A valid certificate provides assurance that the website is genuine and not spoofed by malicious threat actors.
You can click on the icon to view the details of the certificate such as the issuing party, validity period, etc.

Whilst acessing AIA websites, make sure that the URL is preceded by "https://". You can check for security information about the site by clicking on the lock icon displayed at the browser bar.

When accessing AIA website, always personally and directly enter the relevant website address in the browser address bar to ensure that you are on AIA legitimate website. Do not login via any hyperlinks within emails.

You can prevent any User ID/Password from being stored in your browsers by de-activating the function:
Launch your Web Browser
  • Search for Tools / Settings / Options / Preferences.
  • Go to autofill / passwords / privacy and security / advanced settings.
  • Uncheck or turn off save passwords feature.
  • Remember to save your changes.

Notify our Customer Care Consultants at 1800 248 8000 or (65) 6248 8000 (from overseas), Mondays to Fridays between 8:45 am and 5:30 pm excluding Public Holidays.

See how vigilant you are against online scams

Take the national crime prevention council quiz!

Recommendation Prompt